Infrastructure components
Verify API POST /v1/verify
Token verification and claims retrieval — the core credential endpoint
Pilot
Operational
Session API POST /v1/sessions
QR session creation for the @passidio/react SDK overlay
100%
Operational
Verification Package Builder POST /v1/package
Assembles verified claims, freshness, provenance, and proof status into a structured institution-ready package
100%
Operational
Webhook Delivery
verification.completed · verification.failed · outcome.reported events
100%
Operational
Credential Issuance
Open banking ingestion, proof metadata generation, Ed25519 signing, credential storage
100%
Operational
Institution Dashboard
Verification history, API key management, sandbox, performance analytics
100%
Operational
PASSID Mobile App Backend
User authentication, credential wallet, consent flows, revocation
100%
Operational
Incident history · past 90 days
Elevated verify API latency — EU region
Resolved
2026-03-18
A misconfigured database connection pool in the EU deployment caused p99 latency to increase from ~90 ms to ~340 ms for 47 minutes. Token verification continued to function correctly — no requests failed, no data was affected.
14:22 UTCAutomated latency alert triggered. On-call engineer paged.
14:31 UTCRoot cause identified — connection pool exhaustion under sustained load.
15:09 UTCPool configuration updated and deployed. Latency returned to baseline (<95 ms).
15:20 UTCIncident resolved. Post-mortem scheduled.
✓ Resolved · 47 min duration · No data impact
No other incidents in the past 90 days.
Service Level Agreement
Uptime commitment
Target monthly uptime for all production API endpoints. Downtime is measured as consecutive minutes during which the verify endpoint returns non-2xx responses or exceeds 10 s timeout.
Credits on breach
If monthly uptime falls below Target, affected institutions receive service credits: 10% credit for 99.0–Target, 25% for 95.0–99.0%, 50% for below 95.0%.
Exclusions
Scheduled maintenance windows (announced 48 h in advance), force majeure events, and issues caused by third-party providers outside PASSID's control (e.g. source financial data sources).