Send a verifiable proof of any action, to anyone, in one link
Every Recalled event ships with a portable receipt: a JSON object plus a public webpage URL. Send it to a customer who disputes an action, attach it to a support ticket, paste it in a Slack reply, or let your AI agent cite it. The recipient clicks, sees the action, the timestamp and a green Verified banner, with no Recalled account or API key required.
A user pings support: 'I never deleted my project, your system did.' Or a customer claims a refund was never processed. Or your AI agent says it archived a file and the user pushes back. Without shareable proof, the support team digs in raw logs for hours, the customer waits, and you have no neutral artefact you can hand over without leaking everything else around it.
Call /v1/events/:id/receipt for any event you logged, no matter who or what acted: a human user, a staff member from your back-office, an AI agent, a cron. Get back a JSON receipt with a verification_url and a view_url. The view_url is a public webpage that strips actor PII and metadata, shows only the action verb, the timestamp and the cryptographic proof. Both the JSON and the page work without an API key. Send the link, the recipient clicks, the dispute closes itself.
// After any logged action (human or agent),
// fetch a portable, citable receipt for that event.
const { data: receipt } = await recalled.events.getReceipt(eventId);
// receipt.view_url is a public, no-auth page anyone can open.
// Send it to a customer disputing the action, attach it to a
// ticket, paste it in a Slack reply, or let your AI agent cite it.
return res.json({ proofUrl: receipt.view_url });Why receipts matter for any workflow
- One link covers human and agent actions
Same endpoint, same shape, whether the actor was your user, your support staff, an AI agent or a cron. Pick the use case, send the link.
- Public, no-auth verification
Anyone clicks the receipt URL, the page hits a no-auth endpoint that recomputes the hash and signature server-side, and shows a green or red banner. No login, no Recalled account.
- PII stripped on the public page
Actor name, email, IP, user agent and metadata never appear on the public view. Only the action, the actor type, the timestamp and the hashes. Safe to share with anyone.
- Single citable object
The receipt is a JSON object with view_url and verification_url. Paste it into a support reply, a Slack message, a ticket, a mail, an agent reply. Self-contained.
- Hash chain context preserved
The receipt carries prev_hash so the recipient knows the action sits inside an unbroken chain of events. Tamper-evident, not just signature-checked.
Related use cases
Your AI agent acts on behalf of users. Recalled records every action with actor.type set to 'agent', a hash chain and an HMAC signature, plus the conversation id and the user who triggered it. When the agent gets it wrong, you have a forensic trail.
Mint a short-lived embed token server-side, drop the `<RecalledFeed />` React component into your support tool, and give your agents the last 25 actions of the customer without switching tabs.
Recalled is hosted in the EU, encrypted at rest, and exposes a one-call anonymization endpoint for Article 17. Ship a GDPR-ready audit trail without building your own data protection layer.
Your next audit log is 2 minutes away
Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.