Skip to content

Using configuration file

Jump to bottom
Lennart Fleischmann edited this page Sep 17, 2024 · 2 revisions

The Hanko backend can be configured using a .yaml configuration file.

Following are the contents of the default configuration file, that contains the majority of the available configuration options with their default values explicitly set. For a complete overview of all options with in-depth descriptions, consult the reference.

account:
  allow_deletion: true
  allow_signup: true
convert_legacy_config: false
database:
  user: hanko
  password: hanko
  host: localhost
  port: "5432"
  dialect: postgres
email:
  enabled: true
  optional: true
  acquire_on_registration: true
  acquire_on_login: false
  require_verification: true
  limit: 100
  use_as_login_identifier: true
  max_length: 100
  use_for_authentication: true
  passcode_ttl: 300
email_delivery:
  enabled: true
  from_address: [email protected]
  from_name: Hanko
  smtp:
    host: localhost
    port: "465"
log:
  log_health_and_metrics: true
passkey:
  enabled: true
  optional: false
  acquire_on_registration: always
  acquire_on_login: always
  attestation_preference: direct
  user_verification: preferred
  limit: 100
password:
  enabled: true
  optional: false
  acquire_on_registration: always
  acquire_on_login: never
  recovery: true
  min_length: 8
rate_limiter:
  enabled: true
  store: in_memory
  passcode_limits:
    tokens: 3
    interval: 1m
  password_limits:
    tokens: 3
    interval: 1m
  token_limits:
    tokens: 3
    interval: 1m
saml:
  enabled: false
secrets:
  keys:
    - abcedfghijklmnopqrstuvwxyz
server:
  public:
    cors:
      allow_origins:
        - http://localhost:63342
        - http://localhost:8888
        - http://localhost:8000
service:
  name: Hanko Authentication Service
session:
  lifespan: 1h
  enable_auth_token_header: false
third_party:
  providers:
    apple:
      enabled: false
    discord:
      enabled: false
    github:
      enabled: false
    google:
      enabled: false
    linkedin:
      enabled: false
    microsoft:
      enabled: false
username:
  enabled: false
  optional: true
  acquire_on_registration: true
  acquire_on_login: true
  use_as_login_identifier: true
  min_length: 3
  max_length: 32
webauthn:
  timeouts:
    registration: 60000
    login: 60000
  relying_party:
    id: localhost
    origins:
      - http://localhost:63342
      - http://localhost:8888
      - http://localhost:8000
webhooks:
  enabled: false
  allow_time_expiration: false
Clone this wiki locally