Welcome to CertVerify! This comprehensive guide will help you understand the platform and get your organization up and running quickly.
What is CertVerify?
CertVerify is an enterprise-grade certificate management platform designed for organizations that need to issue, manage, and verify training certificates at scale. Whether you're a training provider, educational institution, or corporate learning department, CertVerify provides the tools you need to digitize your certification process.
For Organizations
Issue branded certificates, manage training programs, and track certificate lifecycle from issuance to renewal.
For Verifiers
Instantly verify certificate authenticity using certificate numbers, QR codes, or direct share links.
For Certificate Holders
Access your training transcript, share certificates on LinkedIn, and manage visibility settings.
Key Features
Multi-Organization Support
Manage multiple organizations from a single platform with isolated data and customizable branding for each.
Two Certificate Types
Issue Certificates of Completion (no expiry) or Certificates of Competence (with expiry and renewal capability).
Bulk Operations
Upload trainings, issue certificates, and process renewals in bulk using CSV files.
Public Verification
Anyone can verify a certificate's authenticity without needing an account.
Email Notifications
Automatically notify recipients when certificates are issued, with support for multiple email providers.
Developer API
Integrate certificate issuance and verification into your existing systems using our RESTful API.
Comprehensive Audit Trail
Track all certificate verifications and administrative actions with detailed logs.
Privacy Controls
Certificate holders can make their certificates public or hidden from their transcript while keeping them verifiable.
Quick Start Guide
Follow these steps to start issuing certificates:
1
Configure Your Organization
Navigate to Settings and complete your organization profile:
Upload your organization logo (appears on certificates)
Set your primary brand color for certificate styling
Add authorized signatories with their titles and signatures
Configure certificate number prefix (e.g., "ACME-")
2
Create Training Programs
Go to Trainings and add your training courses:
Enter a unique training code (e.g., "HSE101", "FIRST-AID")
Provide the training name and description
Set validity period for competence certificates (e.g., 12 months, 24 months)
Choose the certificate type (Completion or Competence)
Optionally add partner details for joint certifications (logo, signature)
3
Issue Your First Certificate
Click Issue Certificate and fill in the details:
Select the training program
Enter recipient's name and email address
Set the issue date (defaults to today)
Toggle "Include Partner Details" if applicable
Click "Preview" to verify the certificate appearance
Click "Issue Certificate" to generate and send
4
Share and Verify
Once issued, certificates can be verified and shared:
Recipients receive an email with their certificate and share link
Each certificate has a unique verification number (e.g., CV-ABC123XY)
Competence certificates include a QR code for instant mobile verification
Recipients can add certificates to their LinkedIn profile
Certificates can be downloaded as PDF from the share page
Next Steps
Now that you understand the basics, explore these topics to get the most out of CertVerify:
Certificates: Learn about certificate types, bulk issuance, renewals, and revocations.
Verification: Understand how public verification works and certificate statuses.
User Roles: Set up your team with appropriate permissions.
API Reference: Integrate CertVerify with your existing systems.
Certificates
Learn everything about issuing, managing, and tracking certificates in CertVerify.
Certificate Types
CertVerify supports two types of certificates, each designed for different use cases:
Certificate of Completion
COMPLETION
Issued when someone completes a training course. These certificates serve as proof of participation and learning.
No expiration date: valid indefinitely
Cannot be renewed (no need)
Ideal for workshops, courses, seminars
Certificate of Competence
COMPETENCE
Issued to certify professional competency. These certificates have validity periods and require periodic renewal.
Has expiration date (configurable)
Can be renewed before/after expiry
Includes QR code for quick verification
Ideal for safety certifications, licenses
Issuing Certificates
There are multiple ways to issue certificates depending on your needs:
Single Certificate Issuance
For issuing individual certificates one at a time:
Navigate to Issue Certificate from the sidebar
Select the training program from the dropdown
Enter the recipient's full name (as it should appear on the certificate)
Enter the recipient's email address for notification
Set the issue date (defaults to today)
Toggle Include Partner Details if the training has partner branding configured
Click Preview to see how the certificate will look before issuing
Click Issue Certificate to generate the certificate
The certificate is generated immediately with a unique certificate number. If email is configured, the recipient receives a notification with their certificate details and share link.
Certificate Preview
Use the Preview button to see exactly how the certificate will look before issuing. This shows organization branding, signatures, and partner details (if enabled) without creating an actual certificate.
