Configurations

Registry provides following configuration properties

Registry Configurations

Properties Description

Properties	Description
notification_enabled	boolean value which determines whether notification is to be sent or not
notification_url	url which will be used to send notification url
notification_async_enabled	to send out notifications in asynchronous manner
notification_topic	if notification_async_enabled is enabled, then kafka topic to which notification event will be sent
registry_perRequest_indexCreation_enabled	boolean value which determines if index needs to be created at database level
external_entities	comma separated strings of external entities
workflow.enable	boolean value to enable or disable the workflow i.e attestation policy
async_enabled	create entities asynchronously
kafka_create_entity_topic	if async_enabled, then this property defines the topic name to which new async requests are pushed
kafka_post_create_entity_topic	if async is enabled, then this property defines the topic name to which the response of create-entity is pushed
search_offset	this is the default offset that will be used while searching,
search_limit	this is the default limit that will be used or the max value that can be used to as a limit in the search
search_expandInternal	boolean value, if set true, all the search results will be expanded to include internal objects.
database_provider	this property states which database is to be used. Providers available are NEO4J, SQLG, CASSANDRA, ORIENTDB, TINKERGRAPH (in-memory)
connectionInfo_uri	url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb
connectionInfo_username	username to be used to connect to database
connectionInfo_password	password to be used to connect to database
connectionInfo_maxPoolSize	Database connection pool size
verify_url	this url will be used to verify the issued VC. point it to {certification_signer}/verify
certificate_health_check_url	certificate api service's health check url
template_folder_path	path from which default template will be loaded if no external template is provided. File name should be the `name_of_schema.appropriate_extention` The location should be in resources folder
audit_enabled	This audit configuration will enable audit logging in the system
audit_frame_store	FILE : Store the audit log in files. DATABASE : Store the audit log in the primary database configured and in elastic search if it's enabled
audit_suffix	suffix which is used for schema name to store audit information for a particular entity type
audit_suffixSeparator	separator between entity name and audit_suffix
validation_enabled	boolean property to check for request body to be validated in specific format
validation_type	type in which request body needs to be validated. eg JSON
service_connection_timeout	Set the connection timeout in milliseconds for the underlying request configuration
service_connection_request_timeout	Set the timeout in milliseconds used when requesting a connection from the connection manager using the underlying request Configuration
service_read_timeout	Set the socket read timeout in milliseconds for the underlying request configuration
http_max_connections	maximum http connections
taskExecutor_index_threadPoolName	Specify the prefix to use for the names of newly created threads.
taskExecutor_index_corePoolSize	Set the ThreadPoolExecutor's core pool size.
taskExecutor_index_maxPoolSize	Set the ThreadPoolExecutor's maximum pool size.
taskExecutor_index_queueCapacity	Set the capacity for the ThreadPoolExecutor's BlockingQueue.
auditTaskExecutor_threadPoolName	Specify the prefix to use for the names of newly created threads.
auditTaskExecutor_corePoolSize	Set the ThreadPoolExecutor's core pool size.
auditTaskExecutor_maxPoolSize	Set the ThreadPoolExecutor's maximum pool size.
auditTaskExecutor_queueCapacity	Set the capacity for the ThreadPoolExecutor's BlockingQueue.
elastic_search_connection_url	url for elastic search connection if elastic search is enabled. Elastic search is enabled using search_providerName
search_providerName	The search mechanism to use. Values could be either NativeSearchService or ElasticSearchService. If NativeSearchService, then every search API uses the same database as the writes. May not offer high speed reads. This is the default search service, if this config is not provided. If ElasticSearchService, then Elastic search is used. Ex: (dev.sunbirdrc.registry.service.ElasticSearchService, dev.sunbirdrc.registry.service.NativeSearchService)
sunbird_sso_realm	identity provider realm name to be used for authentication and authorization
sunbird_sso_url	identity provider connection url
sunbird_sso_admin_client_id	client id to be used as admin
sunbird_sso_admin_client_secret	secret key of keycloak admin client set by using sunbird_sso_admin_client_id
sunbird_keycloak_user_set_password	boolean value to default password for user/owner of entity in identity provider
sunbird_keycloak_user_password	if sunbird_keycloak_user_set_password is set to true, provide this value to set this as default user password
identity_user_actions	actions which will be trigger by identity provider example email actions: VERIFY_EMAIL, UPDATE_PROFILE, UPDATE_PASSWORD,TERMS_AND_CONDITIONS etc. email details should be configured in identity provider realm settings
identity_provider	name of the implementation of identity provider. below are the implemented identity providers in registry - `dev.sunbirdrc.auth.auth0.Auth0ProviderImpl` `dev.sunbirdrc.auth.genericiam.AuthProviderImpl` `dev.sunbirdrc.auth.keycloak.KeycloakProviderImpl`
oauth2_resource_uri	identity provider resource url. i.e. http://keycloak:8080/auth/realms/sunbird-rc
oauth2_resource_email_path	email path in identity provider resource (jwt token). i.e. email
