Quick Start

Get started with 4Quays in 5 minutes - from sign-up to your first protected payload

This guide walks you through integrating 4Quays into your application. By the end, you'll have a working integration that protects payloads before sending them to external services.

Prerequisites

A 4Quays account (sign up at the dashboard)
An existing application that communicates with external services

Step 1: Enroll a Destination Service

After signing in to the 4Quays dashboard, use the Enrollment Wizard to set up your first integration:

Click Enroll Service from the dashboard
Enter the destination service details (name, description)
Choose the algorithm that matches the service's requirements (e.g., AES-256-GCM with RSA-2048)
Upload the destination's public key (PEM format)
The wizard creates the policy and generates an API key bound to that policy

Copy the API key immediately — it's only shown once. Store it securely in your application's environment variables.

Step 2: Protect Your First Payload

Use fetch to call the protect endpoint directly:

const response = await fetch(process.env.FOURQ_ENDPOINT + '/api/v1/protect', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.FOURQ_API_KEY}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    payload: {
      transferId: 'txn-001',
      amount: 5000,
      currency: 'CAD',
      destinationAccount: 'CA1234567890',
    },
  }),
});

const data = await response.json();

// Send the JWE envelope to the external service
await fetch('https://bank-api.example.com/transfers', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ encryption: data.jwe }),
});

Note that policyNumber is omitted — the API key is bound to a policy during enrollment, so the correct policy is applied automatically.

Step 3: Verify in the Dashboard

Check the Audit Log in your 4Quays dashboard to see:

Operation timestamp
Policy used
Algorithm applied
Response status

Development Mode

During development, you can configure policies with a passthrough failure mode. In passthrough mode, /protect returns the payload unchanged with a warning — useful for testing your integration logic without actual encryption.

What's Next

Core Concepts — Understand the platform's building blocks
Protect & Unprotect Guide — Detailed integration guide
Platform Guide — Learn to manage services and policies