-
Notifications
You must be signed in to change notification settings - Fork 2
/
as.yml
85 lines (80 loc) · 2.4 KB
/
as.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# Configuration for activation-service application
# iSHARE Client configuration
client:
# Client ID
id: "EU.EORI.NLPACKETDEL"
# Client key (PEM private key)
key: <pdc-private-key>
# Client certificate (PEM certificate chain)
crt: <pdc-certs>
# Configuration of database
db:
# Use sqlite file database (make sure that the volume is writeable)
#useFile:
# # Filename for DB SQLite file
# filename: "as.db"
# # If empty, will use app base path
# filepath: ""
# Use sqlite in-memory database
useMemory: true
# Use URI to external DB (e.g., MySQL, PostgreSQL)
#useURI: ""
# Enable tracking of modifications
modTracking: false
# Enable SQL logging to stderr
echo: true
# Configuration for additional API keys to protect certain endpoints
apikeys:
# Config for iSHARE flow
ishare:
# Header name
headerName: "AS-API-KEY"
# API key (auto-generated if left empty)
apiKey: ""
# Enable for /token endpoint (API key will be required)
enabledToken: true
# Enable for /createpolicy endpoint (API key will be required)
enabledCreatePolicy: false
# Config for Trusted-Issuers-List flow
issuer:
# Header name
headerName: "AS-API-KEY"
# API key (auto-generated if left empty)
apiKey: ""
# Enable for /issuer endpoint (API key will be required)
enabledIssuer: true
# Configuration of iSHARE authorisation registry
ar:
# Endpoint for token request
token: "https://ar.packetdelivery.net/connect/token"
# Endpoint for create policy requests
policy: "https://ar.packetdelivery.net/policy"
# Endpoint for delegation requests
delegation: "https://ar.packetdelivery.net/delegation"
# EORI of AR
id: "EU.EORI.NLPACKETDEL"
# Configuration specific to Trusted Issuer List /issuer endpoint
issuer:
# clientId parameter
clientId: "some-id"
# Provider DID
providerId: "did:key:some-key"
# URI of Trusted Issuers List service
tilUri: "http://til.internal"
# URI of verifier
verifierUri: "https://verifier.packetdelivery.net"
# samedevice flow path
samedevicePath: "/api/v1/samedevice"
# JWKS path
jwksPath: "/.well-known/jwks"
# Allowed algorithms for JWT signatures
algorithms:
- "ES256"
# Roles config
roles:
# Role for creating trusted issuer
createRole: "CREATE_ISSUER"
# Role for updating trusted issuer
updateRole: "UPDATE_ISSUER"
# Role for deleting trusted issuer
deleteRole: "DELETE_ISSUER"