Engine is waking up

SentinelNexus Docs

Production-ready setup guide for authentication, scanning, and compliance workflows. This page covers the fastest path from local launch to secure deployment.

Interactive Demo

Run a full product walkthrough without login.

Release Notes

Track features, fixes, and security updates.

System Status

See uptime and core service availability.

Quickstart

  1. Create a Google OAuth app with callback URL set to your production auth callback.
  2. Set backend variables for database, Redis, JWT secrets, and OAuth credentials.
  3. Set frontend variables for backend origin and NextAuth secrets.
  4. Run backend tests and frontend build before deploying.

Architecture

SentinelNexus runs with a FastAPI backend and a Next.js frontend. OAuth login initiates from frontend proxy routes and completes in backend callback handlers. Scan jobs and security telemetry are persisted for reporting and incident review.

API Endpoints

GET /api/v1/auth/login/google

Starts Google OAuth flow.

GET /api/v1/auth/callback/google

Handles OAuth callback and issues secure session cookies.

POST /api/v1/scans

Creates a new AI security scan.

Security Baseline

  • HTTPS-only production endpoints and strict origin validation.
  • No-store headers for auth proxy endpoints.
  • Rotating JWT and OAuth secrets with non-placeholder checks in production.
  • Least-privilege access and auditable scan result trails.

Deployment Checklist

  • Frontend: set NEXTAUTH_URL, NEXTAUTH_SECRET, and backend origin vars.
  • Backend: set production domain vars, OAuth keys, DB, and Redis.
  • Validate callback URL in Google Console exactly matches production route.
  • Confirm npm run build and backend tests pass before release.

FAQ

Can I use SentinelNexus without Google OAuth?

Current production login is Google-first for simplified identity hardening.

Where can I report issues?

Use the Support page for operational issues and security disclosures.

Founded by Mayank Sharma