🠛
QuantaVirt ›
Management API
Management API
QV-API-001
Rev 1.0 — January 2026
QuantaVirt exposes a dual-protocol management API — REST (HTTP/JSON) and gRPC (Protobuf) — for programmatic control of VMs, storage, networks, and PQC operations. Both protocols offer the same functionality; choose REST for simplicity or gRPC for high-performance automation.
API Overview #
Protocol Transport Default Endpoint Use Case
REST HTTP/1.1 + JSON http://127.0.0.1:9400/api/v1Scripts, curl, web dashboards, simple integrations gRPC HTTP/2 + Protobuf 127.0.0.1:9401High-performance clients, orchestrators, SDKs Unix Socket HTTP/1.1 + JSON /var/run/quantavirt/api.sockLocal CLI, same-host automation
REST API #
All REST endpoints are prefixed with /api/v1. Requests and responses use JSON. Standard HTTP methods apply: GET (read), POST (create/action), PUT (replace), PATCH (partial update), DELETE (remove).
# Base URL
http://127.0.0.1:9400/api/v1
# Common headers
Content-Type: application/json
Authorization: Bearer <token>VM Endpoints #
Method Endpoint Description
GET /vmsList all VMs POST /vmsCreate a VM GET /vms/{name}Get VM details PATCH /vms/{name}Update VM configuration DELETE /vms/{name}Destroy VM POST /vms/{name}/startStart VM POST /vms/{name}/stopStop VM (body: {"force": false}) POST /vms/{name}/pausePause VM POST /vms/{name}/resumeResume VM POST /vms/{name}/resetHard reset VM POST /vms/{name}/migrateInitiate live migration POST /vms/{name}/cloneClone VM GET /vms/{name}/statsGet real-time VM stats (CPU, memory, I/O) POST /vms/{name}/attestGenerate attestation report GET /vms/{name}/snapshotsList snapshots POST /vms/{name}/snapshotsCreate snapshot POST /vms/{name}/snapshots/{snap}/restoreRestore snapshot DELETE /vms/{name}/snapshots/{snap}Delete snapshot
Example: Create and Start a VM
# Create VM
curl -X POST http://127.0.0.1:9400/api/v1/vms \
-H "Content-Type: application/json" \
-d '{
"name": "web-01",
"cpu": { "count": 2 },
"memory": { "size": "2G" },
"devices": {
"storage": [{ "type": "virtio-blk", "path": "web-server", "format": "qcow2" }],
"network": [{ "type": "virtio-net", "network": "default" }]
}
}'
# {"name":"web-01","state":"CREATED","uuid":"a1b2c3d4-..."}
# Start VM
curl -X POST http://127.0.0.1:9400/api/v1/vms/web-01/start
# {"name":"web-01","state":"RUNNING"}
# Get VM stats
curl http://127.0.0.1:9400/api/v1/vms/web-01/stats
# {"cpu_percent":12.5,"memory_used":"512M","disk_read_iops":342,...} Storage Endpoints #
Method Endpoint Description
GET /storageList disk images POST /storageCreate disk image GET /storage/{name}Get disk details PATCH /storage/{name}Resize disk DELETE /storage/{name}Delete disk image POST /storage/{name}/convertConvert format POST /storage/{name}/compactCompact QCOW2 POST /storage/{name}/checkVerify integrity POST /storage/{name}/rekeyRotate encryption key GET /storage/poolsList storage pools POST /storage/poolsAdd storage pool
Network Endpoints #
Method Endpoint Description
GET /networksList virtual networks POST /networksCreate network GET /networks/{name}Get network details PATCH /networks/{name}Update network settings DELETE /networks/{name}Delete network GET /networks/{name}/rulesList firewall rules POST /networks/{name}/rulesAdd firewall rule GET /networks/{name}/forwardsList port forwards POST /networks/{name}/forwardsAdd port forward GET /networks/{name}/dhcpList DHCP leases GET /networks/{name}/tunnelGet PQC tunnel status
PQC Endpoints #
Method Endpoint Description
GET /pqc/statusPQC backend status (QUAC 100 / software) POST /pqc/self-testRun PQC self-tests POST /pqc/benchmarkRun PQC benchmarks GET /pqc/keysList keys POST /pqc/keysGenerate keypair GET /pqc/keys/{name}Get key details DELETE /pqc/keys/{name}Delete key POST /pqc/keys/{name}/rotateRotate key GET /pqc/keys/{name}/publicExport public key POST /pqc/verifyVerify attestation report
System Endpoints #
Method Endpoint Description
GET /system/infoHost information (CPU, memory, version) GET /system/statsReal-time host resource stats GET /system/ccConfidential computing capabilities GET /system/iommuIOMMU groups and devices GET /system/configActive hypervisor configuration GET /audit/eventsQuery audit events
gRPC API #
The gRPC API uses Protocol Buffers for serialization and HTTP/2 for transport. It provides the same functionality as the REST API but with higher throughput, streaming support, and strongly-typed client generation.
