How it works
From reference definition to lifecycle governance.
OBAM combines workflow and category education: it explains how public references should be governed and gives teams the system to run it.
Workflow
Reference lifecycle stages
Step 1
Define the reference
Capture the exact logo, statement, or relationship reference and bind it to policy context before anything goes public.
Step 2
Authorize the reference
Route authorization to legal/IP or approved owners with clear ownership, scope, and accountability.
Step 3
Publish verification
Expose approved references through public verification pages with status, lifecycle context, and safe fields only.
Step 4
Update, expire, or revoke
Use expiry dates, review checkpoints, and revocation actions so public references stay aligned with reality.
Technical endpoint
Verification JSON endpoint for procurement automation
Each public verification page has a machine-readable companion at /verify/[slug].json with status, lifecycle dates, and approved public-safe fields.
- Stable schema metadata for downstream compatibility.
- Current certification status and lifecycle state.
- Public authorization dates and subject identity fields.
- Workflow category plus approved category-specific fields.
Sample response schema
{
"slug": "acme-enterprise-reference",
"status": "active", // active | expired | revoked
"lifecycle": {
"authorized_at": "2026-01-12T10:30:00.000Z",
"expires_at": "2027-01-12T10:30:00.000Z",
"revoked_at": null
},
"subject": {
"organization_name": "Acme Corp",
"reference_type": "customer-logo"
},
"verification_url": "https://obam.dev/verify/acme-enterprise-reference"
}How procurement and security teams use this
Reviewers can pull /verify/[slug].json during diligence to confirm whether a reference is currently authorized, time-bound, or revoked, then store that objective status evidence in vendor review records.
Trust evidence path