Bulk Certificate Issuance
For issuing multiple certificates at once using a CSV file:
Navigate to Bulk Certificates from the sidebar
Download the CSV template to see the required format
Fill in your data with columns: recipientName, recipientEmail, trainingCode, issueDate, includePartnerDetails
Upload your completed CSV file
Preview the data and fix any validation errors
Click Issue All to process the batch
Pro Tip: CSV Format
Dates should be in YYYY-MM-DD format. Training codes must match existing trainings exactly. Email addresses are validated before processing.
Certificate Actions
Once certificates are issued, you can perform various actions on them:
Renew Certificate
Extend the validity of a competence certificate. This creates a new certificate linked to the original, maintaining the certificate history chain.
Only available for Competence certificates
Can be done before or after expiry
Original certificate remains in the system for audit purposes
New certificate gets a fresh validity period
Revoke Certificate
Permanently invalidate a certificate. Revoked certificates will show as invalid when verified.
Requires a reason for audit trail
Cannot be undone: action is permanent
Certificate remains visible but marked as revoked
Use for policy violations, fraud, or errors
Resend Email
Send the certificate notification email again to the recipient.
Useful if recipient didn't receive the original email
Sends to the email address on file
Requires email to be configured for your organization
Download Certificate
Download a PDF version of the certificate for printing or offline sharing.
High-quality PDF with your organization branding
Includes QR code for competence certificates
Can be printed on standard paper or card stock
Certificate Lifecycle
Understanding the certificate lifecycle helps you manage certificates effectively:
Issued
Active
Expired
Renewed
Certificates can also be Revoked at any point in their lifecycle, which permanently invalidates them regardless of their expiry status.
Verification
Learn how certificate verification works and how anyone can validate certificate authenticity.
Public Verification
One of CertVerify's core features is public verification: anyone can verify a certificate's authenticity without needing an account or logging in. This builds trust and makes it easy for employers, clients, and regulatory bodies to confirm credentials.
Security Note
Verification is protected by CAPTCHA to prevent automated abuse. Rate limiting is also applied to protect against brute-force attempts to guess certificate numbers.
Verification Methods
There are three ways to verify a certificate:
1. Certificate Number Lookup
The most common method. Visit the verification page and enter the certificate number.
Example certificate numbers:
CV-ABC123XYACME-2024-001HSE-FA-789012
Certificate numbers are case-insensitive and appear on the certificate itself.
2. Direct Share Link
Each certificate has a unique, shareable URL that displays the full certificate details.
Example share link:
https://certverify.com/c/a1b2c3d4e5f6
Share links use a secure token that cannot be guessed. Recipients can share this link on LinkedIn, in emails, or on their resume.
3. QR Code Scan
Competence certificates include a QR code that links directly to the verification page.
Simply scan the QR code with any smartphone camera to instantly verify the certificate. This is especially useful for:
On-site verification at job sites
Quick checks during audits
Verifying printed certificates
Certificate Statuses
When a certificate is verified, it will show one of the following statuses:
Status
Meaning
Action Required
Active
Certificate is valid and current. The holder has completed the training and the certificate has not expired.
None: certificate is valid
Expired
Certificate has passed its expiry date. The training was completed but the certification period has ended.
Holder should contact issuing organization for renewal
Revoked
Certificate has been permanently invalidated by the issuing organization. This may be due to policy violations, fraud, or administrative errors.
Certificate is no longer valid: do not accept
Not Found
No certificate exists with the provided number. This could indicate a typo or a fraudulent certificate.
Verify the certificate number is correct; if still not found, the certificate may be fraudulent
What Verification Shows
When a certificate is successfully verified, the following information is displayed:
Certificate Number: The unique identifier
Recipient Name: The name of the certificate holder
Training Name: The training program completed
Issue Date: When the certificate was issued
Expiry Date: When the certificate expires (for competence certificates)
Status: Current validity status
Issuing Organization: The organization that issued the certificate
Privacy Note
Recipient email addresses are never shown during public verification to protect privacy. Only the information necessary to verify authenticity is displayed.
Certificate Privacy Controls
Certificate holders have control over the visibility of their certificates. This allows individuals to manage their professional credentials while maintaining privacy.
Public (Default)
Certificate appears on the holder's public transcript and can be discovered by anyone viewing their profile.
Visible on public transcript page
Can be shared on LinkedIn
Verifiable via certificate number
Accessible via direct share link
Hidden
Certificate is hidden from the public transcript but remains fully valid and verifiable.