oauth2_resource_consent_path	consent path in identity provider resource. i.e. consent
oauth2_resource_roles_path	roles path in identity provider resource. i.e. realm_access.roles
oauth2_resource_entity_path	entity path in identity provider resource. i.e. entity
oauth2_resource_user_id_path	user id path in identity provider resource. i.e. sub
claims_enabled	default `false`. boolean value which determines whether attestation is to be done
claims_url	url in order to connect to claims service
did_enabled	to enable or disable did service, It is required when using signature service v2
did_health_check_url	did service health check endpoint
did_generate_url	did service generate did endpoint
did_resolve_url	did service resolve did endpoint
signature_enabled	boolean value which determines whether signature is to be created for a document
signature_provider	Implementation of signature service to sign and verify credentials. implemented classes: `dev.sunbirdrc.registry.service.impl.SignatureV1ServiceImpl` `dev.sunbirdrc.registry.service.impl.SignatureV2ServiceImpl`
signature_v2_credential_did_method	DID method to generate the credential's id with
signature_v2_issuer_did_method	DID method to generate issuer did with
signature_v2_schema_author	name of the author to create credential schema
signature_v2_schema_author_did_method	DID method to generate did for the author of credential schema
signature_v2_health_check_url	health check url for SingatureV2ServiceImpl
signature_v2_issue_url	signature v2 issue credential url
signature_v2_get_url	signature v2 get credential by id url
signature_v2_delete_url	signature v2 delete credential by id url
signature_v2_verify_url	signature v2 verify credential by id url
signature_v2_verify_any_url	verify any credential url
signature_v2_revocation_list_url	signature v2 get revocation list url
signature_v2_schema_health_check_url	signature v2 credential schema healthcheck url
signature_v2_schema_create_url	signature v2 credential schema create url
signature_v2_schema_update_url	signature v2 credential schema update url
signature_v2_schema_get_by_id_and_version_url	signature v2 credential schema get by id and version url
signature_v2_schema_search_by_tags_url	signature v2 credential schema search by tags url
sign_url	url in order to connect to certificate signer to sign the document
sign_health_check_url	certificate signer health check url
certificate_enabled	default `false`. boolean value which determines whether certificate is to be generated
pdf_url	url to fetch certificate from certificate api service
certificate_health_check_url	certificate api health check url
template_base_url	api endpoint to get default templates stored in sunbird-rc
filestorage_enabled	default `false`. boolean value which determines whether documents are to be stored
filestorage_connection_url	minio connection url to store files
filestorage_access_key	access key of minio
filestorage_secret_key	secret key of minio
filestorage_bucket_key	bucket name where to store the files in minio
registry_base_apis_enable	if enabled the exisitng /add /update apis will be enabled. This is to enable backward compatibility
logging.level.root	The log level that will be used for logging. Default logging is INFO. Values supported: INFO DEBUG WARN ERROR
enable_external_templates	boolean value which when set to true, one can retrieve the certificate pdf using external templates
authentication_enabled	boolean value to enable authentication in the system
kafka_bootstrap_address	url for kafka connection
webhook_enabled	boolean value to enable webhook if async_enabled is true
webhook_url	if async_enabled and webhook_enabled is set to true, the caller can retrieve information of the created entity once it is generated via this webhook url
redis_host	redis connection url
redis_port	port on which redis is running
manager_type	if using a single instance of registry, set this value to DefinitionsManager else set to DistributedDefinitionsManager
service_retry_maxAttempts	The number of times an attempt must be made to reach to the service
service_retry_backoff_delay	The fixed time interval, in milliseconds, between each such attempt.
event_enabled	boolean value that indicates whether events should be emitted or not. if enabled, registry will start emitting events
event_topic	kafka topic name to which events will be emitted
event_providerName	name of provider to be used for emitting events. For eg: if Kafka is used, the value should be `dev.sunbirdrc.registry.service.impl.KafkaEventService`. If file is to be used to store events the value should be ``dev.sunbirdrc.registry.service.impl.FileEventService.java``
encryption_enabled	default `false`. boolean value which determines whether to enable encryption to store private fields. Note: External encryption service is required to encrypt/decrypt
encryption_health_check_url	encryption service health check endpoint
encryption_uri	encryption service encrypt api endpoint
encryption_batch_uri	encryption service batch encrypt api endpoint
decryption_uri	encryption service decrypt api endpoint
decryption_batch_uri	encryption service batch decrypt api endpoint
encryption_method	`Normal`/`Imp` or keys from map value provided in encryption service property `type.to.method.map`
encryption_tenant_id	tenant id to use for encryption
idgen_enabled	`boolean` to enable/disable idgen feature
idgen_tenant_id	tenant id to use for id generation
idgen_health_check_url	idgen service health check api endpoint
idgen_generate_url	idgen service id generate api endpoint
idgen_id_format_url	idgen service id format api endpoint
swagger_enabled	default `true`. boolean value to enable/disable swagger apis
swagger_title	to set custom title for swagger to be generated
swagger_description	to set custom description for swagger to be generated
swagger_version	to set a custom version for swagger

