Versions Compared

Version Old Version 5 New Version Current
Changes made by

Cornelius Wachinger

Wanja Mensch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ADMIN_TOKEN

...

Excerpt
nameEnvironmentVariables

Environment Variables

Variable Name

Data Type

Description

SPACES_DATA

string

Defines and creates spaces. JSON array with spaces (with key, title and databaseName) Example:

Code Block
languagejson
[
    {
        "key": "ExampleKey",
        "title": "An example title",
        "databaseName": "CDCM-database-name"
    },
    {
        "key": "AnotherExampleKey",
        "title": "An different title",
        "databaseName": "Other-db"
    }
]

ALLOWED_CORS_ORIGINS

string

Specifies the origins that are allowed to access the server, for Cross-Origin Resource Sharing (CORS).

...

CONTEXT_PATH

string

The base URI context path for the server. If not set, defaults to the root context.

CORS_ENABLED

boolean

Enables or disables Cross-Origin Resource Sharing (CORS) at the security level.

CSRF_ENABLED

boolean

Enables or disables Cross-Site Request Forgery (CSRF) protection.

...

CSP_

...

HEADER

string

Set the Content-Security-Policy Header for the server to the value given. Not set by default.

MONGO_CONNECTION_STRING

string

Defines the full mongodb connection string.

Should include hostname (or multiple, if a replica set with multiple nodes is used) including port(s) and optionally the DB name.
If no port is provided the default port 27017 is used.
Format:

mongodb://<hostname>:<port>/<db name>

Example:

mongodb://localhost:27019/mydatabase

or for multiple hosts:

mongodb://host1:27017,host2:27018,host3:27019/mydatabase

MONGO_TRANSACTIONS_ENABLED

boolean

Enables or disables MongoDB transactions. Defaults to false. Note: Can only be enabled if the mongodb deployment uses a replica set.

MONGO_RUNNING_ON_ATLAS

string (default: ‘autodetect’) | boolean (true / false)

Indicates whether the connection is against an Atlas Cluster (for Atlas Search), autodetects it via the connection-string by default, can be set manually to true / false

OAUTH10A_ACTIVE and OAUTH10A_ENABLE

boolean

Control whether OAuth 1.0a is active and enabled in the application.

OAUTH10A_CONSUMER_KEY

string

Consumer key for OAuth 1.0a authentication.

OAUTH10A_CONSUMER_SECRET

string

Consumer secret for OAuth 1.0a authentication.

OAUTH10A_NAME

string

The name for the OAuth 1.0a configuration.

OAUTH10A_PROTECTED_URL_ROOT

string

Specifies the protected URLs for OAuth 1.0a authentication (comma seperated).

OAUTH10A_ROOT_SERVICE_URL

string

URL for the OAuth 1.0a root services.

PORT

integer

Sets the port on which the server will listen. Default is 8080 if not specified.

PUBLIC_URL

string

The public-facing URL of the server, used for building absolute URLs. Default is http://localhost with the specified server port.

X_FRAME_SAME_ORIGIN

string

Controls the 'X-Frame-Options' header for clickjacking protection. Defaults to true.

LOGGING_LEVEL

string

Sets logging level of the application. Available levels:

  • TRACE

  • DEBUG

  • INFO (default)

  • WARN

  • ERROR

  • FATAL

  • OFF

ADMIN_LOGIN_ENABLED

boolean

show the admin login option

MONGO_SHARED_DATABASE

string

Name of the default database. Currently only used for user data

JWT_ISSUER_URI

string

Issuer url of jwt tokens

ENCRYPTION_KEY

string

Used to encrypt sensitive data that is persisted in the db

OAuth10a Configuration

Parameter

Type

Required?

Description

oauth10a.active

Boolean

Yes

If set to active the technical preconditions in order to process OAuth10a requests will be applied by the application

oauth10a.enabled

Boolean

Yes

Enables or disables use of OAuth1.0a

oauth10a.outbound.details.name

String

Yes

The name of the OAuth10a connection. Serves as a unique identifier for this configuration.

oauth10a.outbound.details.protectedUrlRoots

String (List)

No

List of protected URL roots, separated by commas. Leave empty if not applicable.

oauth10a.outbound.details.consumerKey

String

Yes

The consumer key for OAuth10a authentication. Used to identify the application.

oauth10a.outbound.details.consumerSecret

String

Yes

The consumer secret for OAuth10a authentication. Used to verify the application.

oauth10a.outbound.details.rootServices

String

No

Base URLs or services to be accessed. Leave empty if not applicable.

Authentication Provider Configuration

Variable name

Data type

Description

AUTH_CLIENT_ID

string

Default client ID for authentication

AUTH_CLIENT_SECRET

string

Default client secret for authentication

AUTH_ISSUER_URI

string

URI of the issuer for authentication

AUTH_TENANT_ID

string

id of the Authorization provider tenant of the application

AUTH_URI

string

Authorization URI

AUTH_TOKEN_URI

string

Token URI for obtaining access and refresh tokens

AUTH_USER_INFO_URI

string

User info URI to obtain user details

AUTH_JWK_SET_URI

string

URI to obtain JSON Web Key Set

AUTH_END_SESSION_URI

string

End session URI for logging out

AUTH_USE_PKCE

boolean

Indicates whether Proof Key for Code Exchange (PKCE) is used

ROLE_DELIMITER

string

custom delimiter for the role strings. Default: “.”

CONFIGURATION_AREA_WILDCARD

string

wildcard for non confidential configuration areas. Default: “*”

OAUTH_CLAIM_CONFIGURATION

string

Claim configuration. See here for details.