API Reference
Web Captures
Capture live web pages into notarized evidence bundles
Auth required (Clerk Bearer).
GET /api/captures/status
Reports which notary capabilities are configured on the server, so a client can show/hide affordances.
200
{ "webCapture": true, "signing": true, "timestamping": false }POST /api/captures/web
Visits a URL from an isolated server-side headless browser and records:
- a full-page screenshot (PNG)
- the rendered HTML
- technical metadata (final URL, HTTP status, resolved IP, response headers)
The artifacts are packed into a deterministic ZIP whose SHA-256 is anchored on-chain — the same proof-of-existence path as an uploaded file. The screenshot is also stored standalone so list/detail responses can embed a presigned screenshot preview URL. Requires LGPD consent. Rate limit: 5/min. In an organization, editor or higher.
| Body field | Type | Description |
|---|---|---|
url | string (required) | Public http(s) URL to capture |
consent | boolean (required) | Must be true |
curl -X POST https://jatoba-web3-production.up.railway.app/api/captures/web \
-H "Authorization: Bearer $CLERK_TOKEN" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com/page", "consent": true}'201 — a document object with sourceType: "web-capture", mimeType: "application/zip", and a screenshot preview URL.
| Status | Meaning |
|---|---|
| 400 | Invalid URL, blocked host, or missing consent |
| 403 | Insufficient org role |
| 502 | Upstream capture failure |
| 503 | Web capture not enabled / browser unavailable |