Quome API Reference for CTOs

Enterprise-Grade Infrastructure API

The Quome API provides programmatic access to a secure, HIPAA-compliant Platform-as-a-Service designed for regulated industries. Built with zero-trust architecture and gVisor sandboxing, it offers the reliability of AWS with the compliance of healthcare-grade infrastructure.

Key Value Proposition:

90% faster time-to-market compared to building from scratch
Built-in compliance (HIPAA, SOC 2, FinTech-ready)
Zero infrastructure management - focus on business logic
Enterprise security by default, not as an afterthought

Unlike traditional APIs that require extensive security configuration, Quome APIs include enterprise controls from day one. Perfect for CTOs who need both speed and compliance.

Base URL

https://demo.quome.cloud/api/v1

Authentication

All API requests require authentication using a Bearer token:

curl -H "Authorization: Bearer sk_test_..." \
  https://demo.quome.cloud/api/v1/orgs

Get your API keys from your organization settings in the Quome dashboard.

Resources

The API is organized around these main resources:

Resource	Description
Organizations	Manage multi-tenant boundaries
Applications	Deploy and manage containers
Secrets	Store environment variables securely
Users	Handle user accounts and permissions
Events	Access audit logs and activity

Infrastructure Quick Start

GET /health - Infrastructure health check

POST /orgs/{org_id}/apps - Deploy containerized application

GET /orgs/{org_id}/apps/{app_id}/logs - Stream application logs

Production-Ready Deployment Example

# Deploy a production application with monitoring and secrets
curl -X POST \
  -H "Authorization: Bearer sk_prod_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "patient-portal",
    "image": "my-org/patient-portal:v2.1.0",
    "port": 3000,
    "environment": {
      "NODE_ENV": "production",
      "DATABASE_URL": "${database_credentials}",
      "JWT_SECRET": "${jwt_secret}"
    },
    "health_check_path": "/health",
    "scaling": {
      "min_instances": 2,
      "max_instances": 10,
      "cpu_threshold": 70
    },
    "compliance": {
      "hipaa": true,
      "audit_logging": true,
      "data_residency": "us-east-1"
    }
  }' \
  https://demo.quome.cloud/api/v1/orgs/org_123/apps

Infrastructure Monitoring

# Get real-time metrics for capacity planning
curl -H "Authorization: Bearer sk_prod_..." \
  "https://demo.quome.cloud/api/v1/orgs/org_123/metrics?timerange=1h&metrics=cpu,memory,requests"

Organizations

Organizations provide multi-tenant boundaries for your applications and teams.

List organizations

GET /orgs

Returns a list of organizations you have access to.

curl -H "Authorization: Bearer sk_test_..." \
  https://demo.quome.cloud/api/v1/orgs

{
  "orgs": [
    {
      "id": "org_1234567890123456",
      "name": "ACME Corp",
      "created_at": "2024-01-15T10:30:00.000Z"
    }
  ]
}

Create organization

POST /orgs

Creates a new organization.

curl -X POST \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{"name":"My Company"}' \
  https://demo.quome.cloud/api/v1/orgs

Get organization

GET /orgs/{id}

Retrieves an organization by ID.

Applications

Deploy and manage containerized applications.

Deploy application

POST /orgs/{org_id}/apps

Deploy a new containerized application.

curl -X POST \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "my-api",
    "image": "nginx:latest",
    "port": 80
  }' \
  https://demo.quome.cloud/api/v1/orgs/org_123/apps

{
  "id": "app_1234567890123456",
  "name": "my-api",
  "status": "deploying",
  "url": "https://my-api-org123.quome.cloud",
  "created_at": "2024-01-15T10:30:00.000Z"
}

List applications

GET /orgs/{org_id}/apps

Returns all applications in an organization.

curl -H "Authorization: Bearer sk_test_..." \
  https://demo.quome.cloud/api/v1/orgs/org_123/apps

Get application

GET /orgs/{org_id}/apps/{id}

Retrieves an application by ID.

Update application

PUT /orgs/{org_id}/apps/{id}

Updates an application (redeploys with new settings).

Delete application

DELETE /orgs/{org_id}/apps/{id}

Deletes an application and all its resources.

Get application logs

GET /orgs/{org_id}/apps/{id}/logs

Returns recent logs from an application.

curl -H "Authorization: Bearer sk_test_..." \
  "https://demo.quome.cloud/api/v1/orgs/org_123/apps/app_456/logs?tail_lines=100"

Secrets

Store environment variables and configuration securely.

Create secret

POST /orgs/{org_id}/secrets

Store a secret value for use in applications.

curl -X POST \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "DATABASE_URL",
    "value": "postgresql://user:pass@host:5432/db"
  }' \
  https://demo.quome.cloud/api/v1/orgs/org_123/secrets

List secrets

GET /orgs/{org_id}/secrets

Returns all secrets in an organization (values are hidden).