// Proto definition (quantavirt.proto)
syntax = "proto3";
package quantavirt.v1;
service VmService {
rpc ListVms(ListVmsRequest) returns (ListVmsResponse);
rpc CreateVm(CreateVmRequest) returns (VmInfo);
rpc GetVm(GetVmRequest) returns (VmInfo);
rpc StartVm(VmActionRequest) returns (VmInfo);
rpc StopVm(StopVmRequest) returns (VmInfo);
rpc PauseVm(VmActionRequest) returns (VmInfo);
rpc ResumeVm(VmActionRequest) returns (VmInfo);
rpc MigrateVm(MigrateRequest) returns (stream MigrateProgress);
rpc WatchVmEvents(WatchRequest) returns (stream VmEvent);
}
service PqcService {
rpc GetStatus(Empty) returns (PqcStatus);
rpc GenerateKey(KeyGenRequest) returns (KeyInfo);
rpc Attest(AttestRequest) returns (AttestReport);
}Event Streams #
Both REST (Server-Sent Events) and gRPC (streaming RPC) support real-time event notifications for VM state changes, migration progress, and security events.
# REST: Server-Sent Events
curl -N http://127.0.0.1:9400/api/v1/events
# event: vm.state_changed
# data: {"vm":"web-01","from":"STOPPED","to":"RUNNING","timestamp":"2026-01-15T10:00:00Z"}
# event: migration.progress
# data: {"vm":"db-01","progress":0.45,"transferred":"12 GiB","remaining":"15 GiB"}
# event: pqc.key_rotated
# data: {"key":"storage-master","algorithm":"ML-KEM-768","timestamp":"..."} Authentication #
# Generate an API token
quantavirt system token-create --name automation --scopes "vm:read,vm:write,storage:read"
# Token: qvt_a1b2c3d4e5f6...
# Use token in requests
curl -H "Authorization: Bearer qvt_a1b2c3d4e5f6..." \
http://127.0.0.1:9400/api/v1/vms
# Unix socket access uses filesystem permissions (no token required for root) Error Handling #
// Error response format
{
"error": {
"code": "VM_NOT_FOUND",
"message": "VM 'web-99' does not exist",
"details": {}
}
}
// HTTP status codes
// 200 — Success
// 201 — Created
// 400 — Bad request (validation error)
// 401 — Unauthorized (missing/invalid token)
// 403 — Forbidden (insufficient scope)
// 404 — Not found
// 409 — Conflict (e.g. VM already running)
// 500 — Internal server error Client SDKs #
Language Package Protocol
Rust quantavirt-client (crates.io)gRPC (tonic) + REST (reqwest) Python quantavirt (PyPI)REST (httpx) + gRPC (grpcio) Go github.com/dyber-pqc/quantavirt-gogRPC (google.golang.org/grpc) TypeScript @dyber/quantavirt (npm)REST (fetch)