What is the Nodinite Web Client?
The Nodinite Web Client is a modern HTML5 single-page application (SPA) that provides the user interface for Nodinite integration management. As part of the Core Services package, the Web Client communicates with the Web API to deliver secure, role-based access to logging, monitoring, and repository documentation.
Technical Architecture
The Web Client follows a three-tier architecture designed for scalability, security, and ease of deployment:
Technical Architecture
The Web Client follows a three-tier architecture designed for scalability, security, and ease of deployment:
Chrome, Firefox, Edge, Safari"] end subgraph ":Nodinite: Server (IIS)" WebClient[" Web Client (SPA)
HTML5, JavaScript, CSS"] WebAPI[" Web API
REST endpoints, business logic"] ConfigDB[" Configuration DB
SQL Server"] LogDB[" Log Databases
SQL Server"] end Browser -->|"HTTPS"| WebClient WebClient -->|"REST API calls"| WebAPI WebAPI -->|"Queries/Commands"| ConfigDB WebAPI -->|"Log queries"| LogDB
The Web Client runs in the browser and communicates exclusively with the Web API. All data access, business logic, and security enforcement occur server-side.
Architecture Components
| Component | Technology | Purpose | Deployment Location |
|---|---|---|---|
| Web Client | HTML5, JavaScript, CSS | User interface rendering, client-side validation | IIS (served as static files) |
| Web API | ASP.NET Core, C# | Business logic, authentication, authorization, data access | IIS (hosted service) |
| Configuration Database | SQL Server 2016+ | Repository Model, settings, security, monitor definitions | SQL Server instance |
| Log Databases | SQL Server 2016+ | Log event storage, partitioned by time or volume | SQL Server instance(s) |
Note
The Web Client is a single-page application (SPA) that loads once and communicates with the Web API via AJAX calls. This architecture provides responsive user experience and reduces server load.
System Requirements
Supported Client Browsers
End-users must use a modern, HTML5-compatible browser. The Web Client is tested and supported on:
| Browser | Minimum Version | Notes |
|---|---|---|
| Google Chrome | Latest stable | |
| Mozilla Firefox | Latest stable | |
| Microsoft Edge | Latest stable | Chromium-based only |
| Apple Safari | Latest stable | macOS and iOS |
Important
Internet Explorer is not supported with Nodinite 5.3 or later. Organizations must migrate to a modern browser.
For complete system requirements including server hardware, SQL Server versions, and network configuration, see Prerequisites.
Authentication and Authorization
The Web Client supports two authentication modes, configured during installation:
Windows Integrated Authentication
Traditional Active Directory-based authentication using Kerberos or NTLM:
- Seamless sign-on – Users authenticate automatically with domain credentials
- Windows AD Groups – Assign permissions via Active Directory security groups
- LDAP integration – Query Active Directory for user/group information
OpenID Connect (OIDC) / OAuth 2.0
Modern cloud-based authentication for hybrid or cloud-native deployments:
- Identity provider integration – Azure AD (Entra ID), Okta, Auth0, or any OIDC-compliant provider
- Claims-based authorization – Fine-grained permissions via JWT claims
- Multi-factor authentication (MFA) – Leverage identity provider MFA policies
- External user support – Authenticate partners and vendors without domain accounts
Tip
For OIDC/OAuth 2.0 setup, see Install Nodinite v7 - OpenID Connect. For Azure AD configuration, see Register Applications in Azure AD.
Both modes enforce role-based access control (RBAC) using Roles, ensuring users only access data and features appropriate to their responsibilities.
