| Name | Cast | Default | Description |
|---|---|---|---|
| DEBUG | bool |
False |
Enable Django's DEBUG mode. Should not be used in production. See Django documentation |
| TEMPLATE_DEBUG | bool |
DEBUG |
|
| SECRET_KEY | See Django documentation | ||
| USE_TZ | bool |
True |
See Django documentation |
| TIME_ZONE | 'Europe/London' |
See Django documentation | |
| ALLOWED_HOSTS | list |
['*'] if DEBUG else [] |
See Django documentation |
| DATABASE_URL | 'postgres:///forsta-auth' |
||
| STATIC_ROOT | See Django documentation | ||
| MEDIA_ROOT | See Django documentation | ||
| BROKER_TRANSPORT | 'amqp' |
||
| BROKER_HOSTNAME | 'localhost' |
||
| BROKER_SSL | bool |
True |
|
| BROKER_VHOST | '/' |
||
| BROKER_USERNAME | 'guest' |
||
| BROKER_PASSWORD | 'guest' |
||
| BROKER_PREFIX | 'idm.auth.' |
||
| CELERY_BROKER_URL | 'amqp://guest:guest@localhost:5672//' |
||
| IDM_CORE_URL | 'http://localhost:8000/' |
||
| IDM_CORE_API_URL | 'http://localhost:8000/api/' |
||
| EMAIL_HOST | None |
See Django documentation | |
| EMAIL_HOST_USER | None |
See Django documentation | |
| EMAIL_HOST_PASSWORD | None |
See Django documentation | |
| EMAIL_PORT | int |
587 |
See Django documentation |
| EMAIL_USE_TLS | bool |
True |
See Django documentation |
| EMAIL_BACKEND | 'django.core.mail.backends.console.EmailBackend' |
See Django documentation | |
| DEFAULT_FROM_EMAIL | global_settings.DEFAULT_FROM_EMAIL |
See Django documentation | |
| SERVER_EMAIL | global_settings.SERVER_EMAIL |
See Django documentation | |
| SUPPORT_EMAIL | DEFAULT_FROM_EMAIL |
||
| DEFAULT_REALM | 'EXAMPLE.COM' |
||
| KADMIN_PRINCIPAL_NAME | None |
||
| CLIENT_PRINCIPAL_NAME | None |
||
| CLAIM_ENABLED | bool |
False |
Allows externally-created accounts to be claimed by users |
| TWO_FACTOR_ENABLED | bool |
True |
Allows users to set up TOTP for two-factor auth |
| KERBEROS_ENABLED | bool |
None |
Enables password management in an external KDC |
| SSH_KEYS_ENABLED | bool |
None |
Lets users manage SSH keys for use elsewhere |
| SAML_ENABLED | bool |
None |
Allows users to use SAML for federated login |
| OIDC_CODE_EXPIRE | int |
60 * 10 |
|
| OIDC_IDTOKEN_EXPIRE | int |
60 * 10 |
|
| OIDC_TOKEN_EXPIRE | int |
60 * 60 |
|
| OIDC_SESSION_MANAGEMENT_ENABLE | bool |
False |
If enabled, the Server will support Session Management 1.0 specification. |
| OIDC_SKIP_CONSENT_EXPIRE | int |
30 * 3 |
How many days before users have to re-consent if "re-use consent" is enabled for a client. |
| OIDC_GRANT_TYPE_PASSWORD_ENABLE | bool |
False |
Whether to allow the Resource Owner Password Credentials Grant |
| OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE | bool |
True |
|
| SECURE_HSTS_INCLUDE_SUBDOMAINS | bool |
False |
See Django documentation |
| SECURE_HSTS_PRELOAD | bool |
False |
See Django documentation |
| SECURE_HSTS_SECONDS | int |
0 |
See Django documentation |
| SECURE_CONTENT_TYPE_NOSNIFF | bool |
True |
See Django documentation |
| SECURE_BROWSER_XSS_FILTER | bool |
True |
See Django documentation |
| SECURE_SSL_REDIRECT | bool |
False |
See Django documentation |
| SESSION_COOKIE_NAME | 'sessionid' |
See Django documentation | |
| SESSION_COOKIE_SECURE | bool |
False |
See Django documentation |
| CSRF_COOKIE_SECURE | bool |
False |
See Django documentation |
| SILENCED_SYSTEM_CHECKS | list |
[] |
See Django documentation |