notification_enabled

boolean value which determines whether notification is to be sent or not

notification_url

url which will be used to send notification url

notification_async_enabled

to send out notifications in asynchronous manner

notification_topic

if notification_async_enabled is enabled, then kafka topic to which notification event will be sent

registry_perRequest_indexCreation_enabled

boolean value which determines if index needs to be created at database level

external_entities

comma separated strings of external entities

workflow.enable

boolean value to enable or disable the workflow i.e attestation policy

async_enabled

create entities asynchronously

kafka_create_entity_topic

if async_enabled, then this property defines the topic name to which new async requests are pushed

kafka_post_create_entity_topic

if async is enabled, then this property defines the topic name to which the response of create-entity is pushed

search_offset

this is the default offset that will be used while searching,

search_limit

this is the default limit that will be used or the max value that can be used to as a limit in the search

search_expandInternal

boolean value, if set true, all the search results will be expanded to include internal objects.

database_provider

this property states which database is to be used. Providers available are NEO4J, SQLG, CASSANDRA, ORIENTDB, TINKERGRAPH (in-memory)

connectionInfo_uri

url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb

connectionInfo_username

username to be used to connect to database

connectionInfo_password

password to be used to connect to database

connectionInfo_maxPoolSize

Database connection pool size

verify_url

this url will be used to verify the issued VC. point it to {certification_signer}/verify

certificate_health_check_url

certificate api service's health check url

template_folder_path

path from which default template will be loaded if no external template is provided. File name should be the name_of_schema.appropriate_extention The location should be in resources folder

audit_enabled

This audit configuration will enable audit logging in the system

audit_frame_store

FILE : Store the audit log in files. DATABASE : Store the audit log in the primary database configured and in elastic search if it's enabled

audit_suffix

suffix which is used for schema name to store audit information for a particular entity type

audit_suffixSeparator

separator between entity name and audit_suffix

validation_enabled

boolean property to check for request body to be validated in specific format

validation_type

type in which request body needs to be validated. eg JSON

service_connection_timeout

Set the connection timeout in milliseconds for the underlying request configuration

service_connection_request_timeout

Set the timeout in milliseconds used when requesting a connection from the connection manager using the underlying request Configuration

service_read_timeout

Set the socket read timeout in milliseconds for the underlying request configuration

http_max_connections

maximum http connections

taskExecutor_index_threadPoolName

Specify the prefix to use for the names of newly created threads.

