subject_type and subject_id — and returns snapshots in the shape written to Tally, optionally enriched with cryptographic verification data. All read endpoints are available in both global (/v1/subjects/…) and tenant-scoped (/v1/tenants/:tenant_id/subjects/…) forms; the tenant-scoped variants require authentication and enforce subject ownership or grant-based access.
View and verify modes
Most endpoints acceptview and verify query parameters that control how much data is returned and whether Tally runs integrity checks inline.
view parameter
| Value | Behavior |
|---|---|
full (default) | Returns the full snapshot including the complete envelope JSON. |
header | Returns only the snapshot header: snapshot_id, snapshot_version, subject, generated_at, and created_at. Faster and lighter for list operations. |
verify parameter
| Value | Behavior |
|---|---|
none (default) | No verification. Response omits the verification field. |
hash | Tally recomputes the SHA-256 envelope hash and compares it against the stored value. Adds a verification.hash object to the response. |
chain | Tally verifies the chain linkage by checking that prev_hash matches the parent snapshot’s stored envelope_hash. Adds a verification.chain object. Use depth to walk further back in the chain. |
verify=hash forces view=full internally so the envelope bytes are available for hashing, regardless of the view parameter you pass.GET /v1/subjects/:subject_type/:subject_id
Returns a structured current state summary for a subject: the latest snapshot header, a flattenedidentity attribute map, and provenance metadata.
Path parameters
Must be
"entity" or "individual".The stable identifier for the subject, e.g.
"ent_acme_001".Query parameters
Verification mode:
none, hash, or chain. See the table above.Number of chain hops to walk back when
verify=chain. Must be an integer ≥ 1. Bounded by the server’s MAX_CHAIN_PROOF_DEPTH setting.Response
The subject identifier:
subject_type and subject_id.Summary of the latest snapshot.
The materialized
attributes object from the latest snapshot — a direct copy of envelope.attributes.High-level provenance indicators.
Present only when
verify is not "none". Contains mode, hash, and chain sub-objects reflecting the result of the requested check.Example
GET /v1/subjects/:subject_type/:subject_id/snapshots/latest
Returns the latest snapshot for a subject inheader or full view, with optional verification.
Path parameters
"entity" or "individual".The subject’s stable identifier.
Query parameters
"full" or "header"."none", "hash", or "chain".Chain proof depth. Only meaningful when
verify=chain.Response
Returns the snapshot object. Infull view, the response includes snapshot_id, snapshot_version, subject, generated_at, created_at, and envelope (the full stored envelope JSON). In header view, envelope is omitted.
GET /v1/subjects/:subject_type/:subject_id/snapshots/:snapshot_version
Returns a specific historical snapshot by its integer version number.Path parameters
"entity" or "individual".The subject’s stable identifier.
The integer version to retrieve. Must be ≥ 1.
Query parameters
"full" or "header"."none", "hash", or "chain".Chain proof depth. Only meaningful when
verify=chain.Response
Same shape as/snapshots/latest. Returns 404 not_found if no snapshot exists for the requested version.
GET /v1/snapshots/:snapshot_id
Fetch any snapshot by its UUID, regardless of which subject it belongs to.Path parameters
The UUID of the snapshot. Must be a valid UUID; Tally returns
400 validation_error for malformed values.Query parameters
"full" or "header"."none", "hash", or "chain".Chain proof depth. Only meaningful when
verify=chain.Response
Same shape as/snapshots/latest. On the tenant-scoped path, Tally verifies that the authenticated principal has ownership of or a grant over the subject before returning the snapshot.
GET /v1/snapshots/:snapshot_id/proof
Returns the cryptographic proof record for a single snapshot: its stored envelope hash, the hash of its predecessor, and the algorithm and canonicalization method used.Path parameters
UUID of the snapshot whose proof you want to inspect.
Response
UUID of this snapshot.
The subject’s stable identifier.
The integer version of this snapshot.
SHA-256 hash of the canonicalized envelope.
null if not yet computed.The
envelope_hash of the immediately preceding snapshot for this subject. null for version 1.The algorithm used to normalize the envelope before hashing (e.g.
"json-canonicalize-rfc8785").The hashing algorithm (e.g.
"sha-256").Example
GET /v1/subjects/:subject_type/:subject_id/history
Lists snapshots for a subject in paginated, cursor-based pages. Equivalent to/snapshots on the same subject path.
Path parameters
"entity" or "individual".The subject’s stable identifier.
Query parameters
Number of snapshots to return per page. Must be between 1 and 200. Also bounded by the server’s
MAX_HISTORY_LIMIT setting.Sort order by
snapshot_version: "asc" (oldest first) or "desc" (newest first).Opaque pagination cursor returned in the previous page’s
page.next_cursor. Omit on the first request."full" or "header"."none", "hash", or "chain". Applied to each item in the page independently.Response
Array of snapshot objects (header or full, depending on
view).Pagination metadata.
Example
GET /v1/subjects/:subject_type/:subject_id/chain-proof
Returns the chain proof record for each snapshot in a subject’s history — a lightweight list of(snapshot_version, snapshot_id, envelope_hash, prev_hash) tuples you can use to independently verify the full chain without downloading every envelope.
Path parameters
"entity" or "individual".The subject’s stable identifier.
Query parameters
Number of chain proof items per page. Bounded by the server’s
MAX_CHAIN_PROOF_DEPTH setting."asc" or "desc".Pagination cursor from a previous page.
Response
Array of chain proof items. Each item contains
snapshot_version, snapshot_id, envelope_hash, and prev_hash.Pagination metadata:
order, limit, next_cursor.Example
GET /v1/subjects/:subject_type/:subject_id/export
Downloads the complete snapshot history for a subject in a single response, including every envelope and its hash data. Designed for audits, migrations, and offline verification.Path parameters
"entity" or "individual".The subject’s stable identifier.
Export is limited by the server’s
MAX_EXPORT_SIZE (default: 1000 snapshots). If a subject has more snapshots than this limit, Tally returns 400 validation_error. Use the paginated /history endpoint to retrieve large histories incrementally.Response
The subject identifier:
subject_type and subject_id.The canonicalization algorithm used when computing
envelope_hash values (e.g. "json-canonicalize-rfc8785").The hash algorithm (e.g.
"sha-256").Ordered array of all snapshots. Each item includes
snapshot_version, snapshot_id, envelope (full JSON), envelope_hash, and prev_hash.