Info |
---|
This article includes updates for Smart ID 23.10.3. |
The table below contains properties that can be set for the Identity Manager components (Admin and/or Operator).
For more information, see Set properties for Identity Manager Admin and Set properties for Identity Manager Operator.
Property | Default Value if not set | IDM component | Description | ||
---|---|---|---|---|---|
jobExecutorStarter.startOnSystemStartup | true | Operator | Enable or disable the activiti engine on system startup. | ||
deleteConfigurationVisibility.deleteConfigurationVisible | false | Admin | Shows or hides the Delete Configuration button.
| ||
uploadPopup.enableUploadButtonStrategyName | enableUploadButtonStrategyAllowUnsigned | Admin, Operator | Sets the behavior of the Upload button. Configure the tolerance for configuration/zip signing and verification. This configuration should be set to reflect how "zipPacker.signZip" and "zipUnpacker.verifyZip" are configured. Accepted values:
| ||
zipPacker.signZip | true | Admin, Operator | Enable or disable signing of ZIP archives and configuration. | ||
zipUnpacker.verifyZip | true | Admin, Operator | Enable or disable verification of ZIP archives and configuration. | ||
historyServiceSigner.descriptorName | ObjectHistorySigner | Operator | Activate the chained signature feature in object history. | ||
cardSDKConnectorBaseConfig.cardSDKUrl | https://localhost:54881 | Operator | The URL to CardSDK. Used for image capture. | ||
commonHistoryService.historyCutOffDuration | 12 | Operator | This value is number of month. If no historyCutOffDuration is set, then history verification and cleanup will behave as follows:
You can set historyCutOffDuration to N >= 12, then it will behave as follows:
If historyCutOffDuration is set to N < 12 then the minimum value as 12 will be used instead. Note: In order for verification of a chain to succeed, the oldest entry within the interval still requires a valid predecessor (if a predecessorId is set). | ||
cronUsername | admin | Operator | The system user for scheduled tasks. Executes tasks relevant to all tenants. | ||
cronPassword | admin | Operator | The system user password for scheduled tasks. Executes tasks relevant to all tenants. | ||
cronTenantId | 1 | Operator | The tenant id of the system user for scheduled tasks. Executes tasks relevant to all tenants, not only for this specific tenant, such as sending out notifications to admins.
| ||
historyVerificationTrigger.cronExpression | 0 30 0 ? * SUN * | Operator | A cron expression that defines at which frequency the History verification task will run. | ||
historyCleaningTrigger.cronExpression | 0 30 0 ? * FRI * | Operator | A cron expression that defines at which frequency the History Cleaning task will run. | ||
Operator | Email address (CC) of users to be notified by the history verification task. | ||||
schedulingReporter.to | Operator | Email address (TO) of users to be notified by the history verification task. | |||
activitiHistoryCleaner.daysAfterEndTime | 30 | Operator | Parameter for the Activiti process history cleanup task. Defines the number of days to wait, after a process is completed, until it will be removed. | ||
activitiHistoryCleaner.daysOfInactivity | 180 | Operator | Parameter for the Activiti process history cleanup task. Defines the number of days a running process can stay inactive until it will be removed. | ||
activitiHistoryCleanerJobTrigger.cronExpression | 0 0 23 ? * FRI * | Operator | Parameter for the Activiti process history cleanup task. A cron expression that defines at which frequency the cleanup task is run. | ||
objectHistoryRemovalStrategy.removeWhenDeletingCoreObject | false | Operator | If set to true, history entries are deleted when a core object is deleted. | ||
quartzScheduler.enable | true | Operator | Enable or disable the quartz scheduler. By disabling, all the scheduled tasks are disabled. | ||
caasCommunicationService.clientId | Admin, Operator | ||||
caasCommunicationService.clientSecret | Admin, Operator | ||||
caasCommunicationService.organisationId | Admin, Operator | ||||
caasCommunicationService.hostname | Admin, Operator | See Integrate Nexus GO Cards to Identity Manager | |||
webappUrlInfo.httpsOverridePort | Operator | Disabled by default (see info "HTTPS Override Ports" below the table), for JPKIEncoder download. | |||
webServer.httpsOverridePort | Operator | Disabled by default (see info "HTTPS Override Ports" below the table), for CA connector calls. | |||
scheduledJob.monitorInterval | 0 0/1 * * * ? | Operator | This cron expression determines the scan interval of the ScheduledJobMonitor. | ||
scheduledJob.permissionRole | BaseRoleBatchSync | Operator | The scheduled jobs are executed with this role. | ||
processtracker.enabled | true | Operator | Enable or disable the Process Tracker. Note: Debug logging for de.nexus.projectutils.processtracker has to be enabled. (It is disabled by default.) You can enable it here and change it on/off without restarting tomcat by changing the log4j2 config. Note: The performance might slightly decrease due to this. | ||
idmInstanceId | Operator | In a multi-node environment, the instance ID is the value that uniquely identifies each Tomcat. | |||
MLTextTranslationProvider.defaultLanguage | en | Admin, Operator | See Configure language in Smart ID Identity Manager. | ||
multilanguageHelper.localeString | de,en,fr,sv | Admin, Operator | See Configure language in Smart ID Identity Manager. | ||
licenseRestController.permittedRole | Administrator | Admin, Operator | The role which is allowed to upload product licenses, either on first login or through the REST API. | ||
hermodEncodingService.pollWaitSec | 1 | Operator | Long time polling can be less efficient than operating with several short polls if the Smart ID Messaging server is clustered. Value 1 means waiting 1 second. Value 0 waits until time out configured in the messaging connection. | ||
commonHistoryService.SignatureVerifyThreadssignatureVerifyThreads | 30 | Operator | The history verification is done in multiple concurrent threads. This is the thread pool size. |
Info | ||
---|---|---|
| ||
If you use client-auth to log into Identity Manager Operator or Self Service, you need to configure overrides to non-client-auth HTTPS ports here, otherwise the CardSDK trying to download the JPKIEncoder or the JPKIEncoder calling an integrated CA connector will not be able to connect. |