taskExecutor_index_corePoolSize

Set the ThreadPoolExecutor's core pool size.

taskExecutor_index_maxPoolSize

Set the ThreadPoolExecutor's maximum pool size.

taskExecutor_index_queueCapacity

Set the capacity for the ThreadPoolExecutor's BlockingQueue.

auditTaskExecutor_threadPoolName

Specify the prefix to use for the names of newly created threads.

auditTaskExecutor_corePoolSize

Set the ThreadPoolExecutor's core pool size.

auditTaskExecutor_maxPoolSize

Set the ThreadPoolExecutor's maximum pool size.

auditTaskExecutor_queueCapacity

Set the capacity for the ThreadPoolExecutor's BlockingQueue.

elastic_search_connection_url

url for elastic search connection if elastic search is enabled. Elastic search is enabled using search_providerName

search_providerName

The search mechanism to use. Values could be either NativeSearchService or ElasticSearchService. If NativeSearchService, then every search API uses the same database as the writes. May not offer high speed reads. This is the default search service, if this config is not provided. If ElasticSearchService, then Elastic search is used. Ex: (dev.sunbirdrc.registry.service.ElasticSearchService, dev.sunbirdrc.registry.service.NativeSearchService)

sunbird_sso_realm

identity provider realm name to be used for authentication and authorization

sunbird_sso_url

identity provider connection url

sunbird_sso_admin_client_id

client id to be used as admin

sunbird_sso_admin_client_secret

secret key of keycloak admin client set by using sunbird_sso_admin_client_id

sunbird_keycloak_user_set_password

boolean value to default password for user/owner of entity in identity provider

sunbird_keycloak_user_password

if sunbird_keycloak_user_set_password is set to true, provide this value to set this as default user password

identity_user_actions

actions which will be trigger by identity provider example email actions: VERIFY_EMAIL, UPDATE_PROFILE, UPDATE_PASSWORD,TERMS_AND_CONDITIONS etc. email details should be configured in identity provider realm settings

identity_provider

name of the implementation of identity provider. below are the implemented identity providers in registry -

dev.sunbirdrc.auth.auth0.Auth0ProviderImpl dev.sunbirdrc.auth.genericiam.AuthProviderImpl

dev.sunbirdrc.auth.keycloak.KeycloakProviderImpl

oauth2_resource_uri

identity provider resource url. i.e. http://keycloak:8080/auth/realms/sunbird-rc

oauth2_resource_email_path

email path in identity provider resource (jwt token). i.e. email

oauth2_resource_consent_path

consent path in identity provider resource. i.e. consent

oauth2_resource_roles_path

roles path in identity provider resource. i.e. realm_access.roles

oauth2_resource_entity_path

entity path in identity provider resource. i.e. entity

oauth2_resource_user_id_path

user id path in identity provider resource. i.e. sub

claims_enabled

default false. boolean value which determines whether attestation is to be done

claims_url

url in order to connect to claims service

did_enabled

to enable or disable did service, It is required when using signature service v2

did_health_check_url

did service health check endpoint

did_generate_url

did service generate did endpoint

did_resolve_url

did service resolve did endpoint

signature_enabled

boolean value which determines whether signature is to be created for a document

signature_provider

Implementation of signature service to sign and verify credentials. implemented classes: dev.sunbirdrc.registry.service.impl.SignatureV1ServiceImpl dev.sunbirdrc.registry.service.impl.SignatureV2ServiceImpl

signature_v2_credential_did_method

DID method to generate the credential's id with

signature_v2_issuer_did_method

DID method to generate issuer did with

signature_v2_schema_author

name of the author to create credential schema

signature_v2_schema_author_did_method

DID method to generate did for the author of credential schema

signature_v2_health_check_url

health check url for SingatureV2ServiceImpl

signature_v2_issue_url

signature v2 issue credential url

signature_v2_get_url

signature v2 get credential by id url

signature_v2_delete_url

signature v2 delete credential by id url

signature_v2_verify_url

signature v2 verify credential by id url

signature_v2_verify_any_url

verify any credential url

signature_v2_revocation_list_url

signature v2 get revocation list url

signature_v2_schema_health_check_url

signature v2 credential schema healthcheck url

signature_v2_schema_create_url

signature v2 credential schema create url

signature_v2_schema_update_url

signature v2 credential schema update url

signature_v2_schema_get_by_id_and_version_url

signature v2 credential schema get by id and version url

signature_v2_schema_search_by_tags_url

signature v2 credential schema search by tags url

sign_url

url in order to connect to certificate signer to sign the document

sign_health_check_url

certificate signer health check url

certificate_enabled

default false. boolean value which determines whether certificate is to be generated

