OpenSSF

Sigstore Public Good APIs

Sigstore is an OpenSSF-hosted standard and service for signing, verifying, and protecting software. The public-good Sigstore instance exposes Fulcio (code-signing certificate authority) and Rekor (transparency log) APIs that can be queried programmatically to inspect signing certificates and transparency log entries.

GitHub

Documentation

📖
Documentation
https://docs.sigstore.dev/
📖
Documentation
https://docs.sigstore.dev/logging/overview/

Other Resources

🔗
GitHubOrganization
https://github.com/sigstore

API entry from apis.yml

apis.yml Raw ↑ 
aid: openssf:sigstore-api
name: Sigstore Public Good APIs
description: Sigstore is an OpenSSF-hosted standard and service for signing, verifying, and protecting
  software. The public-good Sigstore instance exposes Fulcio (code-signing certificate authority) and
  Rekor (transparency log) APIs that can be queried programmatically to inspect signing certificates and
  transparency log entries.
humanURL: https://www.sigstore.dev/
baseURL: https://rekor.sigstore.dev
tags:
- Signing
- Transparency Log
- Supply Chain
properties:
- type: Documentation
  url: https://docs.sigstore.dev/
- type: Documentation
  url: https://docs.sigstore.dev/logging/overview/
- type: GitHubOrganization
  url: https://github.com/sigstore