List of Identity Manager system properties

This article includes updates for Smart ID 23.10.3.

The table below contains properties that can be set for the Identity Manager components (Admin and/or Operator).

For more information, see Set properties for Identity Manager Admin and Set properties for Identity Manager Operator.

Property	Default value if not set	IDM component	Description

Property	Default value if not set	IDM component	Description
jobExecutorStarter.startOnSystemStartup	true	Operator	Enable or disable the activiti engine on system startup.
deleteConfigurationVisibility.deleteConfigurationVisible	false	Admin	Shows or hides the Delete Configuration button. Do not use this property in production systems.
uploadPopup.enableUploadButtonStrategyName	enableUploadButtonStrategyAllowUnsigned	Admin, Operator	Sets the behavior of the Upload button. Configure the tolerance for configuration/zip signing and verification. This configuration should be set to reflect how "zipPacker.signZip" and "zipUnpacker.verifyZip" are configured. Accepted values: enableUploadButtonStrategyStrict enableUploadButtonStrategyAllowUnsigned enableUploadButtonStrategyIgnoreSigning
zipPacker.signZip	true	Admin, Operator	Enable or disable signing of ZIP archives and configuration.
zipUnpacker.verifyZip	true	Admin, Operator	Enable or disable verification of ZIP archives and configuration.
uploadContext.serverSideMaxFileUploadSizeMB	5	Admin, Operator	Sets the maximum size in MB of files that can be uploaded to Identity Manager. This is an additional limit on top of maxPostSize in bytes from the Tomcat server configuration (see also https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Whichever is the smallest value wins. Increase this value if you need to upload large configuration files.
historyServiceSigner.descriptorName	ObjectHistorySigner	Operator	Activate the chained signature feature in object history.
cardSDKConnectorBaseConfig.cardSDKUrl	https://localhost:54881	Operator	The URL to CardSDK. Used for image capture.
commonHistoryService.historyCutOffDuration	12	Operator	This value is number of month. If no historyCutOffDuration is set, then history verification and cleanup will behave as follows: verification (via REST or scheduled task) checks the entire history. no cleaning (via scheduled task) will be done. You can set historyCutOffDuration to N >= 12, then it will behave as follows: verification (via REST or scheduled task) checks the most recent N months. cleaning (via scheduled task) deletes entries older than N months. If historyCutOffDuration is set to N < 12 then the minimum value as 12 will be used instead.
cronUsername	admin	Operator	The system user for scheduled tasks. Executes tasks relevant to all tenants.
cronPassword	admin	Operator	The system user password for scheduled tasks. Executes tasks relevant to all tenants.
cronTenantId	1	Operator	The tenant id of the system user for scheduled tasks. Executes tasks relevant to all tenants, not only for this specific tenant, such as sending out notifications to admins.
historyVerificationTrigger.cronExpression	0 30 0 ? * SUN *	Operator	A cron expression that defines at which frequency the History verification task will run.
historyCleaningTrigger.cronExpression	0 30 0 ? * FRI *	Operator	A cron expression that defines at which frequency the History Cleaning task will run.
schedulingReporter.cc		Operator	Email address (CC) of users to be notified by the history verification task.
schedulingReporter.to		Operator	Email address (TO) of users to be notified by the history verification task.
activitiHistoryCleaner.daysAfterEndTime	30	Operator	Parameter for the Activiti process history cleanup task. Defines the number of days to wait, after a process is completed, until it will be removed.
activitiHistoryCleaner.daysOfInactivity	180	Operator	Parameter for the Activiti process history cleanup task. Defines the number of days a running process can stay inactive until it will be removed.
activitiHistoryCleanerJobTrigger.cronExpression	0 0 23 ? * FRI *	Operator	Parameter for the Activiti process history cleanup task. A cron expression that defines at which frequency the cleanup task is run.
objectHistoryRemovalStrategy.removeWhenDeletingCoreObject	false	Operator	If set to true, history entries are deleted when a core object is deleted.
quartzScheduler.enable	true	Operator	Enable or disable the quartz scheduler. By disabling, all the scheduled tasks are disabled.
caasCommunicationService.clientId		Admin, Operator	See Integrate Nexus GO Cards to Identity Manager
caasCommunicationService.clientSecret		Admin, Operator	See Integrate Nexus GO Cards to Identity Manager
caasCommunicationService.organisationId		Admin, Operator	See Integrate Nexus GO Cards to Identity Manager
caasCommunicationService.hostname	cards.nxsas.com	Admin, Operator	See Integrate Nexus GO Cards to Identity Manager
webappUrlInfo.httpsOverridePort		Operator	Disabled by default (see info "HTTPS Override Ports" below the table), for JPKIEncoder download.
webServer.httpsOverridePort		Operator	Disabled by default (see info "HTTPS Override Ports" below the table), for CA connector calls.
scheduledJob.monitorInterval	0 0/1 * * * ?	Operator	This cron expression determines the scan interval of the ScheduledJobMonitor.
scheduledJob.permissionRole	BaseRoleBatchSync	Operator	The scheduled jobs are executed with this role.
processtracker.enabled	true	Operator	Enable or disable the Process Tracker. Note: Debug logging for de.nexus.projectutils.processtracker has to be enabled. (It is disabled by default.) You can enable it here and change it on/off without restarting tomcat by changing the log4j2 config. Note: The performance might slightly decrease due to this.
idmInstanceId		Operator	In a multi-node environment, the instance ID is the value that uniquely identifies each Tomcat.
MLTextTranslationProvider.defaultLanguage	en	Admin, Operator	See Configure language in Smart ID Identity Manager.
multilanguageHelper.localeString	de,en,fr,sv	Admin, Operator	See Configure language in Smart ID Identity Manager.
licenseRestController.permittedRole	Administrator	Admin, Operator	The role which is allowed to upload product licenses, either on first login or through the REST API.
hermodEncodingService.pollWaitSec	1	Operator	Long time polling can be less efficient than operating with several short polls if the Smart ID Messaging server is clustered. Value 1 means waiting 1 second. Value 0 waits until time out configured in the messaging connection.
commonHistoryService.signatureVerifyThreads	30	Operator	The history verification is done in multiple concurrent threads. This is the thread pool size.
jksKeyStoreProvider.keyStorePath	${catalina.base}/conf/prime.truststore	Operator	Path to the truststore to use for certificate validation.
jksKeyStoreProvider.keyStorePassword		Operator	The password for the truststore.
jksKeyStoreProvider.keyStoreType		Operator	The type of the truststore. Valid values include "JKS" for the keystore used with Tomcat and "PKCS12" for PKCS#12 keystore.