This page is the network reference for CORE-M: which port carries which protocol,
the canonical REST paths, and the real-time WebSocket. All ports listed are the
standard IANA assignments for their protocol.
Port Protocol Surface Notes 8080HTTP REST API REST API for the platform 1883MQTT Device ingestion Plaintext MQTT 8883MQTTS Device ingestion MQTT over TLS 5683CoAP Device ingestion Plaintext CoAP (UDP) 5684CoAPS Device ingestion CoAP over DTLS (UDP) 5683LwM2M Device management LwM2M over CoAP (UDP) 5684LwM2M (DTLS) Device management LwM2M over CoAP/DTLS (UDP) 161SNMP Device polling SNMP poll (UDP) 162SNMP trap Device polling SNMP trap receiver (UDP)
CoAP and LwM2M share the standard CoAP ports (5683 plaintext, 5684
DTLS): LwM2M is layered on top of CoAP. Whether a datagram is treated as raw CoAP
telemetry or an LwM2M operation is determined by the adapter, not by a separate
port.
The full, always-current endpoint list is the in-app OpenAPI/Swagger, generated
per service. The table below is the confirmed core path set. All paths are served
on port 8080 under the /api/v1 prefix unless noted.
Method Path Purpose Auth GET/healthzLiveness None GET/readyzReadiness None POST/api/v1/callbacks/arcARC confirmation callback HMAC (no bearer)
Method Path Purpose POST/api/v1/auth/loginAuthenticate, receive tokens POST/api/v1/auth/refreshRotate token pair POST/api/v1/auth/validateValidate a JWT (internal) POST/api/v1/auth/api-keysCreate an API key
Auth also exposes tenant, group, SSO, MFA, session, and scoped-token routes —
see the auth Swagger and Security & compliance .
Method Path Purpose POST/api/v1/devicesRegister a device GET/api/v1/devices/{device_id}Get a device GET/api/v1/devicesList devices (filters + pagination) PATCH/api/v1/devices/{device_id}Update a device DELETE/api/v1/devices/{device_id}Soft-delete a device
Method Path Purpose POST/api/v1/provisionProvision a device (key/claim flow) POST/api/v1/devices/{device_id}/rpcSend a server-to-device RPC GET/api/v1/devices/rpc/{correlation_id}Fetch an RPC result by correlation ID POST/api/v1/gateway/{gateway_device_id}/connectGateway connects a child device POST/api/v1/gateway/{gateway_device_id}/telemetryGateway submits child telemetry POST/api/v1/gateway/{gateway_device_id}/rpc-responseGateway returns a child RPC result
See Device RPC for the RPC lifecycle and
Connecting devices for provisioning paths.
Method Path Purpose POST/api/v1/telemetryIngest one or more points GET/api/v1/telemetry/{device_id}/latestLatest snapshot (hot store) GET/api/v1/telemetry/{device_id}Historical query (cold store)
See Sending telemetry for ingestion
and Telemetry query & retention for the
query model.
Method Path Purpose POST/api/v1/rulesCreate a rule GET/api/v1/rules/{rule_id}Get a rule GET/api/v1/rulesList rules PATCH/api/v1/rules/{rule_id}Update a rule DELETE/api/v1/rules/{rule_id}Delete a rule POST/api/v1/rules/{rule_id}/enableEnable a rule POST/api/v1/rules/{rule_id}/disableDisable a rule
Method Path Purpose GET/api/v1/anchorsList recent anchor batches GET/api/v1/anchors/batches/{batch_id}Get batch status
Method Path Purpose Auth GET/api/v1/verify/hash/{data_hash_hex}Proof by data hash None (publicly verifiable) POST/api/v1/verify/rawProof from raw fields Required (tenant scope) GET/api/v1/verify/batch/{batch_id}Full batch proof Required (tenant scope)
See Verification for the proof structure and the
caller-side verification steps.
Real-time data is delivered by the dashboard BFF over a WebSocket at /ws.
The connection is authenticated with the JWT access token. Clients subscribe to
device telemetry or platform events and can request a short historical backfill;
the server pushes live telemetry, device-status changes, rule triggers, and
anchor confirmations.
wss://<host>/ws?token=<access_token>
Direction Message types Client → server subscribe, unsubscribe, backfillServer → client telemetry, device_status, rule_triggered, anchor_confirmed, backfill_response
