Core

s4e-core is the main REST API of S4E On-Prem. It handles user authentication, asset management, findings, reports, and all user-facing operations.

Overview

Property Value
Container s4e-core-1
Internal port 8003
External URL https://core.<domain>
API docs https://core.<domain>/api/swagger.json

Responsibilities

  • Authentication — user login, JWT token issuance, session management.
  • Asset management — CRUD for domains, IP ranges, and web application assets.
  • Findings — viewing, filtering, and updating vulnerability findings.
  • Scan management — creating and scheduling scan jobs.
  • Reports — generating PDF and JSON reports.
  • Notifications — SSE event dispatch to the frontend.
  • Cloud sync endpoint — provides /api/sync/* endpoints used by the scheduler for DB sync.

Key Endpoints

Endpoint Method Purpose
/api/user/auth/login POST User login
/api/assets/ GET/POST Asset management
/api/findings/ GET View findings
/api/scan/ GET/POST Scan management
/api/sync/actions POST On-prem action catalog sync
/api/sync/scan-info POST On-prem scan info sync
/api/health/ready GET Health check

Viewing Logs

docker logs s4e-core-1 -f

# Only errors
docker logs s4e-core-1 2>&1 | grep '"levelname": "ERROR"'

Health Check

curl -sk https://core.<domain>/api/health/ready
# Expected: {"status": "ok"}

Restarting

cd /opt/s4e/setup
docker compose up -d --no-deps core