Getting Started with That Is A Q

A comprehensive guide to building, deploying, and scaling applications with the Q platform. Whether you're a solo developer or an enterprise team, this documentation will get you up and running quickly.

ℹ️

Prerequisites Before you begin, make sure you have Node.js 18+ and a Q platform account. Visit the signup page if you don't have one.

What Is That Is A Q?

That Is A Q is a next-generation development platform that provides a unified suite of tools for building modern applications. From API management and real-time data sync to AI-powered insights, Q gives you everything you need to ship faster.

⚡

Lightning Fast

Edge-native architecture with sub-millisecond response times globally.

🔒

Secure by Default

Enterprise-grade security with SOC 2 compliance and end-to-end encryption.

📐

Flexible Architecture

Monolith or microservices — choose the pattern that fits your needs.

🤖

AI-Powered

Built-in AI tools for code generation, testing, and performance optimization.

Key Concepts

🏗️ Workspaces

Workspaces are the top-level organizational unit in Q. They provide isolated environments for your projects, with separate billing, access controls, and resource quotas.

📦 Projects

Projects are self-contained application units within a workspace. Each project has its own codebase, deployment pipeline, and configuration.

🔑 Environments

Each project supports multiple environments (development, staging, production) with automatic configuration management and secret injection.

💡

Pro Tip Use the q init command to scaffold a new project with best-practice defaults in seconds.

The Ecosystem

The Q ecosystem includes a CLI, SDKs for multiple languages, a web dashboard, and an extensive marketplace of plugins and integrations.

bash

# Install the Q CLI
curl https://cli.thatisaq.com/install.sh | bash

# Authenticate
q auth login

# Create a new project
q init my-app —template fullstack

# Deploy to production
q deploy --env production --auto

# Watch logs in real-time
q logs --follow

# View analytics
q analytics --dashboard

# All done! Your app is live 🚀

Next Steps

Quick Start Guide — Get your first project running in under 5 minutes
API Reference — Explore the full REST and GraphQL API documentation
Architecture — Understand how Q's platform is designed under the hood
Migration Guide — Move your existing projects to Q seamlessly

Quick Start Guide

Get from zero to production in under 5 minutes. This guide walks you through setting up your first Q project.

1

Install the Q CLI

The Q CLI is your primary interface for managing projects, deployments, and local development.

bash

# macOS / Linux
curl https://cli.thatisaq.com/install.sh | bash

# npm
npm install -g @thatisaq/cli

# Verify installation
q --version

2

Authenticate

Log in to your Q account to access workspaces and deploy projects.

bash

q auth login
# Opens browser for OAuth authentication

3

Create a Project

Scaffold a new project using one of Q's templates.

bash

# List available templates
q templates list

# Scaffold a full-stack project
q init my-project —template fullstack

# Navigate into the project
cd my-project

4

Run Locally

Start your local development server with hot-reload and built-in API mocking.

bash

q dev
# ✓ Local server running at http://localhost:3000
# ✓ API gateway: http://localhost:3001
# ✓ Hot reload enabled
# ✓ Mock database seeded

5

Deploy to Production

PUSH to deploy — Q automatically builds, tests, and deploys your changes.

bash

# One-command deploy
q deploy —env production —auto

# Or push to your main branch
# Q automatically deploys on merge

✅

Deployment Complete! Your project is now live at https://my-project.thatisaq.app

What's Next?

📦

Installation

Learn about alternative installation methods and system requirements.

🏗️

Architecture

Understand how Q's platform handles requests, scaling, and deployment.

📡

API Reference

Full REST and GraphQL API documentation for programmatic access.

🛡️

Security

Best practices for securing your Q-powered applications.

Platform Architecture

An in-depth look at how Q's platform is designed to deliver reliability, performance, and scalability at any scale.

