NavCore API Overview

Base URL

Production: https://api.softquantus.com/api/v2/navcore
Sandbox:    https://sandbox.softquantus.com/api/v2/navcore

Authentication

All requests require Bearer token authentication:

curl -H "Authorization: Bearer YOUR_API_KEY" \
     https://api.softquantus.com/api/v2/navcore/...

Endpoints Summary

Positioning

Method	Endpoint	Description
POST	`/position`	Get authenticated position
POST	`/position/stream`	WebSocket position stream
GET	`/position/latest`	Get cached latest position

Timing

Method	Endpoint	Description
POST	`/timing`	Get quantum-authenticated time
GET	`/timing/status`	Get timing system status
POST	`/timing/sync`	Force timing synchronization

Spoofing Detection

Method	Endpoint	Description
GET	`/spoofing/status`	Current spoofing status
POST	`/spoofing/analyze`	Analyze signal for threats
GET	`/spoofing/history`	Threat detection history

Holdover

Method	Endpoint	Description
GET	`/holdover/status`	Holdover system status
POST	`/holdover/calibrate`	Calibrate holdover
GET	`/holdover/metrics`	Holdover performance metrics

Evidence

Method	Endpoint	Description
POST	`/evidence`	Generate position evidence
GET	`/evidence/{bundle_id}`	Get evidence bundle
POST	`/evidence/verify`	Verify evidence bundle

Integrity

Method	Endpoint	Description
GET	`/integrity`	Get integrity metrics
GET	`/integrity/constellation`	Per-constellation integrity

Quick Examples

Get Authenticated Position

curl -X POST https://api.softquantus.com/api/v2/navcore/position \
  -H "Authorization: Bearer $QCOS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "authenticate": true,
    "spoofing_check": true,
    "generate_evidence": true
  }'

Response:

{
  "success": true,
  "data": {
    "position": {
      "latitude": 59.436962,
      "longitude": 24.753574,
      "altitude": 45.2,
      "accuracy_m": 0.8,
      "timestamp": "2026-02-06T12:00:00.000000Z"
    },
    "integrity": {
      "score": 0.985,
      "spoofing_detected": false,
      "holdover_active": false
    },
    "evidence_bundle_id": "nav_ev_abc123",
    "signature": {
      "algorithm": "ML-DSA-65",
      "value": "base64:..."
    }
  }
}

Get Quantum Timing

curl -X POST https://api.softquantus.com/api/v2/navcore/timing \
  -H "Authorization: Bearer $QCOS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "fallback_to_holdover": true
  }'

Response:

{
  "success": true,
  "data": {
    "utc": "2026-02-06T12:00:00.000000000Z",
    "tai": "2026-02-06T12:00:37.000000000Z",
    "gps_week": 2352,
    "gps_tow": 388800.000000,
    "source": "gps",
    "accuracy_ns": 50,
    "leap_seconds": 37
  }
}

Check Spoofing Status

curl https://api.softquantus.com/api/v2/navcore/spoofing/status \
  -H "Authorization: Bearer $QCOS_API_KEY"

Response:

{
  "success": true,
  "data": {
    "status": "clear",
    "confidence": 0.99,
    "last_check": "2026-02-06T12:00:00Z",
    "checks_performed": [
      {"type": "doppler_consistency", "result": "pass"},
      {"type": "multi_constellation", "result": "pass"},
      {"type": "carrier_phase", "result": "pass"},
      {"type": "ml_anomaly", "result": "pass"}
    ]
  }
}

Response Format

Success Response

{
  "success": true,
  "data": { ... },
  "meta": {
    "request_id": "req_abc123",
    "timestamp": "2026-02-06T12:00:00Z"
  }
}

Error Response

{
  "success": false,
  "error": {
    "code": "SPOOFING_DETECTED",
    "message": "Position cannot be trusted - spoofing attack detected",
    "details": {
      "threat_type": "gradual_offset",
      "confidence": 0.95
    }
  }
}

Error Codes

Code	HTTP	Description
`UNAUTHORIZED`	401	Invalid API key
`RATE_LIMITED`	429	Rate limit exceeded
`SPOOFING_DETECTED`	409	Spoofing attack detected
`NO_SATELLITES`	503	No GNSS satellites available
`HOLDOVER_EXPIRED`	503	Holdover exceeded max duration
`CALIBRATION_NEEDED`	400	Holdover calibration required
`INVALID_REQUEST`	400	Malformed request

Rate Limits

Plan	Requests/min	Positions/month
Pro	300	50,000
Enterprise	Custom	Unlimited

WebSocket Streaming

For real-time position updates:

const ws = new WebSocket('wss://api.softquantus.com/api/v2/navcore/position/stream');

ws.onopen = () => {
  ws.send(JSON.stringify({
    api_key: 'qcos_live_...',
    rate_hz: 10,
    authenticate: true
  }));
};

ws.onmessage = (event) => {
  const position = JSON.parse(event.data);
  console.log(`${position.latitude}, ${position.longitude}`);
};

SDK Reference

For typed interfaces and convenience methods:

Python SDK
C/C++ SDK (Enterprise)
Rust SDK (Enterprise)

Base URL​

Authentication​

Endpoints Summary​

Positioning​

Timing​

Spoofing Detection​

Holdover​

Evidence​

Integrity​

Quick Examples​

Get Authenticated Position​

Get Quantum Timing​

Check Spoofing Status​

Response Format​

Success Response​

Error Response​

Error Codes​

Rate Limits​

WebSocket Streaming​

SDK Reference​

Base URL

Authentication

Endpoints Summary

Positioning

Timing

Spoofing Detection

Holdover

Evidence

Integrity

Quick Examples

Get Authenticated Position

Get Quantum Timing

Check Spoofing Status

Response Format

Success Response

Error Response

Error Codes

Rate Limits

WebSocket Streaming

SDK Reference