Not shown on public transcript
Still verifiable via certificate number
Direct share link still works
Can be made public again anytime
Managing Certificate Visibility
Certificate holders can manage their certificate visibility at any time:
Visit the Manage Certificates page at /manage-certificates
Enter your email address to receive a secure access link
Click the link in your email to access your certificates
Toggle the visibility of individual certificates using the eye icon
Important
Hiding a certificate only removes it from your public transcript. The certificate remains valid and can still be verified by anyone who has the certificate number or direct share link. This ensures employers can always verify credentials you've shared with them.
User Roles
CertVerify uses role-based access control (RBAC) to manage permissions. Understanding roles helps you set up your team correctly.
Role Hierarchy
CertVerify has two levels of roles: Platform-level (for managing the entire platform) and Organization-level (for managing individual organizations).
Platform Admin
PLATFORM LEVEL
The highest level of access. Platform Admins manage the entire CertVerify instance, including all organizations.
Can Do:
Create new organizations
Manage all organizations
Configure platform settings
View platform-wide logs
Enable/disable org features
Cannot Do:
Issue certificates directly
Create trainings
Manage org users
Note: Platform Admins can "view as" any organization to see their data, but cannot perform organization-level actions.
Organization Roles
These roles operate within a specific organization. Each user belongs to one organization and has one role within it.
Super Admin
FULL ACCESS
Complete control within the organization. Typically assigned to organization owners or senior administrators.
Manage UsersOrganization SettingsAPI KeysAll Certificate ActionsAll Training ActionsView All Logs
Admin
Day-to-day certificate and training management without user administration capabilities.
Read-only access. Can view certificates and trainings but cannot make any changes.
View CertificatesView TrainingsView Dashboard
Permissions Matrix
Quick reference for what each role can do:
Permission
Super Admin
Admin
Training Mgr
Issuer
Viewer
View Dashboard
Issue Certificates
Revoke Certificates
Manage Trainings
Manage Users
Manage API Keys
Organization Settings
View Logs
Best Practices
Principle of Least Privilege: Assign users the minimum role needed for their job function.
Limit Super Admins: Only 1-2 trusted individuals should have Super Admin access.
Use Issuers for Processing: Staff who only process certificate requests should be Issuers, not Admins.
Viewers for Auditors: External auditors or stakeholders who need visibility should be Viewers.
Regular Access Reviews: Periodically review user roles and remove access for departed staff.
Developer API
Integrate CertVerify into your existing systems with our RESTful API. Issue certificates programmatically, automate workflows, and build custom integrations.
Getting Started
The CertVerify API allows you to programmatically manage certificates and trainings. All API endpoints are scoped to your organization and require authentication.
API Access
API access must be enabled for your organization by a Platform Admin. Once enabled, Super Admins can create API keys in the Developers section.
Authentication
All API requests must include an API key in the Authorization header using Bearer token authentication:
Live Keys (cv_live_): For production use. Actions are permanent and affect real data.
Test Keys (cv_test_): For development and testing. May have rate limits or restrictions.
Security Warning
Never expose API keys in client-side code, public repositories, or logs. Treat API keys like passwords. If a key is compromised, revoke it immediately and create a new one.
Base URL
All API requests should be made to:
https://your-domain.com/api/v1
Endpoints
Trainings
GET/api/v1/trainingsList all trainings
Returns a list of all training programs in your organization.
POST/api/v1/certificates/:number/renewRenew a certificate
Renew a competence certificate, creating a new certificate linked to the original.
REQUIRED SCOPE
certificates:issue
POST/api/v1/certificates/:number/revokeRevoke a certificate
Permanently revoke a certificate. This action cannot be undone.
REQUEST BODY
{
"reason": "Policy violation"
}
REQUIRED SCOPE
certificates:revoke
API Scopes
When creating an API key, you select which scopes (permissions) to grant. Use the principle of least privilege: only grant the scopes your integration needs.
Scope
Description
Endpoints
certificates:issue
Issue new certificates and renew existing ones
POST /certificates, POST /certificates/:number/renew
certificates:read
Read certificate details and list certificates
GET /certificates, GET /certificates/:number
certificates:revoke
Revoke certificates (destructive action)
POST /certificates/:number/revoke
trainings:read
Read training programs
GET /trainings, GET /trainings/:code
trainings:write
Create and update training programs
POST /trainings, PUT /trainings/:code
Error Handling
The API uses standard HTTP status codes to indicate success or failure:
200Success: Request completed successfully
201Created: Resource created successfully
400Bad Request: Invalid request body or parameters
401Unauthorized: Missing or invalid API key
403Forbidden: API key lacks required scope
404Not Found: Resource does not exist
429Too Many Requests: Rate limit exceeded
500Server Error: Something went wrong on our end
Rate Limits
API requests are rate limited to ensure fair usage and system stability:
Standard limit: 100 requests per minute per API key
Frequently asked questions about certificate verification, sharing, and security.