Core Technical Features
Security and Compliance
- Role-based access control – Granular permissions for Log Views, Monitor Views, and Repository entities
- Audit logging – All sensitive operations logged for compliance (Log Audits)
- TLS/HTTPS required – Encrypted communication between browser and server
- Advanced filters – Row-level security within Log Views and Monitor Views
- Session management – Configurable timeouts and automatic session renewal
Performance and Scalability
- Single-page application (SPA) – Fast, responsive UI with minimal server round-trips
- Lazy loading – UI components load on demand to minimize initial page load
- Paginated data – Large result sets fetched in pages to reduce memory usage
- Caching – Client-side caching of static data (Repository Model entities, Reference data)
- Load balancing – Multiple Web API instances supported for high availability
Browser Compatibility
- Responsive design – Adapts to desktop, tablet, and mobile layouts
- Touch-friendly – Large tap targets and swipe gestures for mobile devices
- Offline support – Limited functionality with service worker caching (planned feature)
- Accessibility – WCAG 2.1 AA compliance for screen readers and keyboard navigation
Integration Points
- REST API – All Web Client functionality exposed via Web API for automation
- Custom dashboards – Embed external data sources via REST APIs
- SSO integration – OIDC/OAuth 2.0 enables single sign-on with corporate identity providers
- Export capabilities – Export log events, monitor snapshots, and repository data to CSV, Excel, JSON
Deployment Models
The Web Client supports multiple deployment scenarios:
On-Premise
On-Premise
Traditional deployment within your datacenter:
- Web Client + Web API hosted on IIS within corporate network
- SQL Server on dedicated database server or co-located
- Windows Integrated Authentication with Active Directory
- Firewall rules restrict access to internal network only
Hybrid Cloud
Web Client accessible from internet while databases remain on-premise:
- Web Client + Web API hosted on Azure App Service or AWS Elastic Beanstalk
- SQL Server on-premise with VPN or ExpressRoute connectivity
- OIDC/OAuth 2.0 authentication with Azure AD or corporate identity provider
- TLS encryption for all communication channels
Fully Cloud-Native
Complete cloud deployment for born-in-cloud organizations:
- Web Client + Web API on Azure App Service, AWS Elastic Beanstalk, or containerized (Docker/Kubernetes)
- SQL Server on Azure SQL Database, AWS RDS for SQL Server, or SQL Managed Instance
- OIDC/OAuth 2.0 authentication with cloud identity providers
- Auto-scaling and high availability configured via cloud platform services
Tip
For detailed installation instructions for each deployment model, see Install and Update Overview.
User Experience Highlights
While this page focuses on technical architecture, end-users experience the following capabilities through the Web Client interface:
- Dashboard – Real-time KPIs and integration health at a glance
- Log Views – Search transactions across all systems with business-friendly filters
- Monitor Views – Track system health, receive alerts, execute remote actions
- Repository Model – Interactive integration landscape with living documentation
- Business Process Models – Visualize end-to-end workflows with operational status
- Administration – Configure users, roles, views, and system settings (administrators only)
For detailed user guides on navigation, features, and daily usage, see the Getting Started with Nodinite user guide.
Security Architecture Deep Dive
Authentication Flow
Windows Integrated Authentication:
- Browser sends Kerberos ticket or NTLM challenge to IIS
- IIS validates credentials against Active Directory
- Web API receives authenticated Windows identity from IIS
- Web API queries Configuration Database for User/Role assignments
- Session token generated with permission claims
OIDC/OAuth 2.0 Authentication:
- Browser redirects to identity provider (Azure AD, Okta, etc.)
- User authenticates with identity provider (including MFA if required)
- Identity provider redirects back to Web Client with authorization code
- Web Client exchanges code for JWT access token and ID token
- Web API validates JWT signature and claims
- Web API queries Configuration Database for Role/Policy/Claim assignments
- Session established with permission claims
Authorization Model
Authorization is enforced at multiple layers:
| Layer | Enforcement Point | Purpose |
|---|---|---|
| UI Layer | Web Client (browser) | Hide/disable UI elements user cannot access |
| API Layer | Web API controllers | Reject unauthorized API calls |
| Data Layer | SQL Server views/stored procedures | Row-level security filters |
| Audit Layer | Log Audit Service | Record all sensitive operations |
Important
Defense in depth: Even if UI authorization is bypassed (e.g., by crafting API calls), the Web API and database layers enforce permissions. This multi-layer approach ensures security even against sophisticated attacks.
For detailed role configuration and permission sets, see Roles and Access Management.
Next Steps
For End-Users:
Getting Started with Nodinite – Learn how to navigate the Web Client, find logs, view monitors, and explore your integration landscape
For Administrators:
Administration Overview – Configure users, roles, security, logging, monitoring, and system settings
Access Management – Manage roles, users, and security policies with audit logging
For Deployment:
Install and Update – Step-by-step installation guides for all deployment models
Prerequisites – Complete system requirements and preparation checklist
For Troubleshooting:
Troubleshooting – Resolve common issues and optimize performance
Related Topics
Core Services Architecture
Web API – REST API architecture, endpoints, and authentication
Configuration Database – Schema, entities, and relationships
Log Databases – Partitioning, retention, and archiving strategies
Core Services Package – Complete platform overview
Security and Access Management
Roles – Role-based access control configuration
Users – User account management
Windows AD Groups – Active Directory integration
Claims – OIDC/OAuth 2.0 claims-based authorization
Policies – Policy groups for complex permission scenarios
Log Audits – Audit trail for compliance and forensics
User Guides
Getting Started – End-user onboarding and navigation
Dashboard – Dashboard widgets and customization
Log Views – Search and analyze integration logs
Monitor Views – Real-time monitoring and alerting
Repository Model – Living integration documentation