# Quantum Partner API

> RESTful API for integrating lending capabilities into partner platforms

The Quantum Partner API enables partners to submit loan applications (directly or via prefill), manage documents, handle offers, service accounts, and receive real-time webhook notifications. A full sandbox environment is available for end-to-end integration testing.

For a single-fetch bundle of the full documentation and a structured summary of the OpenAPI spec, see [llms-full.txt](https://docs.quantumlends.com/llms-full.txt).

## Documentation

- [Getting Started Guide](https://docs.quantumlends.com/content/getting-started.md): Authentication, first application, common workflows, bank accounts
- [Prefill Applications Guide](https://docs.quantumlends.com/content/prefill-applications.md): Start an application on behalf of an applicant with partial data, then hand off a completion link
- [Embedded Contract Signing Guide](https://docs.quantumlends.com/content/embedded-signing.md): Embed loan agreement signing in your own UI with the Embedded Signing SDK — Quantum events, CDN install with Subresource Integrity, and iframe/CSP/X-Frame-Options guidance
- [Sandbox Environment Guide](https://docs.quantumlends.com/content/sandbox-environment.md): Sandbox host, magic values, controlling application outcomes, end-to-end test scenarios
- [Migration Guide](https://docs.quantumlends.com/content/migration-guide.md): Upgrading from previous API versions
- [Mutual TLS (mTLS) Onboarding](https://docs.quantumlends.com/content/mtls.md): Optional mutual TLS authentication for enterprise partners with compliance requirements. Layered on top of the standard Bearer-token auth.
- [Webhooks Overview](https://docs.quantumlends.com/content/webhooks-overview.md): Event types and application lifecycle
- [Webhooks Integration Guide](https://docs.quantumlends.com/content/webhooks-guide.md): Technical implementation including HMAC signatures, optional OAuth2 client-credentials Bearer tokens for inbound delivery, and optional per-event delivery filters
- [OpenAPI Spec](https://docs.quantumlends.com/merged-api.json): Machine-readable API specification (OpenAPI 3.1)

## Tools and Examples

- [Sandbox Test Runner](https://docs.quantumlends.com/sandbox-test.html): Browser UI for running end-to-end sandbox scenarios against your API key
- [Embedded Signing Demo](https://docs.quantumlends.com/embedded-signing-demo.html): Browser UI that loads the live Embedded Signing SDK and opens a contract with a signing token
- [E2E Sandbox Test Script](https://docs.quantumlends.com/examples/e2e-sandbox-test.mjs): Runnable Node.js script that walks an application through the full lifecycle in the sandbox

## Capabilities

### Applications
- Submit loan applications with business, owner, and loan request details
- Start an application via prefill (partial data + applicant completion link)
- Upload supporting documents (bank statements, tax returns, IDs)
- Monitor application status through underwriting
- Retrieve and accept/decline offers
- Handle tasks and disclosures
- Embed loan agreement signing directly in your UI with the Embedded Signing SDK

### Accounts
- Request draws from lines of credit
- Submit payments
- View transaction history
- Get amortization schedules

### Webhooks
- Subscribe to real-time event notifications
- HMAC signature verification on every delivery (default)
- Optional OAuth2 client-credentials Bearer tokens for inbound delivery, layered on top of HMAC
- Manage webhook subscriptions, secrets, auth configuration, and per-event delivery filters
- Query event delivery history
- Retry failed deliveries

### Sandbox
- Fully isolated environment at `sandbox.quantumlends.com`
- "Magic values" trigger deterministic application outcomes (approve, decline, offer types, document states)
- Validate webhook integrations against repeatable behavior

## Authentication

All API requests use Bearer token authentication. Include your API key in every request:

```
Authorization: Bearer <token>
```

For inbound webhook deliveries from Quantum to your endpoint, see the [Webhooks Integration Guide](https://docs.quantumlends.com/content/webhooks-guide.md) — HMAC signatures are sent by default, with optional OAuth2 client-credentials Bearer tokens.

## Endpoint Reference

For the complete endpoint list (method, path, parameters, request/response schemas) see [llms-full.txt](https://docs.quantumlends.com/llms-full.txt) or the raw [OpenAPI spec](https://docs.quantumlends.com/merged-api.json).