gbili
/
swissoid-back
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
swissoid-back/.env.example

73 lines
2.3 KiB
Bash
Raw Permalink Blame History

# SwissOID Configuration
# The SwissOID issuer URL (OpenID Provider)
SWISSOID_ISSUER=https://api.swissoid.com
# Your client ID registered with SwissOID
SWISSOID_CLIENT_ID=your-client-id
# Your client secret (for confidential clients)
SWISSOID_CLIENT_SECRET=your-client-secret-here
# SwissOID token endpoint for exchanging authorization codes
SWISSOID_TOKEN_ENDPOINT=https://api.swissoid.com/token
# SwissOID JWKS URI for JWT verification
SWISSOID_JWKS_URI=https://api.swissoid.com/.well-known/jwks.json
# SwissOID authorize endpoint (optional, defaults to SWISSOID_ISSUER/authorize)
SWISSOID_AUTHORIZE_ENDPOINT=https://api.swissoid.com/authorize
# Redis Configuration
# Redis connection URL (if provided, overrides host/port settings)
REDIS_URL=redis://localhost:6379
# Redis host (defaults to localhost if REDIS_URL not provided)
REDIS_HOST=localhost
# Redis port (defaults to 6379 if REDIS_URL not provided)
REDIS_PORT=6379
# Redis password (optional)
REDIS_PASSWORD=
# Redis database index (defaults to 0)
REDIS_DB=0
# RP (Relying Party) Configuration
# Frontend URL where users should be redirected after authentication
RP_FRONTEND_URL=http://localhost:3000
# Base URL for OIDC redirect (used to construct callback URL)
# The callback URL will be: OIDC_REDIRECT_BASE_URL/oidc/callback
OIDC_REDIRECT_BASE_URL=http://localhost:3668
# Alternative: Explicitly set the callback URL
# RP_CALLBACK_URL=http://localhost:3668/oidc/callback
# Cookie domain for session cookies (use leading dot for subdomains)
# Examples:
# localhost (for local development)
# .example.com (for all subdomains of example.com)
COOKIE_DOMAIN=localhost
# Alternative cookie domain variable name (either COOKIE_DOMAIN or RP_COOKIE_DOMAIN works)
# RP_COOKIE_DOMAIN=localhost
# Session Configuration
# Name of the session cookie
SESSION_COOKIE_NAME=connect.sid
# Secret key for signing sessions (use a strong random string in production)
SESSION_SECRET=your-session-secret-here-use-strong-random-string
# Secret for signing state parameters (optional, defaults to SESSION_SECRET + '-state-signing')
# STATE_SIGNING_SECRET=your-state-signing-secret
# Session TTL in seconds (optional, defaults to 7200 = 2 hours)
# SESSION_TTL=7200
# Refresh token TTL in seconds (optional, defaults to 604800 = 7 days)
# REFRESH_TTL=604800
# Refresh cookie name (optional, defaults to 'rid')
# REFRESH_COOKIE_NAME=rid
Reference in New Issue View Git Blame Copy Permalink