Verification
You can verify a certificate by entering the certificate number on our verification page, or by scanning the QR code printed on the certificate. The certificate number is typically found at the bottom of the certificate document.
You only need the certificate number, which looks like "CERT-2026-ABC123-XYZ" or similar. This unique identifier is printed on every certificate and can be used to instantly verify its authenticity.
Verification shows the recipient name, training program, training code, certificate number, issue date, expiry date (if applicable), and the issuing organization. You can also view the full certificate with its original design.
If the QR code is damaged or won't scan, you can manually enter the certificate number on our verification page. The certificate number is displayed on your certificate, typically near the bottom above the signatures.
Yes, verifying a certificate is completely free. Anyone can verify the authenticity of a certificate without creating an account or paying any fees.
Certificate Status
An "Active" status means the certificate is valid and in good standing. The holder has successfully completed the required training or certification and it has not expired or been revoked.
An "Expired" status indicates that the certificate's validity period has ended. Some certifications require periodic renewal to ensure holders maintain current knowledge and skills. The certificate holder should contact the issuing organization to renew their certification.
A "Revoked" status means the certificate has been invalidated by the issuing organization. This could be due to various reasons such as misconduct, failure to meet ongoing requirements, or administrative corrections. Contact the issuing organization for more details.
Completion certificates confirm attendance or completion of a training course and typically don't expire. Competence certificates verify that the holder has demonstrated specific skills or knowledge and usually have an expiry date requiring periodic renewal.
Yes, many certifications can be renewed before or after expiration. The certificate holder should contact the issuing organization to inquire about renewal requirements and procedures. Renewed certificates maintain a link to the original for complete training history.
Sharing Certificates
Open your certificate using the share link provided in your email. Click the "Share" button in the header and select "Add to LinkedIn" to add it to your profile's Licenses & Certifications section, or "Share on LinkedIn" to post it to your feed.
Yes! Use the "Copy Link" option to get a shareable URL that works on any platform. When shared, the link will display a professional preview with your certificate details.
A transcript is a consolidated view of all your certificates from a single email address. Visit the Transcript page, enter your email, and see all your certifications in one place with training codes, organizations, and status indicators.
Click "Hide/Show Certificates" on the verify or transcript page. Enter your email to receive a secure magic link (valid for 1 hour). Use the toggles to hide or show each certificate. Hidden certificates can still be verified directly but won't appear in transcript lookups.
Absolutely. Anyone who clicks on your shared certificate link can instantly verify its authenticity. The verification page shows the certificate status, your name, the training completed, issuing organization, and dates.
Only the information printed on your certificate is visible: your name, the training/certification name, issuing organization, issue date, and expiry date (if applicable). Your email address and other personal details are not displayed.
Security & Trust
Each certificate has a unique, cryptographically generated certificate number that cannot be guessed or duplicated. Our verification system checks this number against our secure database in real-time to confirm authenticity.
No. Our verification system will show "Certificate Not Found" for any number that doesn't exist in our database. Only certificates legitimately issued through our platform can be verified.
We use industry-standard encryption and security practices to protect all certificate data. Our systems are regularly audited and updated to maintain the highest security standards.
No. Once a certificate is issued, its core details (recipient name, training, dates) are permanently recorded. Any verification will show the original, authentic information as issued.
For Employers & Verifiers
Ask the candidate for their certificate number or share link. Enter the certificate number on our verification page to instantly confirm the certificate's authenticity, status, and details.
An expired certificate may simply need renewal. A revoked certificate indicates a more serious issue. In either case, we recommend discussing the status with the candidate and potentially contacting the issuing organization for clarification.
Currently, certificates are verified one at a time through our web interface. For organizations needing bulk verification, please contact the issuing organization about API access.
This feature is available to issuing organizations through our platform. As an employer, we recommend periodically re-verifying certificates for roles where certification status is critical.
Still have questions?
Can't find the answer you're looking for? Contact the issuing organization directly.