QuantumLock™ API Reference
Complete reference for the QuantumLock™ REST API.
Base URL: https://quantumlock.softquantus.com
Version: 1.0.0
Authentication
All authenticated requests require the header X-API-Key:
X-API-Key: your_api_key
Get your API Key at the Portal SoftQuantus.
The API Key format is: qlk_<token> (e.g., qlk_abc123def456...).
Nota: KMS (M2M) endpoints use authentication via
Authorization: Bearer svc_<token>.
Endpoints
Overview
| Method | Endpoint | Auth | Description |
|---|---|---|---|
GET | / | No | API Information |
GET | /health | No | Health check |
POST | /api/v1/licenses/generate | X-API-Key | Generate license |
POST | /api/v1/licenses/validate | X-API-Key | Validate license |
GET | /api/v1/licenses | X-API-Key | List licenses |
GET | /api/v1/licenses/{license_key} | X-API-Key | License details |
POST | /api/v1/licenses/{license_key}/revoke | X-API-Key | Revoke license |
GET | /api/v1/revocations | X-API-Key | Revocation list (SDK sync) |
GET | /api/v1/stats | X-API-Key | Usage statistics |
GET | /api/v1/customers/me | X-API-Key | Account information |
GET | /api/v1/plans | No | Available plans |
POST | /api/v1/kms/sign | Bearer | Sign data (M2M) |
POST | /api/v1/kms/verify | Bearer | Verify signature (M2M) |
Licenses
Generate License
Generates a quantum license for your end customer. Each license is protected with a unique quantum fingerprint generated by QCOS Autopilot.
POST /api/v1/licenses/generate
Headers:
X-API-Key: your_api_key
Content-Type: application/json
Request Body:
| Campo | Tipo | Required | Default | Description |
|---|---|---|---|---|
end_customer_id | string | ✅ | — | Unique ID of your end customer (e.g., email, user_id) |
features | string[] | No | [] | Features to enable in the license |
valid_days | integer | No | 365 | Validity days (1–3650) |
metadata | object | No | null | Custom metadata |
Exemplo:
curl -X POST "https://quantumlock.softquantus.com/api/v1/licenses/generate" \
-H "X-API-Key: qlk_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"end_customer_id": "user@acmecorp.com",
"features": ["premium", "api_access", "analytics"],
"valid_days": 365,
"metadata": {"company": "Acme Corp"}
}'
Response (201 Created):
{
"license_key": "QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320",
"quantum_signature": "a1b2c3d4e5f6...",
"end_customer_id": "user@acmecorp.com",
"features": ["premium", "api_access", "analytics"],
"valid_until": "2026-06-15T10:30:00",
"quantum_verified": true,
"qcos_fidelity": 0.9847,
"security_level": "Quantum-QCOS-16Q",
"generated_at": "2025-06-15T10:30:00"
}
Rate Limits by plan:
| Plano | Licenses/month |
|---|---|
| Free | 100 |
| Startup | 10.000 |
| Business | 100.000 |
| Enterprise | Unlimited |
Erros:
| Code | Description |
|---|---|
401 | Invalid or inactive API Key |
429 | Monthly license limit reached |
500 | Internal generation error |
Validate License
Validates an existing quantum license. Re-generates the quantum state and compares the signature.
POST /api/v1/licenses/validate
Headers:
X-API-Key: your_api_key
Content-Type: application/json
Request Body:
| Campo | Tipo | Required | Description |
|---|---|---|---|
license_key | string | ✅ | License key |
end_customer_id | string | ✅ | End customer ID (must match the generation) |
Exemplo:
curl -X POST "https://quantumlock.softquantus.com/api/v1/licenses/validate" \
-H "X-API-Key: qlk_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"license_key": "QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320",
"end_customer_id": "user@acmecorp.com"
}'
Response (200 OK):
{
"valid": true,
"end_customer_id": "user@acmecorp.com",
"quantum_verified": true,
"message": "License valid"
}
Possible message responses:
valid | message |
|---|---|
true | "License valid" |
false | "License not found or does not match end-customer ID" |
false | "License expired" |
false | "Quantum signature mismatch" |
List Licenses
Lists all licenses generated by your account with pagination and filters.