High-Level Overview

Q is built on a layered architecture that separates concerns while maintaining tight integration between components. Here's how the system is structured:

Client

Web App

Mobile SDK

CLI

REST API

GraphQL

Edge Network

CDN

Load Balancer

WAF

Rate Limiter

TLS Termination

Application

API Gateway

Auth Service

Worker Pool

Queue System

AI Engine

Infrastructure

PostgreSQL

Redis Cache

Object Storage

Message Bus

Monitor

Auto-Scaling

Q's platform automatically scales resources based on demand. The scaling engine monitors CPU, memory, and request latency to make real-time adjustments.

Component	Min	Max	Scale Metric	Scale Time
API Workers	1	1000	Request rate	< 30s
Worker Pool	1	500	Queue depth	< 45s
Database	1	5	CPU / IOPS	< 2min
CDN	—	Global	Cache hit ratio	Instant

Reliability & Availability

Q is designed for 99.99% uptime. Key reliability features include:

Multi-region deployment — Automatic failover across 12+ regions worldwide
Automated backups — Point-in-time recovery with 30-day retention
Zero-downtime deployments — Blue-green and canary deployment strategies
Health checks — Continuous monitoring with automatic restart on failure
Circuit breakers — Automatic isolation of failing downstream services

ℹ️

SLA Details Enterprise customers receive a 99.99% uptime SLA with financial credits for any downtime exceeding the threshold.

Data Models

Q uses a type-safe, schema-driven approach to data modeling. Define your data once, and Q generates types, validation, and migrations automatically.

Defining Models

Models are defined in the schema.q file using Q's declarative syntax:

schema.q

// Define a User model
model User {
  id       UUID     @default(cuid()) @id
  email    String   @unique @validate(email())
  name     String   @validate(length(1, 100))
  role     Role     @default(member)
  active   Boolean  @default(true)
  avatar   URL      ?@nullable
  bio      String   ?@nullable
  posts    Post[]   @relation("UserPosts")
  createdAt DateTime @autoCreate()
  updatedAt DateTime @autoUpdate()
}

// Enum definition
enum Role {
  admin
  member
  viewer
}

// Define a Post model
model Post {
  id       UUID     @default(cuid()) @id
  title    String
  content  String
  published Boolean  @default(false)
  author   User     @relation("UserPosts", fields: ["authorId"])
  authorId UUID
  tags     String[]
  createdAt DateTime @autoCreate()
}

Generated Types

After running q generate, Q produces type-safe models for your target languages:

typescript

export interface User {
  id: string;
  email: string;
  name: string;
  role: "admin" | "member" | "viewer";
  active: boolean;
  avatar?: string | null;
  posts: Post[];
  createdAt: Date;
  updatedAt: Date;
}

rust

#[derive(Queryable, Serialize)]
pub struct User {
  pub id: Uuid,
  pub email: String,
  pub name: String,
  pub role: Role,
  pub active: bool,
  pub avatar: Option<String>,
  pub posts: Vec<Post>,
  pub created_at: DateTime,
  pub updated_at: DateTime,
}

python

from pydantic import BaseModel, EmailStr

class User(BaseModel):
    id: str
    email: EmailStr
    name: str
    role: Literal["admin", "member", "viewer"]
    active: bool = True
    avatar: Optional[str] = None
    posts: list["Post"] = []
    created_at: datetime
    updated_at: datetime

Relationships

Q supports one-to-one, one-to-many, and many-to-many relationships with automatic migration generation.

Relationship Type	Notation	Example
One-to-One	`@relation("Name")`	User → Profile
One-to-Many	`Model[]`	User → Posts[]
Many-to-Many	`@@manyToMany`	Post → Tags[]

Authentication

Q provides multiple authentication strategies out of the box, from API keys to OAuth 2.0, with built-in support for common providers.

