-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy path.dev.vars.example
More file actions
26 lines (23 loc) · 1.19 KB
/
.dev.vars.example
File metadata and controls
26 lines (23 loc) · 1.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# This is an example file for local Worker development.
# Copy this file to .dev.vars and fill in the values.
# This file SHOULD NOT contain real production secrets.
AUTH_ISSUER="https://auth.stage.anaconda.com/api/auth"
# Local authentication control
# Set to "true" to enable local OIDC endpoints for development
# Defaults to "false" if not set
# WARNING: ALLOW_LOCAL_AUTH must NEVER be enabled in production environments.
# The backend will reject startup if DEPLOYMENT_ENV=production and ALLOW_LOCAL_AUTH=true
ALLOW_LOCAL_AUTH="true"
# Note: The auth system supports two modes:
# 1. Development mode: Uses AUTH_TOKEN (hardcoded secret string)
# 2. Production mode: Uses AUTH_ISSUER (OIDC provider URL)
#
# In production mode, the frontend should be configured with:
# - VITE_AUTH_ISSUER: The OIDC issuer URL
# - VITE_CLIENT_ID: Your OAuth client ID
#
# The backend expects RS256 JWT tokens from the OIDC provider.
# Cloudflare Access headers for service-to-service authentication with Projects service
# These are optional - only needed if you want to test Cloudflare Access authentication locally
# CLOUDFLARE_SERVICE_TOKEN_CLIENT_ID="your-client-id"
# CLOUDFLARE_SERVICE_TOKEN_CLIENT_SECRET="your-client-secret"