For developers · the self-serve door

Conform in an afternoon. A few API calls.

One integration against an open spec maps age-appropriate access control to real law: a signal goes in, a signed decision comes back, and you keep the receipt — not the birthdate.

Start building Read the OCSS spec
067 anchored / 48 provisionalOCSS rule categories typed
0live from the registrystatutes you map with one integration
0succession + §9.4 attestationconformance surfaces live today
0birthdates stored by youraw PII the router asks you to keep

Live today: the Ed25519-signed succession record and the §9.4 attestation export (signed CSV — regulator-ready evidence, not an approval or safe harbor). The public /v1/check decision API lands in a later milestone. OCSS is a pre-release IETF Internet-Draft; Phosra implements it, and does not own it.

What you can call today

We'll show you the shape before it's a button.

Two conformance surfaces are live right now — both verifiable from the outside, with no account required. The full self-serve developer funnel (API keys, the public /v1/checkdecision endpoint, and the published SDK + MCP packages) is in active build and lands in a later milestone. Every code sample below that isn't one of the two live surfaces is labelled illustrative — it shows the committed request/response shape, not an endpoint you can hit this afternoon.

Live · verifiable now

The signed succession record

The steward of record, transfer status, and succession plan publish as an Ed25519-signed record you can fetch and verify against the steward key — no auth, no SDK. It's the anti-capture guarantee in machine-checkable form, served from the standard's own domain.

GET openchildsafety.com/.well-known/ocss-succession

Live · verifiable now

The §9.4 attestation export

A signed CSV attestation of conformance evidence per OCSS §9.4 — the regulator-ready receipt format, exportable today. It's evidence a regulator can weigh, not an approval or a safe harbor (the boundary is written into §5.1, and we don't soften it).

§9.4 attestation · signed CSV

The contract · age signal in, signed decision out

One call. A decision you can replay.

The core of the developer funnel is a single request: hand the router an age signal and the surface you're gating, get back a tier decision drawn from the 115-category OCSS rule registry — plus a signed receipt. The shape below is committed; the public endpoint ships in a later milestone, so it's shown as an illustrative preview, not a live response.

The request

No raw birthdate crosses the wire and none is stored by you — an OS-level age signal (CA AB 1043 style) plus the surface you're gating is enough to get a tier decision back.

Illustrative preview— public endpoint ships in a later milestone
POST /v1/check
authorization: "Bearer phk_…"
 
{
  age_signal: "os.assured_13_15",
  surface: "chat.companion",
  rule_categories: [
    "ai_chatbot_tier_gate",
    "commercial_data_ban"
  ]
}

The response

A tier decision per rule, plus a signed receipt you can store and later hand a regulator to replay — the same evidence shape the §9.4 export already produces today.

Illustrative preview— shape committed; not a live 200
{
  decision: "restrict",
  tier: "teen.13_15",
  rules: {
    ai_chatbot_tier_gate: "tier_2",
    commercial_data_ban: "deny"
  },
  receipt: ed25519:7c1a…d41a
}
receipt verifies against the network signing key

Until the public /v1/check endpoint ships, this is the committed shape — not a live endpoint. The two surfaces you can verify today are listed above.

Surface area

Pick the surface that fits your stack.

The router exposes the same conformant logic four ways. The open spec is published and citable today; the REST API, the SDK, and the MCP server ship as the self-serve funnel opens. We label each by stage — no vapor dressed as a download link.

Open spec · published today

Build against a spec, not a vendor

OCSS is publicly documented and citable — an individual IETF Internet-Draft (Draft 4, pre-release). You build against the standard; other vendors can implement the same one; if Phosra disappeared tomorrow the spec, the 115-category rule registry, and the conformance suite live on at openchildsafety.com. That's the point of an open standard — no single SaaS contract owns child-safety plumbing.

Read the spec
01
REST API — versioned endpoints, typed to the spec
Versioned, OpenAPI-documented endpoints for the decision check, rule lookups, and attestation export. Signatures are part of the contract, not an add-on — every decision comes back with a receipt you can verify and replay.
ships with the funnel
02
@phosra/sdk— for Node, Bun & edge
A first-class TypeScript SDK with full types for all 115 rule categories and the 91-statute registry — tree-shakeable, runtime-agnostic, generated from the same spec the REST API is built against.
ships with the funnel
03
MCP server — drop the router into your agent
A native Model Context Protocol server exposes each surface as a typed tool call, so an MCP-compatible agent can reason about age-appropriate access and pull a signed decision without you wiring the REST glue by hand.
ships with the funnel
04
Privacy posture — no raw birthdates to hold
Whichever surface you pick, you pass an age signal, not a date of birth — and the OCSS envelope is sealed end-to-end, so the routing layer reads only the headers it needs to move a signal. The receipt proves the decision; it doesn't hand you PII to safeguard.
structural · true today
Same conformant router · three front ends · one signed receiptRead the spec →
MCP-native

Wire it into your agent in one config block.

When the package publishes, the MCP server is a single entry in your client config — Claude, Cursor, or any MCP host can then reason about age-appropriate access and pull a signed decision as a typed tool call. The config shape is committed; the published @phosra/mcp package lands with the self-serve funnel.

Prefer raw HTTP? The same logic is the versioned REST endpoint. Prefer types? It's @phosra/sdk. Same router, same signed receipt, three front ends.

Illustrative · .mcp.json— package publishes with the funnel
{
  "mcpServers": {
    "phosra": {
      "command": "npx",
      "args": ["-y", "@phosra/mcp"],
      "env": { "PHOSRA_API_KEY": "phk_…" }
    }
  }
}
Honest by design

You build against the spec, not against us.

OCSS is a pre-release standard — Draft 4, an individual IETF Internet-Draft, not yet ratified by any standards body. Phosra is building toward OCSS Certified: a status earned from the standard and its conformance suite, never a badge we issue. We don't self-certify, and conformance is evidence a regulator can weigh — never a compliance determination or a safe harbor (OCSS §5.1).

The canonical spec, the rule registry, and the conformance suite live at openchildsafety.com — not here. That separation is the asset: a standard you can't capture is one you can build on.

Start building

Conform in an afternoon — against an open spec.

Read the spec and verify the two live surfaces today; the API keys, SDK, and MCP package land as the self-serve funnel opens. Want early access to the developer preview? Tell us what you're building.

Request the developer preview Read the OCSS spec

The standard itself — spec, rule registry, conformance suite — lives at openchildsafety.com, not here.