API Documentation v1.0

API Reference

Complete REST API documentation for QuantaShield. Build quantum-safe applications with our powerful API.

Get Started View Endpoints

Authentication

All API requests require authentication using an API key. Include your key in the Authorization header.

API Key Authentication

Include your API key in every request using the Bearer authentication scheme:

Authorization: Bearer YOUR_API_KEY

Getting Your API Key

1. Sign up at dashboard.quantashield.io
2. Navigate to Settings → API Keys
3. Click "Generate New Key"
4. Copy and securely store your key

Important: Never commit API keys to version control or share them publicly. Use environment variables to store keys securely.

API Endpoints

Base URL: https://api.quantashield.io

POST/v1/encrypt

Required

Encrypt data using quantum-safe algorithms

Request Body:

data: string (required) - Data to encrypt

algorithm: string (optional) - Algorithm to use (default: ML-KEM-768)

key_id: string (optional) - Specific key ID to use

Response:

encrypted_data: string - Base64 encoded encrypted data

algorithm: string - Algorithm used

key_id: string - Key ID used

timestamp: string - ISO 8601 timestamp

Example Request:

curl -X POST https://api.quantashield.io/v1/encrypt \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "data": "Sensitive customer information",
    "algorithm": "ML-KEM-768"
  }'

POST/v1/decrypt

Required

Decrypt previously encrypted data

Request Body:

encrypted_data: string (required) - Base64 encoded encrypted data

key_id: string (required) - Key ID used for encryption

Response:

data: string - Decrypted data

algorithm: string - Algorithm used

timestamp: string - ISO 8601 timestamp

Example Request:

curl -X POST https://api.quantashield.io/v1/decrypt \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "encrypted_data": "base64_encoded_string",
    "key_id": "key_123456"
  }'

POST/v1/keys/generate

Required

Generate a new encryption key

Request Body:

algorithm: string (required) - Algorithm for key generation

name: string (optional) - Human-readable key name

rotation_period: number (optional) - Auto-rotation period in days

Response:

key_id: string - Generated key ID

algorithm: string - Algorithm used

name: string - Key name

created_at: string - ISO 8601 timestamp

expires_at: string - ISO 8601 timestamp (if rotation enabled)

Example Request:

curl -X POST https://api.quantashield.io/v1/keys/generate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "algorithm": "ML-KEM-768",
    "name": "customer-data-key",
    "rotation_period": 90
  }'

GET/v1/keys

Required

List all encryption keys

Response:

keys: array - List of key objects

total: number - Total number of keys

page: number - Current page

Example Request:

curl -X GET "https://api.quantashield.io/v1/keys?page=1&limit=20" \
  -H "Authorization: Bearer YOUR_API_KEY"

POST/v1/keys/:key_id/rotate

Required

Manually rotate an encryption key

Request Body:

re_encrypt_data: boolean (optional) - Re-encrypt existing data with new key

Response:

old_key_id: string - Previous key ID

new_key_id: string - New key ID

rotated_at: string - ISO 8601 timestamp

re_encrypted_count: number - Number of records re-encrypted

Example Request:

curl -X POST https://api.quantashield.io/v1/keys/key_123/rotate \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"re_encrypt_data": true}'

GET/v1/audit/logs

Required

Retrieve audit logs for compliance

Response:

logs: array - List of audit log entries

total: number - Total number of logs

page: number - Current page

Example Request:

curl -X GET "https://api.quantashield.io/v1/audit/logs?start_date=2024-01-01&end_date=2024-12-31" \
  -H "Authorization: Bearer YOUR_API_KEY"

Error Codes

Standard HTTP response codes indicate the success or failure of API requests.

400 - Bad Request

Invalid request parameters or malformed JSON

401 - Unauthorized

Missing or invalid API key

403 - Forbidden

API key does not have required permissions

404 - Not Found

Requested resource does not exist

429 - Too Many Requests

Rate limit exceeded

500 - Internal Server Error

Server error - contact support if persists

503 - Service Unavailable

Temporary service disruption

Error Response Format

All error responses follow this structure:

{
  "error": {
    "code": 400,
    "message": "Invalid request parameters",
    "details": "The 'algorithm' field is required",
    "request_id": "req_abc123",
    "timestamp": "2024-01-15T10:30:00Z"
  }
}

Rate Limits

API rate limits are enforced per organization to ensure fair usage and platform stability.

1,000

Requests/hour

Starter Plan

10,000

Requests/hour

Professional Plan

Custom

Unlimited

Enterprise Plan

Rate Limit Headers

All responses include rate limit information in headers:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 987
X-RateLimit-Reset: 1705315800

When rate limit is exceeded, you'll receive a 429 Too Many Requests response with a Retry-After header.

Official SDKs

Use our official SDKs to integrate QuantaShield in your preferred language.

🐍

Python SDK

pip install quantashield

Documentation GitHub

🟢

Node.js SDK

npm install @quantashield/sdk

Documentation GitHub

🐹

Go SDK

go get github.com/quantashield/sdk-go

Documentation GitHub

☕

Java SDK

Maven/Gradle dependency

Documentation GitHub

Need Help?

Our developer support team is available to help you integrate QuantaShield into your applications.

Join Discord Community Contact Support