.qt-noscript-shell{position:fixed;inset:0;background:#04091a;color:#e5edf7;font-family:ui-sans-serif,system-ui,sans-serif;display:flex;align-items:center;justify-content:center;padding:24px;z-index:99999}.qt-noscript-card{max-width:560px;width:100%;background:rgba(8,18,42,.6);border:1px solid rgba(0,229,255,.22);border-radius:16px;padding:32px;box-shadow:0 0 60px rgba(0,229,255,.08)}.qt-noscript-eyebrow{font-family:ui-monospace,SFMono-Regular,Menlo,monospace;font-size:11px;letter-spacing:.25em;text-transform:uppercase;color:#67e8f9;margin-bottom:14px}.qt-noscript-title{font-size:30px;line-height:1.15;font-weight:700;color:#fff;letter-spacing:-.01em;margin:0 0 16px}.qt-noscript-body{font-size:15px;line-height:1.6;color:#b5c5dd;margin:0 0 18px}.qt-noscript-list{font-size:14px;line-height:1.65;color:#b5c5dd;margin:0 0 22px;padding-left:18px}.qt-noscript-list li{margin-bottom:6px}.qt-noscript-list code{font-family:ui-monospace,SFMono-Regular,Menlo,monospace;font-size:13px;color:#67e8f9;background:rgba(0,229,255,.08);padding:1px 6px;border-radius:4px}.qt-noscript-actions{display:flex;flex-wrap:wrap;gap:10px}.qt-noscript-btn{display:inline-flex;align-items:center;gap:6px;padding:10px 18px;border-radius:999px;font-size:13px;font-weight:600;letter-spacing:.02em;text-decoration:none;border:1px solid rgba(0,229,255,.4);color:#e5edf7}.qt-noscript-btn-primary{background:#67e8f9;color:#04091a;border-color:#67e8f9}.qt-noscript-foot{margin-top:22px;font-family:ui-monospace,SFMono-Regular,Menlo,monospace;font-size:11px;letter-spacing:.15em;color:#5d7394;text-transform:uppercase}

JavaScript required

QorTrace needs JavaScript to run.

QorTrace is a cryptographic risk and PQC migration platform. The interface, live scans, and methodology viewer all run in your browser — they can't render without JavaScript.

Enable JavaScript for qortrace.com in your browser settings, then refresh.
Using a privacy extension (NoScript, uBlock, Brave Shields)? Allow scripts for this site only.
Just need the methodology or a sample report? Use the static fallbacks below.

Email for static methodology PDF View raw sample audit

QorTrace — methodology qortrace-method-v0.2

API reference

Error codes

Every error response is JSON with a detail field describing the cause + an x-trace-id header you can cite in a support ticket.

Status codes

Status	Reason	When
400	Bad request	Validation error in body — see detail.
401	Unauthorized	Missing/malformed/unknown/revoked API key.
403	Forbidden	API key lacks required scope.
404	Not found	Scan does not exist or belongs to a different tenant.
409	Conflict	BOM requested before scan reached `completed`.
429	Rate limited	Per-tenant ceiling exceeded — retry after `Retry-After` seconds.
500	Internal	Unexpected error — please report to partners@qortrace.com with the response `x-trace-id`.

Example error response

{
  "detail":  "API key 'qb_live_abc...' has been revoked.",
  "code":    "key_revoked",
  "x-trace-id": "trc_8f2a1c0b9d3e"
}

Rate limits

Default partner tier: 60 scans/hour + 120 BOM downloads/hour. Enterprise tiers are higher — talk to your account contact to raise the ceiling.

Headers on every response. X-QorBOM-RateLimit-Limit, X-QorBOM-RateLimit-Remaining, X-QorBOM-RateLimit-Reset. On a 429 you'll also get Retry-After.

Reporting a 500

If you see a 500, email partners@qortrace.com with:

The full x-trace-id header value
The exact request method + path
Your tenant ID (visible in the response body as tenant_id)

We'll have a root-cause in your inbox within 1 business day on sandbox keys, 1 business hour on production keys.