This document describes all configuration properties available for Prebid Server.
spring.main.banner-mode
- determine if the banner has to be printed on System.out (console), using the configured logger (log) or not at all (off).
This section can be extended against standard Spring configuration options.
vertx.worker-pool-size
- set the maximum number of worker threads to be used by the Vert.x instance.vertx.uploads-dir
- directory that Vert.x BodyHandler will use to store multi-part file uploads. This parameter exists to allow to change the location of the directory Vert.x will create because it will and there is no way to make it not.vertx.http-server-instances
- how many http server instances should be created. This parameter affects how many CPU cores will be utilized by the application. Rough assumption - one http server instance will keep 1 CPU core busy.vertx.init-timeout-ms
- time to wait for asynchronous initialization steps completion before considering them stuck. When exceeded - exception is thrown and Prebid Server stops.vertx.enable-per-client-endpoint-metrics
- enables HTTP client metrics per destination endpoint (host:port
)
http.port
- the port to listen on.http.max-headers-size
- set the maximum length of all headers.http.ssl
- enable SSL/TLS support.http.jks-path
- path to the java keystore (if ssl is enabled).http.jks-password
- password for the keystore (if ssl is enabled).
http-client.max-pool-size
- set the maximum pool size for outgoing connections (per host).http-client.idle-timeout-ms
- set the maximum time idle connections could exist before being reapedhttp-client.pool-cleaner-period-ms
- set how often idle connections will be closed removed from poolhttp-client.connect-timeout-ms
- set the connect timeout.http-client.circuit-breaker.enabled
- if equals totrue
circuit breaker will be used to make http client more robust.http-client.circuit-breaker.opening-threshold
- the number of failures before opening the circuit.http-client.circuit-breaker.opening-interval-ms
- time interval for opening the circuit breaker if failures count reached.http-client.circuit-breaker.closing-interval-ms
- time spent in open state before attempting to re-try.http-client.use-compression
- if equals totrue
httpclient compression is enabled for requests (see also)http-client.max-redirects
- set the maximum amount of HTTP redirections to follow. A value of 0 (the default) prevents redirections from being followed.http-client.ssl
- enable SSL/TLS support.http-client.jks-path
- path to the java keystore (if ssl is enabled).http-client.jks-password
- password for the keystore (if ssl is enabled).
Remote File Syncer can be related to particular entity like geolocation maxmind service etc. Removes and downloads file again if depending service cant process probably corrupted file in the first start.
<SERVICE>.remote-file-syncer.download-url
- url to database file to download.<SERVICE>.remote-file-syncer.save-filepath
- full path to the usable file, which will be consumed by internal service.<SERVICE>.remote-file-syncer.tmp-filepath
- full path to the temporary file.<SERVICE>.remote-file-syncer.retry-count
- how many times try to download.<SERVICE>.remote-file-syncer.retry-interval-ms
- how long to wait between failed retries.<SERVICE>.remote-file-syncer.timeout-ms
- default operation timeout for obtaining database file.<SERVICE>.remote-file-syncer.update-interval-ms
- time interval between updates of the usable file.<SERVICE>.remote-file-syncer.http-client.connect-timeout-ms
- set the connect timeout.<SERVICE>.remote-file-syncer.http-client.max-redirects
- set the maximum amount of HTTP redirections to follow. A value of 0 (the default) prevents redirections from being followed.
host-id
- the ID of node where prebid server deployed.external-url
- the setting stands for external URL prebid server is reachable by, for example address of the load-balancer e.g. http://prebid.host.com.admin.port
- the port to listen on administration requests.
default-timeout-ms
- this setting controls default timeout for /auction endpoint.max-timeout-ms
- this setting controls maximum timeout for /auction endpoint.timeout-adjustment-ms
- reduces timeout value passed in legacy Auction request so that Prebid Server can handle timeouts from adapters and respond to the request before it times out.
