List of Identity Manager system properties
This article includes updates for Smart ID 23.10.3.
The table below contains properties that can be set for the Identity Manager components (Admin and/or Operator).
For more information, see Set properties for Identity Manager Admin and Set properties for Identity Manager Operator.
Property | Default value if not set | IDM component | Description |
---|---|---|---|
jobExecutorStarter.startOnSystemStartup | true | Operator | Enable or disable the activiti engine on system startup. |
deleteConfigurationVisibility.deleteConfigurationVisible | false | Admin | Shows or hides the Delete Configuration button. Do not use this property in production systems. |
uploadPopup.enableUploadButtonStrategyName | enableUploadButtonStrategyAllowUnsigned | Admin, Operator | Sets the behavior of the Upload button. Configure the tolerance for configuration/zip signing and verification. This configuration should be set to reflect how "zipPacker.signZip" and "zipUnpacker.verifyZip" are configured. Accepted values:
|
zipPacker.signZip | true | Admin, Operator | Enable or disable signing of ZIP archives and configuration. |
zipUnpacker.verifyZip | true | Admin, Operator | Enable or disable verification of ZIP archives and configuration. |
uploadContext.serverSideMaxFileUploadSizeMB | 5 | Admin, Operator | Sets the maximum size in MB of files that can be uploaded to Identity Manager. This is an additional limit on top of maxPostSize in bytes from the Tomcat server configuration (see also Apache Tomcat 9 Configuration Reference (9.0.97) - The HTTP Connector). Whichever is the smallest value wins. Increase this value if you need to upload large configuration files. |
historyServiceSigner.descriptorName | ObjectHistorySigner | Operator | Activate the chained signature feature in object history. |
cardSDKConnectorBaseConfig.cardSDKUrl | Operator | The URL to CardSDK. Used for image capture. | |
commonHistoryService.historyCutOffDuration | 12 | Operator | This value is number of month. If no historyCutOffDuration is set, then history verification and cleanup will behave as follows:
You can set historyCutOffDuration to N >= 12, then it will behave as follows:
If historyCutOffDuration is set to N < 12 then the minimum value as 12 will be used instead. |
cronUsername | admin | Operator | The system user for scheduled tasks. Executes tasks relevant to all tenants. |
cronPassword | admin | Operator | The system user password for scheduled tasks. Executes tasks relevant to all tenants. |
cronTenantId | 1 | Operator | The tenant id of the system user for scheduled tasks. Executes tasks relevant to all tenants, not only for this specific tenant, such as sending out notifications to admins. |
historyVerificationTrigger.cronExpression | 0 30 0 ? * SUN * | Operator | A cron expression that defines at which frequency the History verification task will run. |
historyCleaningTrigger.cronExpression | 0 30 0 ? * FRI * | Operator | A cron expression that defines at which frequency the History Cleaning task will run. |
schedulingReporter.cc |
| Operator | Email address (CC) of users to be notified by the history verification task. |
| Operator | Email address (TO) of users to be notified by the history verification task. | |
activitiHistoryCleaner.daysAfterEndTime | 30 | Operator | Parameter for the Activiti process history cleanup task. Defines the number of days to wait, after a process is completed, until it will be removed. |
activitiHistoryCleaner.daysOfInactivity | 180 | Operator | Parameter for the Activiti process history cleanup task. Defines the number of days a running process can stay inactive until it will be removed. |
activitiHistoryCleanerJobTrigger.cronExpression | 0 0 23 ? * FRI * | Operator | Parameter for the Activiti process history cleanup task. A cron expression that defines at which frequency the cleanup task is run. |
objectHistoryRemovalStrategy.removeWhenDeletingCoreObject | false | Operator | If set to true, history entries are deleted when a core object is deleted. |
quartzScheduler.enable | true | Operator | Enable or disable the quartz scheduler. By disabling, all the scheduled tasks are disabled. |
caasCommunicationService.clientId |
| Admin, Operator | |
caasCommunicationService.clientSecret |
| Admin, Operator | |
caasCommunicationService.organisationId |
| Admin, Operator | |
caasCommunicationService.hostname | Admin, Operator | ||
webappUrlInfo.httpsOverridePort |
| Operator | Disabled by default (see info "HTTPS Override Ports" below the table), for JPKIEncoder download. |
webServer.httpsOverridePort |
| Operator | Disabled by default (see info "HTTPS Override Ports" below the table), for CA connector calls. |
scheduledJob.monitorInterval | 0 0/1 * * * ? | Operator | This cron expression determines the scan interval of the ScheduledJobMonitor. |
scheduledJob.permissionRole | BaseRoleBatchSync | Operator | The scheduled jobs are executed with this role. |
processtracker.enabled | true | Operator | Enable or disable the Process Tracker. Note: Debug logging for de.nexus.projectutils.processtracker has to be enabled. (It is disabled by default.) You can enable it here and change it on/off without restarting tomcat by changing the log4j2 config. Note: The performance might slightly decrease due to this. |
idmInstanceId |
| Operator | In a multi-node environment, the instance ID is the value that uniquely identifies each Tomcat. |
MLTextTranslationProvider.defaultLanguage | en | Admin, Operator | |
multilanguageHelper.localeString | de,en,fr,sv | Admin, Operator | |
licenseRestController.permittedRole | Administrator | Admin, Operator | The role which is allowed to upload product licenses, either on first login or through the REST API. |
hermodEncodingService.pollWaitSec | 1 | Operator | Long time polling can be less efficient than operating with several short polls if the Smart ID Messaging server is clustered. Value 1 means waiting 1 second. Value 0 waits until time out configured in the messaging connection. |
commonHistoryService.signatureVerifyThreads | 30 | Operator | The history verification is done in multiple concurrent threads. This is the thread pool size. |
jksKeyStoreProvider.keyStorePath | ${catalina.base}/conf/prime.truststore | Operator | Path to the truststore to use for certificate validation. |
jksKeyStoreProvider.keyStorePassword |
| Operator | The password for the truststore. |
jksKeyStoreProvider.keyStoreType |
| Operator | The type of the truststore. Valid values include "JKS" for the keystore used with Tomcat and "PKCS12" for PKCS#12 keystore. |
Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions