Original Pictures
Webflow CMS asset provenance

C2PA Webflow Integration: CMS Asset Provenance

Definition: The Original Pictures Webflow integration signs CMS assets via a webhook so design-led and content sites built on Webflow carry verifiable provenance.

TL;DR: Webflow serves millions of designer-built sites. A CMS webhook that POSTs new assets to the signing API adds provenance to a design-first stack without leaving the Webflow workflow.

Webhook on CMS changes

Webflow can fire a webhook when CMS items change. A small endpoint receives the asset URL, fetches the file, calls the signing API, and writes the manifest reference back to the CMS item, so each published asset carries provenance.

Fit for design teams

Webflow's audience is design-led and often non-engineering. The webhook integration keeps signing out of their hands: set it once, and new assets are signed automatically as content is published.

Display the badge

Bind a verified badge to the CMS field holding the manifest reference, and link it to the open verifier, so visitors can confirm provenance on design-forward pages.

FAQ

Does this require code?

A small webhook receiver is needed once. After that, signing is automatic for the design team.

Where Original Pictures stands today

Original Pictures ships three things today: a Sign API, a Verify API, and the SDKs that wrap them. One POST /v1/sign attaches a C2PA-format manifest, an invisible TrustMark watermark, and an OpenTimestamps anchor. The open-source verifier checks any of it without calling us.

Two things are on the near roadmap, and we name them as roadmap, not as shipped: C2PA Conformance Program recognition (target Q3 2026, until then our manifests use the published C2PA v2.2 format and any C2PA-aware validator can read them, but third-party validators will show our signer as not-yet-listed), and a consumer capture app (Q3 2026). We do not sell a capture SDK, and we do not claim Trust-List membership we do not yet hold.

Bottom line: Fire a Webflow CMS webhook to a signing endpoint so design-led sites carry provenance without changing the content workflow.

Related


Original Pictures is progressing through the C2PA Conformance Program; our signing certificate is not yet on the official C2PA Trust List. Target: Q3 2026. We will not describe ourselves as "C2PA-certified" until it is true.

Original Pictures provides content-provenance infrastructure. It does not by itself constitute legal compliance with the EU AI Act or any other regime; compliance depends on how you deploy it, your disclosures, and your governance. Figures are drawn from public reporting, verify against primary sources before citing in regulated materials. Nothing here is legal advice.

Last verified 2026-05-25. Author: Mahdi Kazempour, Founder, Original Pictures.