# QURL Interactive Playground

Try the QURL API against a live sandbox. Create real credentials, issue independent access links, attach network-layer policies, and revoke access instantly.

## What is a QURL?

A QURL is a **network-layer access credential** disguised as a link. The server behind it is invisible until a valid QURL opens access. When it expires or is revoked, the server vanishes from the network.

## What QURL Does Differently

QURL is not a presigned URL. It's a network-layer access credential powered by the Network Hiding Protocol (NHP).

- **Server invisibility**: Without a valid QURL, the server has no open ports, no DNS, no attack surface. It doesn't exist.
- **Network-layer enforcement**: Access is granted and revoked at the OS/network level — not by checking tokens in application code. Unauthorized clients get connection refused, not HTTP 403.
- **Independent credentials**: Each access link is a separate, trackable, revocable credential. Revoke one without affecting others.
- **Self-destructing links**: One-time-use QURLs die after a single access. The server becomes unreachable — not just the token expired.
- **Provable revocation**: Revoked QURLs result in connection refused. Your audit trail proves access was terminated, not just marked inactive in a database.

## Playground Steps

1. **Create** — Protect any URL with time-bound, cryptographic access control. The QURL link is hidden until Step 2.
2. **Mint** — Your first access link is revealed. Issue a second — each is an independent credential you can track, audit, and revoke separately. Single-use links are non-clickable until a backup exists.
3. **Inspect** — Query credential state in real time without consuming it. See status, expiration, and policy configuration via the API.
4. **Policy** — Attach IP allowlists and geo restrictions. Requests from outside the policy are rejected at the network layer. The server never sees them.
5. **Revoke** — Kill a resource and watch every minted link die. For one-time-use links, open one and verify it self-destructed — connection refused.
6. **Audit** — Review a session activity report: credentials issued, links minted, policies applied, revocations executed. In production, these events come from the QURL API webhook stream.

## Scenarios

- **Secure Document Sharing**: Turn a permanent link into a self-destructing credential. One click, 30 minutes, then dead. Unauthorized IPs can't find the server.
- **Temporary Contractor Access**: 15 minutes of cryptographic access, no VPN accounts. When time's up, the server disappears.
- **Compliance-Ready Data Access**: Every access is time-bound, auditable, and provably revoked. The server refuses the connection, not just the request.
- **Custom**: Build your own QURL with any configuration.

## Key Differentiators vs. Presigned URLs

| Feature | Presigned URL | QURL + NHP |
|---------|--------------|------------|
| Revocation | Invalidate the signature (application-level) | Server becomes invisible (network-level) |
| Unauthorized access | HTTP 403 Forbidden | Connection refused — no open ports |
| Credential independence | One URL per resource | Multiple independent, revocable links |
| Audit trail | Application logs | Network-layer events with IP, policy, outcome |
| Server visibility | Always discoverable | Invisible until valid credential opens it |