GET /api/v1/licenses
Headers:
X-API-Key: your_api_key
Query Parameters:
| Parameter | Tipo | Default | Description |
|---|---|---|---|
page | integer | 1 | Page number |
per_page | integer | 50 | Items per page (max: 100) |
status_filter | string | — | Filter by: active, expired, revoked |
Exemplo:
curl "https://quantumlock.softquantus.com/api/v1/licenses?page=1&per_page=20&status_filter=active" \
-H "X-API-Key: qlk_your_api_key"
Response (200 OK):
{
"licenses": [
{
"id": 1,
"license_key": "QCOS-41FB-639F-...",
"end_customer_id": "user@acmecorp.com",
"features": ["premium", "api_access"],
"valid_until": "2026-06-15T10:30:00",
"created_at": "2025-06-15T10:30:00",
"status": "active",
"revoked": false
}
],
"total": 42,
"page": 1,
"per_page": 20,
"total_pages": 3
}
License Details
Returns complete information for a specific license.
GET /api/v1/licenses/{license_key}
Headers:
X-API-Key: your_api_key
Exemplo:
curl "https://quantumlock.softquantus.com/api/v1/licenses/QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320" \
-H "X-API-Key: qlk_your_api_key"
Response (200 OK):
{
"id": 1,
"license_key": "QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320",
"end_customer_id": "user@acmecorp.com",
"features": ["premium", "api_access"],
"valid_until": "2026-06-15T10:30:00",
"created_at": "2025-06-15T10:30:00",
"quantum_signature": "a1b2c3d4e5f6...",
"qcos_fidelity": "0.9847",
"status": "active",
"revoked": false,
"revoked_at": null,
"revoked_reason": null
}
Erros:
| Code | Description |
|---|---|
404 | License not found |
Revoke License
Permanently revokes a license. This action cannot be undone.
POST /api/v1/licenses/{license_key}/revoke
Headers:
X-API-Key: your_api_key
Content-Type: application/json
Request Body:
| Campo | Tipo | Required | Description |
|---|---|---|---|
reason | string | No | Reason for revocation |
Exemplo:
curl -X POST "https://quantumlock.softquantus.com/api/v1/licenses/QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320/revoke" \
-H "X-API-Key: qlk_your_api_key" \
-H "Content-Type: application/json" \
-d '{"reason": "Customer cancelled subscription"}'
Response (200 OK):
{
"success": true,
"license_key": "QCOS-41FB-639F-C30B-14E3-6342-7B3E-6426-9320",
"revoked_at": "2025-06-15T14:30:00",
"reason": "Customer cancelled subscription",
"message": "License revoked successfully"
}
Erros:
| Code | Description |
|---|---|
400 | License already revoked |
404 | License not found |
Revocation List
Returns IDs of revoked licenses for synchronization with the offline SDK.
GET /api/v1/revocations
Headers:
X-API-Key: your_api_key
Query Parameters:
| Parameter | Tipo | Description |
|---|---|---|
since | string (ISO 8601) | Timestamp for incremental sync (optional) |
Exemplo:
curl "https://quantumlock.softquantus.com/api/v1/revocations?since=2025-06-01T00:00:00Z" \
-H "X-API-Key: qlk_your_api_key"
Response (200 OK):
{
"revoked_ids": [
"QCOS-41FB-639F-...",
"QCOS-7A2E-BC31-..."