pdf_url

url to fetch certificate from certificate api service

certificate_health_check_url

certificate api health check url

template_base_url

api endpoint to get default templates stored in sunbird-rc

filestorage_enabled

default false. boolean value which determines whether documents are to be stored

filestorage_connection_url

minio connection url to store files

filestorage_access_key

access key of minio

filestorage_secret_key

secret key of minio

filestorage_bucket_key

bucket name where to store the files in minio

registry_base_apis_enable

if enabled the exisitng /add /update apis will be enabled. This is to enable backward compatibility

logging.level.root

The log level that will be used for logging. Default logging is INFO. Values supported: INFO DEBUG WARN ERROR

enable_external_templates

boolean value which when set to true, one can retrieve the certificate pdf using external templates

authentication_enabled

boolean value to enable authentication in the system

kafka_bootstrap_address

url for kafka connection

webhook_enabled

boolean value to enable webhook if async_enabled is true

webhook_url

if async_enabled and webhook_enabled is set to true, the caller can retrieve information of the created entity once it is generated via this webhook url

redis_host

redis connection url

redis_port

port on which redis is running

manager_type

if using a single instance of registry, set this value to DefinitionsManager else set to DistributedDefinitionsManager

service_retry_maxAttempts

The number of times an attempt must be made to reach to the service

service_retry_backoff_delay

The fixed time interval, in milliseconds, between each such attempt.

event_enabled

boolean value that indicates whether events should be emitted or not. if enabled, registry will start emitting events

event_topic

kafka topic name to which events will be emitted

event_providerName

name of provider to be used for emitting events. For eg: if Kafka is used, the value should be dev.sunbirdrc.registry.service.impl.KafkaEventService. If file is to be used to store events the value should be `dev.sunbirdrc.registry.service.impl.FileEventService.java`

encryption_enabled

default false. boolean value which determines whether to enable encryption to store private fields. Note: External encryption service is required to encrypt/decrypt

encryption_health_check_url

encryption service health check endpoint

encryption_uri

encryption service encrypt api endpoint

encryption_batch_uri

encryption service batch encrypt api endpoint

decryption_uri

encryption service decrypt api endpoint

decryption_batch_uri

encryption service batch decrypt api endpoint

encryption_method

Normal/Imp or keys from map value provided in encryption service property type.to.method.map

encryption_tenant_id

tenant id to use for encryption

idgen_enabled

boolean to enable/disable idgen feature

idgen_tenant_id

tenant id to use for id generation

idgen_health_check_url

idgen service health check api endpoint

idgen_generate_url

idgen service id generate api endpoint

idgen_id_format_url

idgen service id format api endpoint

swagger_enabled

default true. boolean value to enable/disable swagger apis

swagger_title

to set custom title for swagger to be generated

swagger_description

to set custom description for swagger to be generated

swagger_version

to set a custom version for swagger

Claims Service

Properties	Description
sunbirdrc_url	used by claim service to communicate with sunbirdrc. url which corresponds to registry deployed host and port

Properties

Description

sunbirdrc_url

used by claim service to communicate with sunbirdrc. url which corresponds to registry deployed host and port

Certificate Api service

Properties Description

Properties	Description
CUSTOM_TEMPLATE_DELIMITERS	Delimeters to be used to parse credential/certificate template. By default `{{,}}`
QR_TYPE	Types of QR codes that sunbird supports 1. W3C-VC 2. URL-W3C-VC (if VC needs to be sent as a URL) 3. URL (If only a URL needs to be part of the QR. The URL will only contain the entity name and osid.
CERTIFICATE_DOMAIN_URL	Base URL to be used when `QR_TYPE` is URL*

CUSTOM_TEMPLATE_DELIMITERS

Delimeters to be used to parse credential/certificate template. By default {{,}}

QR_TYPE

Types of QR codes that sunbird supports 1. W3C-VC 2. URL-W3C-VC (if VC needs to be sent as a URL) 3. URL (If only a URL needs to be part of the QR. The URL will only contain the entity name and osid.

