7. Enforcement API
7.1 Overview
This section defines the minimum API contract that a PCT-compliant enforcement point must expose. Implementations may provide richer interfaces; they must not expose less than the minimum defined here.
7.2 Verification request
An enforcement point must accept a verification request containing the following fields:
| Field | Type | Required | Description |
|---|---|---|---|
pct | string | REQUIRED | The compact serialised PCT (header.payload.signature). |
requested_action | enum | REQUIRED | The action being requested. Permitted values: process, transfer, ai_call, store, delete, disclose. |
requested_purpose | string | REQUIRED | The specific purpose for which the action is being performed. Must match a value in allowed_purposes to pass. |
processing_region | string (ISO 3166-1 alpha-2) | REQUIRED | The country code where the action will occur. |
requestor_id | string | REQUIRED | Identifier of the system or service making the request. |
request_timestamp | integer (Unix epoch) | REQUIRED | Timestamp of the request. |
request_id | string (UUID v4) | REQUIRED | Unique identifier for this verification request, used in the audit record. |
7.3 Verification response
| Field | Type | Required | Description |
|---|---|---|---|
decision | enum | REQUIRED | The enforcement decision. Values: ALLOW, BLOCK, TRANSFORM. |
decision_reasons | array of string | REQUIRED | Human-readable explanation of the checks that produced the decision. Required for BLOCK and TRANSFORM decisions. |
transform_instructions | object | CONDITIONAL | Required when decision is TRANSFORM. Specifies the transformation to be applied (e.g. redact field x, pseudonymise field y). |
audit_record_id | string (UUID v4) | REQUIRED | The identifier of the audit record generated for this decision. |
response_timestamp | integer (Unix epoch) | REQUIRED | Timestamp at which the decision was made. |