],
"count": 2,
"timestamp": "2025-06-15T14:30:00"
}
Account and Statistics
Account Information
GET /api/v1/customers/me
Headers:
X-API-Key: your_api_key
Response (200 OK):
{
"id": 1,
"name": "acme_corp",
"email": "admin@acmecorp.com",
"company_name": "Acme Corporation",
"plan": "startup",
"max_licenses_month": 10000,
"licenses_used_month": 342,
"created_at": "2025-01-15T08:00:00",
"email_verified": true
}
Usage Statistics
GET /api/v1/stats
Headers:
X-API-Key: your_api_key
Response (200 OK):
{
"licenses_generated_month": 342,
"licenses_remaining_month": 9658,
"plan": "startup",
"max_licenses_month": 10000
}
Plans
List Available Plans
GET /api/v1/plans
This endpoint does not require authentication.
Response (200 OK):
[
{
"name": "Free",
"price_monthly": "$0",
"licenses_per_month": 100,
"features": ["Basic quantum security", "Email support", "Community access"]
},
{
"name": "Startup",
"price_monthly": "$99",
"licenses_per_month": 10000,
"features": ["Quantum security", "API access", "Priority support", "Analytics dashboard"]
},
{
"name": "Business",
"price_monthly": "$499",
"licenses_per_month": 100000,
"features": ["Advanced quantum", "SLA 99.9%", "24/7 support", "Custom integrations", "White-label option"]
},
{
"name": "Enterprise",
"price_monthly": "Custom",
"licenses_per_month": 999999999,
"features": ["Unlimited licenses", "Dedicated support", "On-premise option", "Custom quantum config", "Legal SLA"]
}
]
KMS (Key Management Service)
M2M (machine-to-machine) endpoints for internal services to sign and verify data with post-quantum cryptography.
KMS Authentication:
Authorization: Bearer svc_<token>
Sign Data
POST /api/v1/kms/sign
Headers:
Authorization: Bearer svc_seu_token
Content-Type: application/json
Request Body:
| Campo | Tipo | Required | Default | Description |
|---|---|---|---|---|
data | string | ✅ | — | Data in Base64 |
key_id | string | No | "default" | Key ID |
algorithm | string | No | "ML-DSA-65" | Signing algorithm |
Algoritmos suportados:
| Algoritmo | Description |
|---|---|
ML-DSA-65 | NIST post-quantum standard (default) |
ML-DSA-87 | Higher security level |
ED25519 | Classical, for compatibility |
Response (200 OK):
{
"signature": "base64_encoded_signature...",
"key_id": "default",
"algorithm": "ML-DSA-65",
"signed_at": "2025-06-15T10:30:00Z",
"data_hash": "sha3_256_hash..."
}
Verify Signature
POST /api/v1/kms/verify
Headers:
Authorization: Bearer svc_seu_token
Content-Type: application/json
Request Body:
| Campo | Tipo | Required | Description |
|---|---|---|---|
data | string | ✅ | Original data in Base64 |
signature | string | ✅ | Signature in Base64 |
key_id | string | No | Key ID (default: "default") |
algorithm | string | No | Algorithm (default: "ML-DSA-65") |
Response (200 OK):
{
"valid": true,
"key_id": "default",
"algorithm": "ML-DSA-65",
"verified_at": "2025-06-15T10:30:00Z",
"data_hash": "sha3_256_hash..."
}
Utilities
Health Check
GET /health
No authentication required.
{
"status": "healthy",
"service": "QuantumLock API",
"qcos_available": true,
"timestamp": "2025-06-15T10:30:00"
}
Root
GET /
No authentication required.
{
"service": "QuantumLock™ API",
"tagline": "Quantum-powered licensing as a service",
"version": "1.0.0",
"docs": "/docs",
"powered_by": "SoftQuantus + QCOS Autopilot",
"get_started": "https://portal.softquantus.com"
}
Error Codes
| HTTP Code | Description |
|---|---|
200 | Success |
201 | Resource created successfully |
400 | Invalid request |
401 | Invalid or inactive API Key |
404 | Resource not found |
429 | Rate limit exceeded |
500 | Internal server error |
Interactive Documentation
| Formato | URL |
|---|---|
| Swagger UI | https://quantumlock.softquantus.com/docs |
| ReDoc | https://quantumlock.softquantus.com/redoc |
| OpenAPI JSON | https://quantumlock.softquantus.com/openapi.json |