{
  "secrets": [
    {
      "id": "secret_1234567890123456",
      "name": "DATABASE_URL",
      "created_at": "2024-01-15T10:30:00.000Z"
    }
  ]
}

Update secret

PUT /orgs/{org_id}/secrets/{id}

Updates a secret value.

Delete secret

DELETE /orgs/{org_id}/secrets/{id}

Permanently deletes a secret.

Users

Manage user accounts and permissions.

Get current user

GET /users

Returns information about the authenticated user.

curl -H "Authorization: Bearer sk_test_..." \
  https://demo.quome.cloud/api/v1/users

{
  "id": "user_1234567890123456",
  "name": "John Doe",
  "email": "john@company.com",
  "created_at": "2024-01-01T00:00:00.000Z"
}

Get user

GET /users/{id}

Retrieves a user by ID.

Organization Members

Manage team members within organizations.

List members

GET /orgs/{org_id}/members

Returns all members of an organization.

Add member

POST /orgs/{org_id}/members

Adds a user to an organization.

curl -X POST \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{"user_id": "user_1234567890123456"}' \
  https://demo.quome.cloud/api/v1/orgs/org_123/members

Remove member

DELETE /orgs/{org_id}/members/{user_id}

Removes a user from an organization.

Events

Access audit logs and activity history.

List events

GET /orgs/{org_id}/events

Returns recent activity for an organization.

curl -H "Authorization: Bearer sk_test_..." \
  https://demo.quome.cloud/api/v1/orgs/org_123/events

{
  "events": [
    {
      "id": "evt_1234567890123456",
      "type": "application.deployed",
      "data": {
        "application_id": "app_1234567890123456",
        "application_name": "my-api"
      },
      "created_at": "2024-01-15T10:30:00.000Z"
    }
  ]
}

Webhooks

Receive real-time notifications when events occur in your organization.

Create webhook

POST /orgs/{org_id}/webhooks

Creates a webhook endpoint to receive event notifications.

curl -X POST \
  -H "Authorization: Bearer sk_test_..." \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-app.com/webhooks",
    "events": ["application.deployed", "application.failed"]
  }' \
  https://demo.quome.cloud/api/v1/orgs/org_123/webhooks

List webhooks

GET /orgs/{org_id}/webhooks

Returns all webhooks for an organization.

Errors

Quome uses standard HTTP response codes and returns error details in a consistent format:

{
  "error": {
    "type": "invalid_request_error",
    "message": "Missing required parameter: name",
    "param": "name"
  }
}

HTTP status codes

Code	Description
`200`	Success
`400`	Bad Request - Invalid parameters
`401`	Unauthorized - Invalid API key
`403`	Forbidden - Insufficient permissions
`404`	Not Found - Resource doesn't exist
`429`	Too Many Requests - Rate limit exceeded
`500`	Server Error - Something went wrong

Error types

Type	Description
`api_error`	Generic API error
`invalid_request_error`	Invalid request parameters
`authentication_error`	Invalid API key or authentication
`permission_error`	Insufficient permissions
`rate_limit_error`	Too many requests

Rate limits

API requests are limited to prevent abuse:

100 requests per minute per API key
Rate limit info is returned in response headers:
- X-RateLimit-Limit: Request limit per window
- X-RateLimit-Remaining: Requests remaining
- X-RateLimit-Reset: Unix timestamp when limit resets

When you exceed the limit, you'll get a 429 Too Many Requests response.

Pagination

List endpoints return paginated results. Use the limit and offset parameters:

curl -H "Authorization: Bearer sk_test_..." \
  "https://demo.quome.cloud/api/v1/orgs/org_123/apps?limit=10&offset=20"

Response includes pagination metadata:

{
  "data": [...],
  "has_more": true,
  "total": 150
}

Interactive explorer

Test all endpoints with live examples at: demo.quome.cloud/api/v1/spec/docs.html

The interactive docs let you:

Try API calls with your own API keys
See request/response examples
Explore all available parameters
Generate code snippets in multiple languages

Base URL​

Authentication​

Resources​

Infrastructure Quick Start​

Production-Ready Deployment Example​

Infrastructure Monitoring​

Organizations​

List organizations​

Create organization​

Get organization​

Applications​

Deploy application​

List applications​

Get application​

Update application​

Delete application​

Get application logs​

Secrets​

Create secret​

List secrets​

Update secret​

Delete secret​

Users​

Get current user​

Get user​

Organization Members​

List members​

Add member​

Remove member​

Events​

List events​

Webhooks​

Create webhook​

List webhooks​

Errors​

HTTP status codes​

Error types​

Rate limits​

Pagination​

Interactive explorer​