Available Methods

Method	Status	Use Case
API Keys	● Stable	Server-to-server communication
OAuth 2.0	● Stable	User authentication with third-party providers
JWT Bearer	● Stable	Stateless token-based auth
Magic Links	● Stable	Email-based passwordless login
WebAuthn	● Beta	Passkey / biometric authentication
SAML 2.0	● Experimental	Enterprise SSO integration

API Keys

API keys are the simplest way to authenticate programmatic requests. Each key is scoped to a specific workspace and can be restricted to certain permissions.

bash

# Using API key with curl
curl -X GET https://api.thatisaq.com/v3/projects \
  -H "Authorization: Bearer qsk_live_xxxxxxxxxxxxxx" \
  -H "Content-Type: application/json"

# Using API key in JavaScript
const q = new QClient({
  apiKey: process.env.Q_API_KEY,
  project: "proj_abc123",
  environment: "production",
});

const projects = await q.projects.list();
console.log(projects);

🚨

Security Warning Never expose API keys in client-side code. Use environment variables and Q's secret management system to keep keys secure.

JWT Authentication

Q issues JWT tokens upon successful authentication. These tokens should be included in the Authorization header as a Bearer token.

access_token string Required

The JWT token for authentication. Valid for 1 hour by default.

refresh_token string Required

Used to obtain a new access token without re-authentication. Valid for 30 days.

token_type string Optional

Always Bearer. Defaults to Bearer if not specified.

expires_in number Optional

Token lifetime in seconds. Default: 3600 (1 hour). Maximum: 86400 (24 hours).

"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...", "refresh_token": "rt_9f8e7d6c5b4a3...", "token_type": "Bearer", "expires_in": 3600, "scope": "read write admin"

API Overview

Q's REST API provides full programmatic access to every feature of the platform. All endpoints follow RESTful conventions and return JSON responses.

Base URL

API https://api.thatisaq.com/v3

HTTP Methods

GET /projects # List all projects

POST /projects # Create a new project

GET /projects/:id # Get a specific project

PATCH /projects/:id # Update a project

DELETE /projects/:id # Delete a project

Response Format

All API responses are JSON. Success responses wrap data in a standard envelope:

{
  "data": { // Response payload },
  "meta": {
    "request_id": "req_xxx123",
    "rate_limit": {
      "remaining": 999,
      "reset_at": "2025-01-15T12:00:00Z"
    }
  },
  "error": null
}

Rate Limiting

Plan	Requests / min	Requests / day	Burst Limit
Starter	60	10,000	10
Growth	300	100,000	50
Enterprise	1,000	Unlimited	200

ℹ️

Rate Limit Headers Every response includes X-RateLimit-Remaining, X-RateLimit-Limit, and X-RateLimit-Reset headers.

Projects API

Manage projects, their configurations, environments, and deployments programmatically.

List Projects

GET /projects

Query Parameters

workspace_id string Optional

Filter projects by workspace. Defaults to all workspaces the user has access to.

status string Optional

Filter by status: active, archived, deploying. Default: all.

page integer Optional

Page number for pagination. Default: 1. Max: 100.

per_page integer Optional

Results per page. Default: 20. Max: 100.

Example Response

{
  "data": [
    {
      "id": "proj_q4x8n2m9",
      "name": "my-awesome-app",
      "status": "active",
      "region": "us-east-1",
      "url": "https://my-awesome-app.thatisaq.app",
      "created_at": "2025-01-10T08:30:00Z",
      "environments": ["development", "staging", "production"]
    }
  ],
  "meta": { "total": 42, "page": 1 }
}

Create Project

POST /projects

Request Body

name string Required

Project name. Must be 3-64 characters, alphanumeric with hyphens.

template string Optional

Project template. Options: fullstack, api, static, ml. Default: api.

region string Optional

Deployment region. Default: auto (closest to user).

environments string[] Optional

Environments to provision. Default: ["development", "production"].

Users API

Manage user accounts, roles, and permissions within your workspace.

