Quickstart
Get Tauth running and sign your first file in under 5 minutes.
Prerequisites
- Python 3.11+
- PostgreSQL 14+
- Node.js 18+ (for the web app)
- Azure subscription with Key Vault (or use local mock keys)
1. Clone & install
bash
git clone https://github.com/tauth-io/tauth.git
cd tauth
python -m venv env && source env/bin/activate
pip install -r requirements.txt2. Configure environment
Copy the example and fill in your values:
bash
cp .env.example .envMinimum required variables:
ini
DATABASE_URL=postgresql://tauth:tauth123@localhost/tauth
AZURE_VAULT_URL=https://your-vault.vault.azure.net/
LEAF_KEY_NAME=leaf-test
JWT_SECRET=change-me-in-productionSee Environment Variables for the full reference.
3. Run database migrations
bash
cd db
alembic upgrade head4. Start the backend
bash
cd ..
source env/bin/activate
uvicorn server:app --host 0.0.0.0 --port 8003 --reloadThe API is now live at http://localhost:8003. Open the interactive docs at http://localhost:8003/docs.
5. Start the web app
bash
cd proofmed-trust-protocol
npm install
npm run devNavigate to http://localhost:5173.
6. Sign your first file
Via the web UI
- Click Sign In and register an account.
- Open the Media tab.
- Drop a JPEG or PNG onto the upload zone.
- Select a manifest template (or create one in Manifest Builder).
- Click Sign. The C2PA manifest is embedded and the hash is written to Sepolia.
Via the API
bash
# 1. Register + get token
TOKEN=$(curl -s -X POST https://api.tauth.io/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"you@example.com","password":"secret"}' \
| jq -r '.access_token')
# 2. Upload
UPLOAD_ID=$(curl -s -X POST https://api.tauth.io/v1/media/upload \
-H "Authorization: Bearer $TOKEN" \
-F "file=@photo.jpg" \
| jq -r '.upload_id')
# 3. Sign
curl -X POST https://api.tauth.io/v1/media/sign \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "{\"upload_id\":\"$UPLOAD_ID\",\"manifest\":{\"title\":\"My Photo\",\"creator\":\"Alice\"}}"Next steps
- Authentication guide: JWT tokens, refresh flow, API keys
- Manifests: customize the C2PA metadata embedded in your files
- Python SDK: automate signing in bulk