-
Notifications
You must be signed in to change notification settings - Fork 899
Using configuration file
Lennart Fleischmann edited this page Sep 17, 2024
·
2 revisions
The Hanko backend can be configured using a .yaml
configuration file.
Following are the contents of the default configuration file, that contains the majority of the available configuration options with their default values explicitly set. For a complete overview of all options with in-depth descriptions, consult the reference.
account:
allow_deletion: true
allow_signup: true
convert_legacy_config: false
database:
user: hanko
password: hanko
host: localhost
port: "5432"
dialect: postgres
email:
enabled: true
optional: true
acquire_on_registration: true
acquire_on_login: false
require_verification: true
limit: 100
use_as_login_identifier: true
max_length: 100
use_for_authentication: true
passcode_ttl: 300
email_delivery:
enabled: true
from_address: [email protected]
from_name: Hanko
smtp:
host: localhost
port: "465"
log:
log_health_and_metrics: true
passkey:
enabled: true
optional: false
acquire_on_registration: always
acquire_on_login: always
attestation_preference: direct
user_verification: preferred
limit: 100
password:
enabled: true
optional: false
acquire_on_registration: always
acquire_on_login: never
recovery: true
min_length: 8
rate_limiter:
enabled: true
store: in_memory
passcode_limits:
tokens: 3
interval: 1m
password_limits:
tokens: 3
interval: 1m
token_limits:
tokens: 3
interval: 1m
saml:
enabled: false
secrets:
keys:
- abcedfghijklmnopqrstuvwxyz
server:
public:
cors:
allow_origins:
- http://localhost:63342
- http://localhost:8888
- http://localhost:8000
service:
name: Hanko Authentication Service
session:
lifespan: 1h
enable_auth_token_header: false
third_party:
providers:
apple:
enabled: false
discord:
enabled: false
github:
enabled: false
google:
enabled: false
linkedin:
enabled: false
microsoft:
enabled: false
username:
enabled: false
optional: true
acquire_on_registration: true
acquire_on_login: true
use_as_login_identifier: true
min_length: 3
max_length: 32
webauthn:
timeouts:
registration: 60000
login: 60000
relying_party:
id: localhost
origins:
- http://localhost:63342
- http://localhost:8888
- http://localhost:8000
webhooks:
enabled: false
allow_time_expiration: false