List Workspace Users

GET /workspaces/:id/members

Invite User

POST /workspaces/:id/invitations

email string Required

Email address of the user to invite.

role string Required

Role to assign: owner, admin, developer, viewer.

message string Optional

Custom invitation message. Max 500 characters.

Update User Role

PATCH /workspaces/:id/members/:userId

⚠️

Permission Required Only workspace owners and admins can modify user roles. Attempting to change another admin's role requires at least one owner remaining.

Analytics API

Access real-time and historical analytics data for your projects. Currently in beta.

🧪

Beta Feature The Analytics API is in beta. Some endpoints may change before the stable release. Please provide feedback through our GitHub discussions.

Get Project Metrics

GET /projects/:id/analytics/metrics

Query Parameters

period string Required

Time period: 1h, 24h, 7d, 30d, 90d.

metrics string[] Optional

Metrics to include: requests, latency, errors, bandwidth, cache_hit_ratio. Default: all.

granularity string Optional

Data point interval: 1m, 5m, 15m, 1h, 1d. Auto-adjusted based on period.

{
  "data": {
    "requests": { "total": 1847293, "p99": 42 },
    "latency": { "avg": 18, "p50": 12, "p99": 89 },
    "errors": { "count": 142, "rate": 0.01 },
    "cache_hit_ratio": 0.94
  }
}

Webhooks

Receive real-time notifications about events in your workspace. Configure webhook endpoints to receive event payloads via HTTP POST.

Event Types

Event	Description	Trigger
project.deployed	Project successfully deployed	After deployment completes
project.failed	Deployment failed	After build/deploy error
project.scale	Auto-scale event	When instances change
user.invited	Workspace member invited	After invitation sent
ssl.cert_expired	SSL certificate expiring soon	30 days before expiry
billing.invoice	New billing invoice generated	Monthly billing cycle

Webhook Payload

json

{
  "id": "evt_q4x8n2m9abc",
  "type": "project.deployed",
  "timestamp": "2025-01-15T10:30:00Z",
  "data": {
    "project_id": "proj_q4x8n2m9",
    "environment": "production",
    "commit": "a3f2c8d",
    "duration_ms": 24500,
    "status": "success"
  }
}

Payload Verification

Verify webhook signatures using the X-Q-Signature header:

javascript

import { createHmac } from "crypto";

function verifyWebhook(payload, signature, secret) {
  const expected = createHmac("sha256", secret)
    .update(payload)
    .digest("hex");

  return crypto.timingSafeEqual(
    Buffer.from(expected),
    Buffer.from(signature)
  );
}

🚨

Always Verify Never process webhook events without verifying the signature. Webhook URLs should also use HTTPS.

Error Handling

Q uses standard HTTP status codes and returns structured error responses for easy debugging.

Error Response Format

json

{
  "error": {
    "code": "PROJECT_NOT_FOUND",
    "message": "The project you're looking for doesn't exist.",
    "documentation_url": "https://docs.thatisaq.com/errors/PROJECT_NOT_FOUND",
    "request_id": "req_xxx123",
    "details": { // Optional additional context }
  }
}

HTTP Status Codes

Code	Meaning	Example Code
200	OK — Success	`SUCCESS`
201	Created — Resource created	`CREATED`
400	Bad Request	`VALIDATION_ERROR`
401	Unauthorized	`AUTH_REQUIRED`
403	Forbidden	`INSUFFICIENT_PERMISSIONS`
404	Not Found	`PROJECT_NOT_FOUND`
409	Conflict	`RESOURCE_CONFLICT`
429	Too Many Requests	`RATE_LIMITED`
500	Internal Server Error	`INTERNAL_ERROR`
503	Service Unavailable	`SERVICE_UNAVAILABLE`

Best Practices

Always check response status — Never assume success. Check response.ok or the HTTP status code.
Use request_id for support — Include the request_id when contacting support for faster resolution.
Implement exponential backoff — For rate-limited or transient errors, retry with exponential backoff.
Catch specific errors — Handle different error codes differently rather than using a generic catch.

