Docs / Signed outcomes
Signed outcomes prevent tampering
Do not trust raw client status. Verify signed outcome payloads on your server before granting access.
What is signed
- Session identifier and outcome status.
- Outcome metadata and issuance timestamp.
- Signature envelope used for server-side verification.
Why this matters
Tamper defense
Signed payloads prevent forged pass states from client-side manipulation.
Consistent enforcement
Your backend makes final policy decisions from one trusted source of truth.
Auditability
Persist verification artifacts needed for support and compliance review.
Verification checklist
- Fetch and rotate verification keys on schedule.
- Validate signature, timestamp, and expected audience/context.
- Reject unsigned, stale, or mismatched payloads.
- Store session ID, outcome, verified-at timestamp, and signature status.
- Log verification failures with reason code and trace ID.
What to store
Store only what supports policy enforcement and auditability. Avoid retaining unnecessary data fields from client runtime events.
- Session identifier and verified outcome status.
- Signature verification result and verified timestamp.
- Associated request trace identifier and policy decision reference.
- Minimal error reason codes when verification fails.