VetoVetoDocs
Hosted REST API

Manifest & JWKS serving

The public, agent-facing discovery surface served in hosted mode — the manifest, the receipt JWKS, and a path-form catalog mirror, with ETag caching and open CORS.

In hosted mode, Veto serves the merchant's public discovery surface — the same /.well-known/* files a self-hosted merchant would mount. These endpoints are public (no API key) and CORS-open, because they're what any agent reads to bootstrap a checkout.

Tenant resolution

Two equivalent forms resolve the same merchant and serve the same relative-path manifest:

FormURLResolves by
Hosthttps://<slug>.veto-checkout.com/.well-known/agentic-checkout.jsonslug (prefers the live merchant)
Pathhttps://api.veto-ai.com/m/<slug-or-mrch_id>/.well-known/agentic-checkout.jsonslug or mrch_ id

GET /.well-known/agentic-checkout.json

The discovery anchor — catalog URL, checkout URL, rails, pay_to, accepted mandates, and a policy summary. Built from the published config and cached per merchant.

AuthPublic
Path-formGET /m/:tenant/.well-known/agentic-checkout.json

Caching & headers

HeaderValue
ETag"<sha256(manifest)>"
Cache-Controlpublic, max-age=60
Access-Control-Allow-Origin*

Send If-None-Match: "<etag>" to get a 304 Not Modified when the manifest is unchanged.

StatusMeaning
200The manifest JSON.
304Not modified (your If-None-Match matched the current ETag).
404NOT_FOUND — no merchant for that host/tenant.
fetch a manifest
curl https://acme.veto-checkout.com/.well-known/agentic-checkout.json
# or the path form:
curl https://api.veto-ai.com/m/acme/.well-known/agentic-checkout.json

See the wire-protocol manifest page for the full body shape.


GET /.well-known/jwks.json

The merchant's receipt public key — the canonical (R4) location a buyer fetches to verify a receipt offline. Same key as /v1/merchants/:id/jwks.

AuthPublic
Path-formGET /m/:tenant/.well-known/jwks.json
HeadersCache-Control: public, max-age=300, Access-Control-Allow-Origin: *
200
{ "keys": [ { "kty": "OKP", "crv": "Ed25519", "x": "…", "kid": "mrch_01J…-receipts-v1" } ] }

GET /m/:tenant/agent/catalog

A path-form mirror of the agent catalog for discovery tooling that prefers a single host. Public, CORS-open, Cache-Control: public, max-age=60.

200
{ "items": [ /* CatalogItem[] */ ] }
curl https://api.veto-ai.com/m/acme/agent/catalog

Cache invalidation

Every catalog / receiving / policy write — and every publish — invalidates the per-merchant manifest cache, so the next serve rebuilds from the published inputs.