All passwords are salted and hashed (for Civil Pro Identity)
The azure IP firewall limits connections from all IPs except those whitelisted
Default plan is S0 which can be negotiated for larger workloads
Direct access can be arranged for custom analytics e.g. PowerBI etc, however access through the API is preferred
API and Angular app
The REST API is used for all data queries to the database and the Blob Storage from the Cloud UI.
The API is a .Net 5 Web API application
The angular app is a pure HTML/JS application
Both the REST API and the Cloud UI Angular App are hosted from the same Azure App service.
The Azure App Service Plan is generally a shared resource to maximise performance per unit cost, but this can be negotiated. Please note, each client has their own App Service and Cloud UI App, it is just the plan which is shared.
The Web API requires authentication. Supported authentication includes
Civil Pro Identity
The blob storage is used for storing files and photos refenced from the Civil Pro application. It is accessed either through the Web API (following authentication), or directly from the desktop app.
There is no public interface for the file store. It is accessed via applications presenting the API key
The desktop application is a .Net Framework / .Net Standard application requiring .Net Framework 4.7.2+
The application accesses the database after connection information is provided via
direct entry of the connection string (not recommended)
an encrypted Civil Pro Connection File (cpcf)
validation through the API
Once a connection is established, authentication is through the same methods offered via the API
If dynamic IP address support is required (for example, accessing via mobile hotspots), then the connection file can be configured to include an API key for the SQL server firewall. In this case, the desktop application can clear its subnet on the firewall.
The desktop application accesses the blob storage using an API key that is stored in the database.