> ## Documentation Index
> Fetch the complete documentation index at: https://docs.uip.digital/llms.txt
> Use this file to discover all available pages before exploring further.

# What is Alentra?

> The model in two minutes — primitives, wallets, and sessions.

Alentra lets your app ask a user's **government-issued digital credential** a precise
question and get back a **cryptographically verified answer**. The credential lives
in the user's own wallet. Alentra resolves one country, credential profile, and
presentation provider from its canonical ledger, then verifies the signed response
against the issuing authority's trust anchors, and delivers the result to you.

Three ideas make up the whole model.

## 1. Primitives — the verbs

A **primitive** is one verified action. You don't call an "Identity API" or a
"Sign API"; you compose primitives.

<CardGroup cols={2}>
  <Card title="identify" icon="id-card">
    Disclose specific government-attested fields ("blocks") — e.g. `first_name`,
    `dob`, `country`, `document_number`.
  </Card>

  <Card title="age_verify" icon="user-shield">
    Prove the holder meets an age threshold. Alentra computes it from the credential's
    birth date; this primitive returns only the boolean and threshold, not the date.
  </Card>

  <Card title="sign" icon="signature">
    The holder's device signs a hash of one or more documents you provide
    (what-you-see-is-what-you-sign), bound to a verified identity.
  </Card>

  <Card title="light_sign" icon="file-signature">
    The same device signature over short **inline terms** text — no file upload.
    For consent and acceptance flows.
  </Card>
</CardGroup>

<Note>
  See [Primitives](/core-concepts/primitives) for the full parameter and result
  shapes.
</Note>

## 2. Credential routes — what is trusted and how it arrives

Alentra keeps the issuing jurisdiction and credential trust profile separate from the
wallet provider. Google Wallet can carry several countries' credentials; the US can
offer several Apple/Google routes. The exact tuple is server-validated and locked for
the session.

Read current route status and provider capabilities from public
[`GET /v1/catalog`](/api-reference/catalog/get). See
[Credential routes & coverage](/core-concepts/wallets) for the current map.

## 3. Sessions — one flow for the user

A **session** bundles the steps you need into a single user experience. You create
it server-to-server, then hand the user its **hosted URL**. On
that page the user's wallet completes each step on-device; Alentra verifies each one
and sends you a **signed webhook** as it happens.

<Steps>
  <Step title="Create">
    `POST /v1/sessions` with your `steps[]`. Alentra returns a session `id` and a hosted
    `url`.
  </Step>

  <Step title="Hand off">
    Send the user to `url`. Alentra's page and the browser's native Digital Credentials
    flow handle same-device or cross-device presentation; you host no wallet UI.
  </Step>

  <Step title="Verify & deliver">
    The wallet responds, Alentra verifies it cryptographically, and you receive a
    logical `step.completed` event with the claims or signature — one per step.
    Delivery is at-least-once, so order results by `stage`.
  </Step>

  <Step title="Conclude">
    The last step completes the session. A stop, failure, or deadline instead ends it
    as `session.stopped`, `session.failed`, or `session.expired`.
  </Step>
</Steps>

## What Alentra is not

<AccordionGroup>
  <Accordion title="Not a document-scanning / OCR / liveness vendor">
    Alentra does not ingest a photograph of the physical ID. Claims come from the
    **issuer's digitally signed credential** in the wallet, verified by signature —
    not by OCR. There is no selfie or liveness check. A customer may explicitly
    request the credential's signed `portrait` claim. (`sign` separately uploads the
    document being signed and retains a completed original as evidence.)
  </Accordion>

  <Accordion title="Not a data broker">
    Alentra returns only the fields your step requests. `age_verify` returns a boolean
    to your business and withholds the birth date; the underlying identity is kept
    encrypted as audit evidence and is available only through the legal-review tier.
  </Accordion>

  <Accordion title="Not an identity you store">
    There is no Alentra "account" the user logs into. The credential stays in their
    wallet; each session is a fresh, consented disclosure. Alentra deliberately retains
    the completed result and its encrypted evidence; the evidence period and legal-
    hold process must be fixed in the signed production schedule.
  </Accordion>
</AccordionGroup>

<Card title="Next: Quickstart" icon="rocket" href="/quickstart">
  Create a session and receive your first verified result.
</Card>
