Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.quanux.org/llms.txt

Use this file to discover all available pages before exploring further.

The QuanuX server exposes a REST API on port 8080. All endpoints that modify state or access sensitive data require a bearer token passed in the Authorization header. You obtain a token by logging in with your QuanuX credentials, then include it in subsequent requests.

POST /api/auth/login

Exchange your QuanuX username and password for a bearer token. Request body
username
string
required
Your QuanuX account username.
password
string
required
Your QuanuX account password.
client_id
string
Optional. The client ID for machine-to-machine authentication. If omitted, the request authenticates as a user session.
client_secret
string
Optional. The client secret corresponding to client_id.
Response
token
string
Bearer token to include in subsequent API requests.
user_id
string
Unique identifier for the authenticated session.
scopes
array
List of permission scopes granted to this token.
Example 
curl -X POST http://localhost:8080/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "username": "your_username",
    "password": "your_password"
  }'
Response
{
  "token": "eyJ...",
  "user_id": "user_abc123",
  "scopes": ["strategy:read", "strategy:write", "forge:write"]
}

Using the token

Pass the token in the Authorization header for all subsequent API requests: 
curl -X POST http://localhost:8080/api/foundry/forge \
  -H "Authorization: Bearer eyJ..." \
  -H "Content-Type: application/json" \
  -d '{ "component_type": "strategy", "name": "MyStrategy", "target_lang": "python" }'

POST /api/auth/register-client

Register a named API client for machine-to-machine access. Use this when you want to grant a service or script its own credentials rather than using your personal account token. Request body
client_name
string
required
A human-readable name for the client (e.g., "backtest-runner" or "ci-pipeline").
email
string
Optional. Contact email associated with this client.
Response
client_id
string
The generated client ID. Use this as client_id in /api/auth/login requests.
client_secret
string
The generated client secret. Store this securely — it is only shown once.
message
string
Confirmation message.
Example 
curl -X POST http://localhost:8080/api/auth/register-client \
  -H "Authorization: Bearer eyJ..." \
  -H "Content-Type: application/json" \
  -d '{ "client_name": "backtest-runner" }'
Response
{
  "client_id": "client_a3f9c2d1",
  "client_secret": "secret_b4e8a1c7d3f2e901",
  "message": "Client 'backtest-runner' registered successfully."
}
The client_secret is returned only at registration time. Store it in your OS keyring with quanuxctl secrets set — it cannot be retrieved again.

Common authentication errors

StatusMeaning
401 UnauthorizedInvalid username, password, or client credentials
403 ForbiddenToken is valid but lacks the required scope for the requested endpoint