javascript

try {
  const response = await q.projects.get("proj_invalid");
} catch (err) {
  switch (err.code) {
    case "PROJECT_NOT_FOUND":
      // Handle 404 — show user-friendly message
      break;
    case "RATE_LIMITED":
      // Retry with backoff
      await sleep(Math.random() * 5000);
      break;
    case "AUTH_REQUIRED":
      // Redirect to login
      break;
    default:
      // Log for debugging
      await logError(err.request_id, err.message);
  }
}

Migration Guide

Step-by-step instructions for migrating your existing projects to the Q platform. Covers V2 → V3 and third-party platform migrations.

✅

Automated Migration Tool Q provides a q migrate CLI command that automates 80% of the migration process. This guide covers manual steps for complex scenarios.

V2 to V3 Migration

V2 (Legacy)

REST-only API
Single-region deployment
Standard API keys
Manual scaling
Separate auth system

V3 (Current)

REST + GraphQL + Events
Multi-region edge deployment
Scoped API keys + OAuth
Auto-scaling + AI optimization
Unified auth system

Migration Steps

1

Run the Migration Wizard

bash

# Run the automated migration tool
q migrate --from v2 --to v3

# Review the generated migration plan
q migrate --plan --output migration.md

# Apply migrations
q migrate --apply --dry-run # Preview first!

2

Update API Endpoints

Change your API base URL from https://api.thatisaq.com/v2 to https://api.thatisaq.com/v3.

3

Update Authentication

Convert API keys to the new scoped format and update your environment variables.

4

Test & Deploy

Run your test suite against the V3 API, then deploy with zero downtime using blue-green strategy.

⚠️

V2 Deprecation Notice V2 API will be sunset on March 1, 2026. All projects must migrate before this date.

Deployment

Configure and manage deployments for your Q projects, including CI/CD integration, rollback strategies, and environment management.

Deployment Strategies

Strategy	Downtime	Rollback	Complexity
Blue-Green	Zero	Instant switch	Low
Canary	Zero	Redirect traffic	Medium
Rolling	Minimal	Partial rollback	Low
Recreate	Momentary	Full rollback	Low

CI/CD Integration

Q integrates with all major CI/CD platforms:

🔷 GitHub Actions — Use @thatisaq/deploy-action
🔷 GitLab CI/CD — Use q deploy in your pipeline
🔷 Jenkins — Use the Q Pipeline Plugin
🔷 Vercel — Push to deploy with Q provider
🔷 ArgoCD — Use Q as a GitOps provider

yaml

# .github/workflows/deploy.yml
name: Deploy to Production

on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Deploy to Q
        uses: @thatisaq/deploy-action@v3
        with:
          api-key: ${{ secrets.Q_API_KEY }}
          environment: production
          strategy: canary

Security

Learn about Q's security model, compliance certifications, and best practices for securing your applications.

Compliance

Q maintains the following compliance certifications:

🏅 SOC 2 Type II — Annual independent audit
🏅 ISO 27001 — Information security management
🏅 GDPR — Full data protection compliance
🏅 HIPAA — Healthcare data handling (Enterprise)
🏅 PCI DSS — Payment card industry compliance

Best Practices

1. Use Environment Variables for Secrets

bash

# ❌ Never do this
const API_KEY = "sk_live_xxx";

# ✅ Do this instead
const API_KEY = process.env.Q_API_KEY;

2. Rotate API Keys Regularly

Rotate API keys every 90 days. Use the q keys rotate command for zero-downtime key rotation.

3. Enable Audit Logging

Enable audit logs in your workspace settings to track all admin actions and API access.

4. Use IP Allowlisting

Restrict API access to known IP ranges for additional security.

✅

Security Score Use q security audit to get a comprehensive security report for your workspace with actionable recommendations.

