Skip to content
VitalCV

Verifier Guide

Full reference for hospital credentialing reviewers. No jargon without explanation.

⏱ How to read this in 30 seconds

  1. 1.Check the LINEAGE HEADER — it tells you WHAT was checked, WHEN, and by WHO.
  2. 2.Look for the DEGRADATION BAR — green means clean. Amber/dashed means a system gap (not the clinician's fault).
  3. 3.Read the TIER BADGE — T3 or T4 means the claim was verified against an authoritative source.
  4. 4.Check REPLAY CONTINUITY — a chain link (↳) means this is not the first check.
  5. 5.Check SIGNER — the signing key ID links to the public JWKS. You can verify offline.

🏷 Trust Tiers

T1 · Self-AssertedClinician-provided. Not verified. Use for context only.
T2 · InferredDerived from verified data. Not directly checked.
T3 · Source CheckedVerified against an authoritative public source (NPPES, OIG, State Board).
T4 · Issuer SignedCryptographically signed by did:web:vitalcv.com. Independently verifiable.

↳ What is replay continuity?

Replay continuity means this verification has a history.

Each check produces a run ID. If this run links to a prior run (↳), the credential has been verified before.

Two linked runs mean: the credential was checked at T1, then rechecked at T2. Both checks are preserved.

A "genesis" run means this is the first check. That is normal.

Replay is evidence — it shows the credential's verification history, not just its current state.

⚠ What do degraded states mean?

No Adverse FindingsThe source was checked. Nothing adverse was found. This is the expected state.
Source UnreachableThe external source (NPPES, OIG) was temporarily unreachable. Not the clinician's fault.
Infrastructure OutageVitalCV infrastructure was degraded. VitalCV owns this. Not the clinician's fault.
AnonymousNo authenticated actor is bound. This is an exploratory view only.
Issuer UnavailableThe issuing authority was unresponsive. Different from infrastructure outage — the issuer, not VitalCV, is unavailable.

Offline Verification

T4 credentials can be verified offline. The public key set is available at /.well-known/jwks.json. Use any JWT library to validate the ES256 signature against the published kid. No network call to VitalCV required.

Trust policy: /.well-known/trust.json