Verify identity ownership
Ask whether a face, voice, or name is a registered, verified likeness — and who holds the rights — before you generate or publish anything.
( Developers )
If your product creates, hosts, or distributes AI media, Royall is the infrastructure layer that verifies who owns a likeness, checks whether a use is permitted, and honors the owner's terms — all through one clean API.
identity_id: idt_9f2a…
use: voice_synthesis
context: advertising
territory: US
license_id: lic_4b81…
scope: voice_synthesis
expires: 2026-12-31
( Why use the API )
Royall is the consent and ownership layer for products that touch a person's identity. One call tells you whether a likeness is claimed, what's permitted, and on what terms — so your product can act responsibly by default.
Ask whether a face, voice, or name is a registered, verified likeness — and who holds the rights — before you generate or publish anything.
Query the current permission state for a specific use. Consent is a live signal, not a checkbox you saved six months ago.
Read the scope, duration, territory, and pricing an owner has approved so you can route compliant, paid uses at the point of creation.
Subscribe to changes and get notified the moment permissions are updated or revoked — no polling, no stale cache.
1
API call to check consent
<50ms
Median check latency
3
Typed SDKs · TS · Python · Go
100%
Fail-closed by default
( Real-world use cases )
Anywhere a product creates, hosts, distributes, or authenticates a person's identity, Royall gives you a single call to check permission first.
Gate generation on consent. Check a likeness before a model renders a face or synthesizes a voice, and log the verified permission behind each output.
Let creators bring their registered likeness with them. Verify uploads, honor per-creator terms, and keep impersonation off your platform.
Confirm sellers actually hold the rights to the likeness they're listing, and surface clean licensing terms buyers can trust.
Match a voice sample against registered fingerprints, check whether synthesis is licensed, and route royalties for approved voice use.
Use a verified, timestamped likeness record as an identity signal — with the owner's consent and a clear audit trail.
Bake consent checks into internal creative and marketing tools so every asset that uses a real person is permission-backed.
( Consent lifecycle )
Permission isn't granted once and forgotten. Royall models the whole lifecycle so your product always acts on what's true today — not what was true when you first cached it.
Ask an owner for a specific use — scope, duration, and territory. The request lands with the right person or their team to review.
Before you generate, confirm the current state: is this exact use approved, for this identity, right now?
Terms change. Owners can widen, narrow, or re-price permissions, and your integration reads the latest state on the next call.
Consent can be withdrawn at any time. A revoked permission fails closed — the check returns denied instead of a stale yes.
Every change fires a signed webhook so your systems react immediately — pull content, halt jobs, or update your own records.
( Our promise )
We ship consent to production.
Verifiable proof, audit trails, and fail-closed checks aren't add-ons — they're how the API works from the first call.
( Code examples )
Predictable REST, JSON in and out, and errors that fail closed. Here's what the core calls actually look like.
POST /v1/consent/check
Authorization: Bearer sk_live_•••
Content-Type: application/json
{
"identity_id": "idt_9f2a...",
"use": {
"type": "voice_synthesis",
"context": "advertising",
"territory": "US"
}
}
200 OK
{
"allowed": true,
"license_id": "lic_4b81...",
"terms": {
"scope": "voice_synthesis",
"expires_at": "2026-12-31T23:59:59Z",
"attribution_required": true
}
}( Our toolkit )
( Developer experience )
The integration should be the easy part. Everything is documented, typed, and built to get out of your way.
Typed SDKs for TypeScript, Python, and Go wrap auth, retries, and signature verification so you write intent, not plumbing.
Resource-oriented routes, consistent JSON, cursor pagination, and idempotency keys on every write.
Bearer API keys with scoped permissions and separate sandbox and live keys. Rotate without downtime.
Every event is signed and retried with backoff. Verify with the SDK helper and dedupe on the event id.
Generous defaults, clear headers on every response, and burst allowances so you're never guessing.
Copy-paste quickstarts, a live API reference, and guides that take you from API key to first verified call in minutes.
( Compliance & risk )
Platforms, partners, and regulators increasingly expect AI products to confirm they had permission before using someone's face, voice, or name. Royall is the infrastructure layer that makes that a single call — so responsible defaults don't slow you down.
( Technical FAQ )
Grab a sandbox key, make your first verified call, and ship consent checks without building the hard parts yourself.