Skip to main content

Documentation Index

Fetch the complete documentation index at: https://quintus.tec.br/docs/llms.txt

Use this file to discover all available pages before exploring further.

Two mechanisms

X-API-Key

The X-API-Key starts the conversation with the Quintus backend. It is used to create the conversation_id and generate the initial session_token that will be used from that point on. Use this header to:
  • create the conversation;
  • refresh the conversation token when needed;
  • authenticate calls made outside the conversation context.
Create or manage your API keys at app.quintus.tec.br/settings/api-keys. For public agents, use keys in the qts-pk-... format.

Authorization: Bearer <session_token>

The session_token is a short-lived token scoped to a single conversation. After the conversation is created, the client uses this token to interact with the agent without exposing the public API key on every request. Use the session_token to:
  • send messages;
  • retrieve the conversation;
  • stream responses;
  • upload files;
  • terminate the session;
  • send feedback.

Recommendations

  • Do not expose private API keys in public frontends.
  • Handle token expiration in the client.
  • Keep the session_token only while the conversation is active.
  • Honor Retry-After on 429 responses.