-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathserver-config.yaml
132 lines (116 loc) · 4.71 KB
/
server-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
general: # General server settings.
port: 8081
host: http://localhost # Identifo server URL. If "HOST_NAME" env variable is set, it overrides the value specified here.
issuer: http://localhost # JWT tokens issuer.
# Names of environment variables that store admin credentials.
adminAccount:
loginEnvName: IDENTIFO_ADMIN_LOGIN
passwordEnvName: IDENTIFO_ADMIN_PASSWORD
# Storage settings holds together all storage settings.
# All settings for particular database engine (i.e, filepaths for BoltDB,
# endpoints and regions for DynamoDB etc.) are assumed to be the same across
# all storages. If they are not the same, the latest option in this file will be applied.
# For example, if there are two MongoDB-backed storages, appStorage and tokenStorage,
# and endpoint for appStorage is localhost:27017, while tokenStorage's endpoint is localhost:27018,
# server will connect both storages to localhost:27018.
storage:
appStorage: &storage_settings
type: boltdb
boltdb:
path: ./db.db
userStorage: *storage_settings
tokenStorage: *storage_settings
tokenBlacklist: *storage_settings
verificationCodeStorage: *storage_settings
inviteStorage: *storage_settings
managementKeysStorage: *storage_settings
impersonation:
type: scope
scope:
allowed_scopes: ["admin"]
role:
allowed_roles: ["admin"]
plugin:
cmd: /path/to/plugin
params: { "a": "b" }
# Storage for admin sessions.
sessionStorage:
type: memory # Supported values are "memory", "redis", and "dynamodb".
# Admin session duration in seconds.
# This value specifies the maximum time of inactivity in the admin panel before asking to relogin.
sessionDuration: 300
# example for redis session storage
# redis:
# address: http://localhost:2073
# password: redis_password
# db: admin_sessions
# cluster: false
# prefix: myapp
# example for dynamo session storage
# dynamo:
# region: us-east1
# endpoint: dynamo_endpoint
keyStorage: # Storage for keys used for signing and verifying JWTs.
type: local # Key storage type. Supported values are "local" and "s3".
#file/local key storage settings
file:
private_key_path: ./jwt/test_artifacts/private.pem
login: # Supported login ways.
loginWith:
phone: true
email: true
username: true
federated: true
# Type of two-factor authentication, if application enables it.
# Supported values are: "app" (like Google Authenticator), "sms", "email".
tfaType: app
# register new user with random password if he was not found by phone
# while login in by phone
allowRegisterMissing: true
services:
email: # Email service settings.
type: mock # Supported values are "mailgun", "aws ses", and "mock".
# mailgun:
# domain: identifo.com # Mailgun related setting. If "MAILGUN_DOMAIN" env variable is set, it overrides the value specified here.
# privateKey: ABXCDS # Mailgun-related setting. If "MAILGUN_PRIVATE_KEY" env variable is set, it overrides the value specified here.
# publicKey: AAABBBDDD # Mailgun-related setting. If "MAILGUN_PUBLIC_KEY" env variable is set, it overrides the value specified here.
# sender: [email protected] # Sender of the emails. If "MAILGUN_SENDER" or "AWS_SES_SENDER" env variable is set, it overrides (depending on the email service type) the value specified here.
# ses:
# sender: [email protected] # Sender of the emails. If "MAILGUN_SENDER" or "AWS_SES_SENDER" env variable is set, it overrides (depending on the email service type) the value specified here.
# region: es-east1 # AWS SES-related setting. If "AWS_SES_REGION" env variable is set, it overrides the value specified here.
sms: # SMS service settings.
type: mock # Supported values are: "twilio", "nexmo", "routemobile", "mock".
# twilio:
# accountSid: SID1234 # Twilio-related setting.
# authToken: TOKENABCDS # Twilio-related setting.
# serviceSid: SIDFFFF # Twilio-related setting.
# nexmo:
# apiKey: KEY1234 # Nexmo-related setting.
# apiSecret: SECRET4433 # Nexmo-related setting.
# routemobile:
# username: identifo # RouteMobile-related setting.
# password: secret # RouteMobile-related setting.
# source: whatever # RouteMobile-related setting.
# region: australia # RouteMobile-related setting. Supported values are: uae.
# logger settings
logger:
# dump request body in logs
dumpRequest: false
# logs format (json, text)
format: json
# exclude body for HTTP requests that can contain sensitive data
logSensitiveData: false
common:
level: debug
api:
httpDetailing: dump
level: debug
admin:
httpDetailing: dump
level: debug
spa:
httpDetailing: short
level: debug
management:
httpDetailing: short
level: debug