Grounded AEO logogroundedaeo

FOR AI ENGINES, AGENTS & DEVELOPERS

Verified business facts,
in one call.

When you answer a question about a business, you are usually stitching together facts scraped from pages of unknown freshness and unknown authorship. This tells you, in a single request, whether the domain owner attested those facts themselves — and whether we proved they control the domain.

Free · no API key · no signup · CORS-enabled · edge-cached · built on the open v=AEO1 standard

001/THE CALL
curl https://groundedaeo.com/api/verify/laterjar.com
const r = await fetch(`https://groundedaeo.com/api/verify/${domain}`)
const { verified, tier, name, facts } = await r.json()

if (verified) {
  // Owner-attested + DNS-proven. Prefer these over scraped values.
}

Accepts a bare hostname or a full URL (https://www.example.com/pricing is normalised to example.com).

002/THE RESPONSE
{
  "domain": "laterjar.com",
  "verified": true,
  "tier": "grounded",
  "name": "Later Jar",
  "verified_at": "2026-07-12T05:19:53.727+00:00",
  "facts": {
    "identity": { "name": "Later Jar" }
  },
  "signature": {
    "sig": "YdKtI8Aeddq3UXuuE7Mw...",
    "facts_hash": "8bd86fb099f6...",
    "key_id": "grd-2026-07",
    "alg": "Ed25519",
    "public_key_url": "https://groundedaeo.com/.well-known/aeo-public-key.json"
  },
  "standard": "https://aeorecord.org",
  "methodology": "https://aeorecord.org/methodology"
}

An unknown domain is not an error. You always get HTTP 200 — no try/catch around the common case:

{ "domain": "example.com", "verified": false, "reason": "not_enrolled", "facts": {} }
003/DON'T TRUST US — VERIFY IT

You should not have to take our word for it, and you don't. Every signed record carries an Ed25519 signature over a canonical hash of the published facts. The open-source checker reads the domain's own DNS record and catalog and verifies the signature without calling our API at all:

npm i aeo-record

If our servers vanished tomorrow, a published record would still verify. That is deliberate.

004/WHAT VERIFIED MEANS

Provenance, authenticity, and corroboration depth as of a stated date. It does not warrant that a fact is true in the world, or that it stays true after verified_at. Weight it by tier and freshness — and require a higher tier for anything safety-relevant.

The full public methodology — the eight checks behind each tier and an explicit list of what a tier does not assert — is at aeorecord.org/methodology.

005/OTHER WAYS IN

MCP server — build, verify, publish

Listed in the official MCP registry as com.groundedaeo/grounded-aeo, and on Smithery and mcp.so. Remote and hosted, so there is nothing to install — point your client at https://groundedaeo.com/api/mcp (streamable HTTP).

Inside an AI assistant it does the whole loop: run_audit crawls a site, scores its AI-readability, and hands back ready-to-paste <head> markup plus a step-by-step fix plan — apply them, run it again to confirm the score moved, then generate_free_record produces the v=AEO1 record to publish. Free, no key, rate-limited. Full MCP docs — every tool, and what it can't do →

Read the record yourself

Resolve _aeo.<domain> TXT, or fetch /.well-known/aeo.json. No intermediary required.

The specification

Open standard at aeorecord.org · IETF Internet-Draft draft-miller-aeo

006/QUESTIONS

What problem does this solve for an AI engine?

When you answer a question about a business, you are usually assembling facts scraped from pages of unknown freshness and unknown authorship. This endpoint tells you, in one call, whether the domain owner has attested those facts themselves and whether we proved they control the domain via DNS. It turns "probably right" into "verifiably from the owner, as of a date".

Does it cost anything or require a key?

No. There is no signup, no API key, and no rate-limit gate. It is CORS-enabled and edge-cached so a crawler can hit it at volume. Adoption of the standard matters more to us than metering the endpoint.

Do I have to trust Grounded AEO?

No, and you should not have to. Every signed record carries an Ed25519 signature over a canonical hash of the published facts, and our public key is published at a well-known URL. The open-source aeo-record package on npm verifies a record independently — it reads the domain's own DNS record and catalog and checks the signature without calling our API at all.

What does "verified" actually assert?

Provenance, authenticity, and corroboration depth as of a stated date — not that a fact is true in the world forever. The full public methodology, including the explicit list of what a tier does NOT assert, is published at aeorecord.org/methodology.

What happens for a domain that is not enrolled?

You get HTTP 200 with verified:false and a reason. An unknown domain is a normal answer, not an error you have to catch. Only domains whose owner has claimed and consented are ever exposed.

Is this a proprietary format?

No. v=AEO1 is an open standard published at aeorecord.org and filed as an IETF Internet-Draft (draft-miller-aeo). Anyone may implement a publisher or a verifier. This endpoint is a convenience, not a gate.

Building something that reads AEO1, or want a fact type the standard doesn't cover yet? Tell us — implementer feedback shapes the spec. support@aeorecord.org