CERTIFICATE_DOMAIN_URL

Base URL to be used when QR_TYPE is URL*

Certificate signer service

Properties Description

Properties	Description
CACHE_CONTEXT_URLS	Predefine a set of context urls to be cached to avoid runtime network access.
CONFIG_BASE_PATH	path to config.json file where all the signing keys are stored
CUSTOM_TEMPLATE_DELIMITERS	Delimeters to be used to parse credential/certificate template. By default `{{,}}`

CACHE_CONTEXT_URLS

Predefine a set of context urls to be cached to avoid runtime network access.

CONFIG_BASE_PATH

path to config.json file where all the signing keys are stored

CUSTOM_TEMPLATE_DELIMITERS

Delimeters to be used to parse credential/certificate template. By default {{,}}

Notification Service

Properties	Description
KAFKA_BOOTSTRAP_SERVERS	Kafka bootstrap servers (ex: host:port)
SMS_AUTH_KEY	api url to send sms to provided mobile numbers
SMS_AUTH_KEY	authorization key for sms api url
ENABLE_SMS	flag to enable sending sms using sms api
TRACK_NOTIFICATIONS	boolean value to track all sent notifications and fetch them if needed

Properties

Description

KAFKA_BOOTSTRAP_SERVERS

Kafka bootstrap servers (ex: host:port)

SMS_AUTH_KEY

api url to send sms to provided mobile numbers

SMS_AUTH_KEY

authorization key for sms api url

ENABLE_SMS

flag to enable sending sms using sms api

TRACK_NOTIFICATIONS

boolean value to track all sent notifications and fetch them if needed

Metrics Service

Properties	Description
CLICK_HOUSE_URL	clickhouse database url along with port on which clickhouse is hosted
CLICKHOUSE_DATABASE	database name where the events will be stored
KAFKA_BOOTSTRAP_SERVERS	url along with port number on which kafka is running
KAFKA_METRICS_TOPIC	topic name to which registry produces events
DATABASE_PROVIDER_NAME	type of database being used. eg clickhouse
REDIS_URL	url where redis is hosted
CRON_ENABLE	boolean value which will run the cron job and save the aggregates to redis
SCHEDULE_INTERVAL	days interval after which you want to run cron job to compute aggregates
SCHEDULE_TIME	time at which you want to run cron job to compute aggregates

Properties

Description

CLICK_HOUSE_URL

clickhouse database url along with port on which clickhouse is hosted

CLICKHOUSE_DATABASE

database name where the events will be stored

KAFKA_BOOTSTRAP_SERVERS

url along with port number on which kafka is running

KAFKA_METRICS_TOPIC

topic name to which registry produces events

DATABASE_PROVIDER_NAME

type of database being used. eg clickhouse

REDIS_URL

url where redis is hosted

CRON_ENABLE

boolean value which will run the cron job and save the aggregates to redis

SCHEDULE_INTERVAL

days interval after which you want to run cron job to compute aggregates

SCHEDULE_TIME

time at which you want to run cron job to compute aggregates

Bulk Issuance

Properties	Description
REGISTRY_BASE_URL	url on which registry is hosted
DATABASE_HOST	host address of database
DATABASE_PORT	port on which database is running
DATABASE_USER	username of database
DATABASE_PASSWORD	password for that user of the database
DATABASE_NAME	database name
KEYCLOAK_PUBLIC_KEY	public key from keycloak
KEYCLOAK_URL	url for keycloak
KEYCLOAK_REALM	keycloak realm name

