Developer Reference

Developer Reference

Complete reference for the Prova REST API

Swagger UI

Zero Setup

Anonymous tokens, no API keys or registration needed

Prova

Attested Outputs

Every response includes cryptographic attestation proofs

RESTful

Standard JSON REST API with OpenAPI/Swagger documentation

Quick Start
Get up and running in under 60 seconds
bash
# 1. Create an anonymous session
curl -X POST http://localhost:8000/v1/auth/anon \
  -H "Content-Type: application/json"

# Response: { "pseudonym": "anon-abc123", "token": "eyJ..." }

# 2. Delegate credentials and fetch attested data
curl -X POST http://localhost:8000/v1/fetch-and-attest \
  -H "Authorization: Bearer eyJ..." \
  -H "Content-Type: application/json" \
  -d '{
    "systemType": "epic_mychart",
    "portalUrl": "https://mychart.example.com",
    "username": "patient_user",
    "password": "s3cure_pass",
    "recordId": "MRN-12345"
  }'

# 3. Verify the attestation
curl -X POST http://localhost:8000/v1/verify \
  -H "Content-Type: application/json" \
  -d '{ "attestationBundle": "..." }'
Authentication
Anonymous token-based authentication

Prova uses anonymous bearer tokens. No registration, email, or personal information is required.

  1. 1. Call POST /v1/auth/anon to create a pseudonymous session
  2. 2. Include the token in the Authorization: Bearer <token> header for all subsequent requests
  3. 3. Optionally save a passphrase to recover the session later

Endpoints

POST/v1/fetch-and-attest
Delegate credentials, fetch clinical data via MPC-TLS, process in TEE, and return attested FHIR output.

Request

json
{
  "systemType": "epic_mychart",
  "portalUrl": "https://mychart.example.com",
  "username": "patient_user",
  "password": "s3cure_pass",
  "recordId": "MRN-12345"
}

Response

json
{
  "requestId": "550e8400-e29b-41d4-a716-446655440000",
  "status": "processing",
  "message": "Credential delegation accepted"
}
POST/v1/process
Submit raw clinical data for TEE processing without credential delegation.

Request

json
{
  "data": "<FHIR Bundle JSON>",
  "outputFormat": "fhir_r4"
}

Response

json
{
  "requestId": "550e8400-e29b-41d4-a716-446655440001",
  "status": "processing"
}
POST/v1/verify
Independently verify an attestation bundle against the enclave's known code hash.

Request

json
{
  "attestationBundle": "<base64-encoded bundle>"
}

Response

json
{
  "valid": true,
  "enclaveHashMatch": true,
  "mpcTlsVerified": true,
  "teeQuoteVerified": true
}
GET/v1/health
Health check endpoint. Returns enclave status and API version.

Response

json
{
  "status": "healthy",
  "version": "0.1.0",
  "enclave": "Intel TDX",
  "uptime": "2h 34m"
}