MineTrust Server

• MineTrust Server
  • Overview
  • Architecture
    • Database Support
    • Authentication
  • Integration
  • Installation

MineTrust Server is the central backend component of the MineTrust Data Management platform. It provides a REST API for managing version-controlled files, user accounts, roles, and access permissions within a multi-user environment.

Overview

MineTrust Server acts as the authoritative data repository for all MineTrust components. It stores and organises mining and geological data assets, providing:

• File Management: upload, download, and organise files within a hierarchical folder structure with support for file versioning, change tracking, and checkout locking to prevent concurrent modification conflicts
• Role-Based Access Control: three built-in roles (Administrator, Contributor, and Guest) govern access to files, folders, and administrative functions
• Metadata & Tagging: enrich files with searchable tags and metadata in flat or hierarchical structures
• Full-Text Search: indexed search across file names, versions, and metadata
• Package Management: store and organise collections of related files as logical packages with version history
• Audit Trail: complete activity history indexed by user, file, folder, and timestamp

The REST API is documented via an integrated Swagger/OpenAPI interface, enabling client generation and interactive exploration of available endpoints.

Architecture

MineTrust Server is built on ASP.NET Core and supports the following deployment models:

• On-Premise: installed as a Windows Service on a dedicated application server (minimum 2 vCPU, 8 GB RAM, 50 GB storage), communicating over HTTPS on port 9001
• Cloud-Hosted (Azure): deployed as a container on Azure Container Instances behind an NGINX reverse proxy, communicating over HTTPS on port 443

Database Support

• PostgreSQL 17 (recommended for production)
• SQL Server 2022 (v16.x)
• SQLite (development and testing only)

File content is persisted to a configurable disk or cloud storage location, while metadata, permissions, and version history are stored in the relational database.

Authentication

MineTrust Server supports pluggable authentication schemes:

• Microsoft Entra ID (formerly Azure AD): OAuth 2.0 Bearer tokens (recommended)
• Microsoft Entra External ID (B2C): for customer-facing identity scenarios
• Active Directory Federation Services (ADFS): JWT Bearer tokens for on-premise identity
• Basic Authentication: available in development environments only

Integration

MineTrust Server is consumed by the following components:

• MineTrust Connector: desktop synchronisation service that syncs packages between Datamine Studio products and the server
• MineTrust Online: web-based frontend for browsing, searching, and managing data assets
• MineTrust Provisioner: background service that automates user and role provisioning from Azure AD

Third-party integration is supported via the REST API and the MineTrust Server Extensibility NuGet package for .NET applications.

Installation

Local installation of MineTrust Server is supported via MSI, which may be executed interactively or non-interactively.

For non-interactive installations, please refer to Installation.