Sign with C2PA
Are you familiar with C2PA? Be sure to read Understand C2PA before proceeding.
What do you need to get started signing? Here are the pre-requisites.
- A Truepic tool and license key for your desired product(s). You can find out details for license key requirements in each product's getting started guide. Don't have access? Contact sales.
- Refer to this list for supported formats.
Get a certificate
Before you can start signing in your workflows or applications, your organization needs a certificate. When your files are signed, they will say Signed by: Your Organization's Name
in a Content Credentials display. Our products seamlessly integrate with Truepic's Certificate Authority, which is on the C2PA trust list, using just a few lines of code.
- Use the CLI's
enroll
command to obtain a certificate. - For the C2PA library, first acquire a certificate through the CLI.
- The Android and iOS SDKs automatically enroll devices upon initialization.
Certificate enrollment functions require Truepic product license keys, and certificates automatically reflect the organization name defined when your Truepic account was set up.
Use cases
This section covers what assets and information you need in order to programmatically sign files across different use cases. Truepic's tools do the rest for you automatically! Click to jump to a section below:
- Original captures
- AI-generated media
- Add C2PA metadata only, without any file changes
- Modified media
Original captures
Sign original, unmodified, camera-captured media for the first time.
With Truepic authentic camera
What you'll need:
- Just the Lens Android or iOS SDK! It handles everything.
Regular signing
What you'll need:
- An unsigned original media file
- Metadata and other information about the image. See Add Assertions.
Generated media
Sign new AI-generated media for the first time.
What you'll need:
- An unsigned media file
- A created assertion with an AI digitalSourceType. See Add Assertions.
Update metadata only
Sign or resign media to add C2PA metadata only.
What you'll need:
- A file to be signed
- Add Assertions, except for actions. Actions assertions aren't allowed in update manifests
Modified media
Sign or resign modified media, disclosing edits and activity.
What you'll need:
- An unsigned, modified file
- Action assertions that describe what changed since the previous version, see Add Assertions
- The previous version of the file, to be added as a
parentOf
ingredient. - Any other assets that were brought in to this version of the file, to be added as
componentOf
ingredients
Updated 3 months ago