Getting Started Overview
QNSP is an API-first platform providing tenant-scoped security primitives: identity, key management, secrets, encrypted storage, audit, and crypto posture workflows.
Overview
QNSP is an API-first platform providing tenant-scoped security primitives: identity, key management, secrets, encrypted storage, audit, and crypto posture workflows.
QNSP was conceived, architected, and engineered starting in Dec 2020. The current monorepo was bootstrapped in Nov 2025.
Monorepo:
@qnsp/monorepov0.0.1
Node.js: ≥24.12.0 | pnpm: ≥10.25.0
What QNSP Provides
- Identity & Auth: PQC-signed JWTs (ML-DSA), refresh tokens, service accounts, RBAC, WebAuthn passkeys, social OAuth (GitHub, Google, Microsoft, GitLab, Bitbucket), enterprise OIDC/SAML federation, linked external identities
- KMS: Key generation, rotation, BYOK import
- Secrets: Secure storage with TTL and rotation
- Storage: Encryption at rest
- Audit: Immutable event logs and Merkle checkpointing
- Crypto Posture: Discovery, exposure analysis, migration planning, readiness, and evidence workflows
How customers typically start
There are two common starting paths:
- Build-first: create a tenant, generate credentials, and integrate QNSP SDKs or APIs into a new workload
- Migration-first: connect external sources, run discovery, analyze exposure, then cut production trust dependencies over to QNSP
The migration path is documented in Migration Journey to QNSP.
Service Map
Ports derived from apps/*/src/config/env.ts:
| Service | Default Port | Purpose |
|---|---|---|
platform-api |
8080 | Platform management API |
auth-service |
8081 | Token issuance, WebAuthn, identity |
vault-service |
8090 | Secrets management |
storage-service |
8092 | Encrypted object storage |
ai-orchestrator |
8094 | AI/ML workload orchestration |
kms-service |
8095 | Key management, HSM integration |
search-service |
8101 | Searchable encryption queries |
access-control-service |
8102 | Policy evaluation, RBAC |
audit-service |
8103 | Event logging, Merkle checkpointing |
security-monitoring-service |
8104 | Threat detection |
observability-service |
8105 | Metrics, OTLP |
billing-service |
8106 | Subscription, usage metering |
edge-gateway |
8107 | Ingress, WAF, DDoS, rate limiting |
tenant-service |
8108 | Tenant provisioning |
crypto-inventory-service |
8115 | Cryptographic asset tracking |