Frequently Asked Questions

Common questions and answers about the Q platform, pricing, deployment, and more.

General

Q: What is That Is A Q?

A: That Is A Q is a next-generation development platform that provides a unified suite of tools for building, deploying, and managing modern applications.

Q: Is there a free tier?

A: Yes! The Starter plan includes up to 3 projects, 10GB bandwidth, and community support — all free forever.

Q: Can I use Q with my existing tools?

A: Absolutely. Q integrates with GitHub, GitLab, VS Code, Docker, Kubernetes, Terraform, and many more tools.

Technical

Q: What languages does Q support?

A: Q supports JavaScript/TypeScript, Python, Rust, Go, and Ruby. Custom runtimes are available for Enterprise customers.

Q: How does auto-scaling work?

A: Q monitors CPU, memory, and request latency metrics. When thresholds are crossed, Q automatically provisions additional instances within seconds.

Q: Can I self-host Q?

A: Yes, Q offers an on-premises edition for Enterprise customers with full self-hosting support.

Pricing

Q: How does billing work?

A: Q uses a usage-based billing model. You're charged per compute second, bandwidth GB, and storage GB. See our pricing page for details.

Q: What happens if I exceed my plan limits?

A: Your application won't be interrupted. We'll notify you and offer to upgrade your plan. No surprise overages.

Changelog

Track updates, new features, and improvements to the Q platform.

v3.2.0 — January 2025

● Stable

🆕 Analytics API — New analytics endpoints for real-time metrics

🆕 AI-assisted migrations — AI-powered migration planning and execution

🐛 Fixed edge cases in canary deployments

⚡ Improved cold start performance by 40%

📝 Updated documentation for v3 API

v3.1.0 — November 2024

🆕 Webhook events — New event types for project lifecycle

🆕 WebAuthn support — Passkey authentication in beta

🔧 New q analytics CLI command

⚡ 25% faster build times

v3.0.0 — September 2024

🚨

Major Release This is a major version with breaking changes. See the Migration Guide for upgrade instructions.

🆕 Multi-region edge deployment

🆕 GraphQL API — Full GraphQL support alongside REST

🆕 Unified authentication — OAuth, JWT, and API keys unified

🆕 Schema-driven data models

🔄 Complete API redesign

Roadmap

Our planned features and upcoming improvements to the Q platform.

Q1 2025 — Completed ✅

✅ Analytics API (beta)
✅ AI-assisted migrations
✅ Improved build performance

Q2 2025 — Planned

🔜 Edge Functions — Deploy serverless functions at the edge
🔜 Database migrations — Automated schema sync across environments
🔜 Team collaboration — Real-time collaborative editing
🔜 CLI improvements — New q ai assistant commands

Q3 2025 — Planned

🔜 Plugin marketplace — First-party and community plugins
🔜 Performance profiler — Real-time performance analysis
🔜 Multi-cloud deployment — Deploy to AWS, GCP, Azure

Q4 2025 — Planned

🔜 AI code review — Automated PR reviews with AI
🔜 Workspace templates — Community-shared project templates
🔜 GraphQL federation — Subgraph support for microservices

Contributing

We welcome contributions from the community. This guide will help you get started.

Getting Started

1

Fork the Repository

bash

git clone git@github.com:thatisaq/q.git
cd q
npm install
q dev

2

Create a Branch

bash

git checkout -b feature/my-awesome-change

# Follow conventional commits
# feat: add new feature
# fix: fix a bug
# docs: update documentation
# refactor: restructure code
# test: add or update tests

Code of Conduct

We follow the Contributor Covenant Code of Conduct. Be respectful, inclusive, and constructive in all interactions.

Pull Request Process

Include tests for all changes
Update documentation as needed
Ensure all CI checks pass
Link any related issues
Keep PRs focused and small

💡

First-time Contributors Look for issues labeled good-first-issue — they're perfect for getting started!