Properties

Description

REGISTRY_BASE_URL

url on which registry is hosted

DATABASE_HOST

host address of database

DATABASE_PORT

port on which database is running

DATABASE_USER

username of database

DATABASE_PASSWORD

password for that user of the database

DATABASE_NAME

database name

KEYCLOAK_PUBLIC_KEY

public key from keycloak

KEYCLOAK_URL

url for keycloak

KEYCLOAK_REALM

keycloak realm name

Digilocker Certificate API

Properties Description

Properties	Description
DIGILOCKER_HMAC_AUTHKEY	A random generated string. This will be used to verify the HMAC from request and HMAC from the request body. This is the API Key of Digilocker
DIGILOCKER_AUTH_KEYNAME	Needed to fetch HMAC From Request. Its default value is `x-digilocker-hmac`
DIGILOCKER_DOC_ID_PREFIX	Document prefix which needs to be sent it in response in order to map it to correct document in digilocker. This is different for different issuers
KEYCLOAK_TOKEN_URL	Keycloak connection url
KEYCLOAK_CLIENT_SECRET	secret key of keycloak admin client set by using sunbird_sso_admin_client_id
KEYCLOAK_CLIENT_ID	client id to be used as admin
REGISTRY_URL	Registry url

DIGILOCKER_HMAC_AUTHKEY

A random generated string. This will be used to verify the HMAC from request and HMAC from the request body. This is the API Key of Digilocker

DIGILOCKER_AUTH_KEYNAME

Needed to fetch HMAC From Request. Its default value is x-digilocker-hmac

DIGILOCKER_DOC_ID_PREFIX

Document prefix which needs to be sent it in response in order to map it to correct document in digilocker. This is different for different issuers

KEYCLOAK_TOKEN_URL

Keycloak connection url

KEYCLOAK_CLIENT_SECRET

secret key of keycloak admin client set by using sunbird_sso_admin_client_id

KEYCLOAK_CLIENT_ID

client id to be used as admin

REGISTRY_URL

Registry url

Encryption Service

To enable the encryption/decryption feature in registry set the environment variable in .env file ENCRYPTION_ENABLED=true

Properties Description

Properties	Description
server.port	port on which encryption should run
server.servlet.context-path	context path for encryption to run on
spring.datasource.url	url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb
spring.flyway.url	url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb
spring.flyway.baseline-on-migrate	boolean, to handle migration scripts versioning
egov.mdms.provider	implemented class to provide master data. It has two classes implemented. `org.egov.enc.masterdata.provider.DBMasterDataProvider` `org.egov.enc.masterdata.provider.WebServiceMasterDataProvider`

server.port

port on which encryption should run

server.servlet.context-path

context path for encryption to run on

spring.datasource.url

url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb

spring.flyway.url

url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb

spring.flyway.baseline-on-migrate

boolean, to handle migration scripts versioning

egov.mdms.provider

implemented class to provide master data. It has two classes implemented. org.egov.enc.masterdata.provider.DBMasterDataProvider org.egov.enc.masterdata.provider.WebServiceMasterDataProvider

ID Gen Service

To enable Id generation feature 1. Add environment variable in .env file IDGEN_ENABLED=true 2. Follow documentation for unique identifier fields in Schema Configuration to configure the schema

Properties Description

Properties	Description
spring.datasource.url	url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb
spring.flyway.baseline-on-migrate	boolean, to migration scripts versioning
autocreate.new.seq	boolean, set true to auto create sequences provided in schema configurations property `uniqueIdentifierFields`
idformat.from.mdms	booean, set true to fetch id format from mdms
egov.mdms.provider	implemented class to provide master data. It has two classes implemented. `org.egov.id.masterdata.provider.DBMasterDataProvider` `org.egov.id.masterdata.provider.WebServiceMasterDataProvider`

spring.datasource.url

url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb

spring.flyway.baseline-on-migrate

boolean, to migration scripts versioning

autocreate.new.seq

boolean, set true to auto create sequences provided in schema configurations property uniqueIdentifierFields

idformat.from.mdms

booean, set true to fetch id format from mdms

egov.mdms.provider

implemented class to provide master data. It has two classes implemented. org.egov.id.masterdata.provider.DBMasterDataProvider org.egov.id.masterdata.provider.WebServiceMasterDataProvider

PreviousWorking with Source Code NextFrontend Configurations

Last updated 4 months ago