default-request.file.path
- path to a JSON file containing the default request
auction.blacklisted-accounts
- comma separated list of blacklisted account IDs.auction.blacklisted-apps
- comma separated list of blacklisted applications IDs, requests from which should not be processed.auction.default-timeout-ms
- default operation timeout for OpenRTB Auction requests.auction.max-timeout-ms
- maximum operation timeout for OpenRTB Auction requests.auction.timeout-adjustment-ms
- reduces timeout value passed in Auction request so that Prebid Server can handle timeouts from adapters and respond to the request before it times out.auction.max-request-size
- set the maximum size in bytes of OpenRTB Auction request.auction.stored-requests-timeout-ms
- timeout for stored requests fetching.auction.ad-server-currency
- default currency for auction, if its value was not specified in request. Important note: PBS uses ISO-4217 codes for the representation of currencies.auction.cache.expected-request-time-ms
- approximate value in milliseconds for Cache Service interacting. This time will be subtracted from global timeout.auction.cache.only-winning-bids
- if equals totrue
only the winning bids would be cached. Has lower priority than request-specific flags.auction.generate-bid-id
- whether to generate seatbid[].bid[].ext.prebid.bidid in the OpenRTB response.auction.id-generator-type
- if generate-bid-id is on, then this defines how the ID should be generated. Currently onlyeuuid
is supported.auction.validations.banner-creative-max-size
- enables creative max size validation for banners. Possible values:skip
,enforce
,warn
. Default isskip
.auction.validations.secure-markup
- enables secure markup validation. Possible values:skip
,enforce
,warn
. Default isskip
.
amp.default-timeout-ms
- default operation timeout for OpenRTB Amp requests.amp.max-timeout-ms
- maximum operation timeout for OpenRTB Amp requests.amp.timeout-adjustment-ms
- reduces timeout value passed in Amp request so that Prebid Server can handle timeouts from adapters and respond to the AMP RTC request before it times out.amp.custom-targeting
- a list of bidders whose custom targeting should be included in AMP responses.
auction.timeout-notification.timeout-ms
- HTTP timeout to use when sending notifications about bidder timeoutsauction.timeout-notification.log-result
- causes bidder timeout notification result to be loggedauction.timeout-notification.log-failure-only
- causes only bidder timeout notification failures to be loggedauction.timeout-notification.log-sampling-rate
- instructs apply sampling when logging bidder timeout notification results
auction.video.stored-required
- flag forces to merge with stored requestauction.blacklisted-accounts
- comma separated list of blacklisted account IDs.video.stored-requests-timeout-ms
- timeout for stored requests fetching.auction.ad-server-currency
- default currency for video auction, if its value was not specified in request. Important note: PBS uses ISO-4217 codes for the representation of currencies.
setuid.default-timeout-ms
- default operation timeout for requests to/setuid
endpoint.
cookie-sync.default-timeout-ms
- default operation timeout for requests to/cookie_sync
endpoint.cookie-sync.coop-sync.default
- default value for coopSync when it missing in requests to/cookie_sync
endpoint.cookie-sync.coop-sync.pri
- lists of bidders prioritised in groups.
vtrack.allow-unkonwn-bidder
- flag allows servicing requests with bidders who were not configured in Prebid Server.
adapters.*
- the section for bidder specific configuration options.
There are several typical keys:
adapters.<BIDDER_NAME>.enabled
- indicates the bidder should be active and ready for auction. By default all bidders are disabled.adapters.<BIDDER_NAME>.endpoint
- the url for submitting bids.adapters.<BIDDER_NAME>.pbs-enforces-gdpr
- indicates if pbs server provides gdpr support for bidder or bidder will handle it itself.adapters.<BIDDER_NAME>.deprecated-names
- comma separated deprecated names of bidder.adapters.<BIDDER_NAME>.aliases
- comma separated aliases of bidder.adapters.<BIDDER_NAME>.usersync.url
- the url for synchronizing UIDs cookie.adapters.<BIDDER_NAME>.usersync.redirect-url
- the redirect part of url for synchronizing UIDs cookie.adapters.<BIDDER_NAME>.usersync.cookie-family-name
- the family name by which user ids within adapter's realm are stored in uidsCookie.adapters.<BIDDER_NAME>.usersync.type
- usersync type (i.e. redirect, iframe).adapters.<BIDDER_NAME>.usersync.support-cors
- flag signals if CORS supported by usersync.
But feel free to add additional bidder's specific options.
logging.http-interaction.max-limit
- maximum value for the number of interactions to log in one take.
logging.change-level.max-duration-ms
- maximum duration (in milliseconds) for which logging level could be changed.
currency-converter.external-rates.enabled
- if equals totrue
the currency conversion service will be enabled to fetch updated rates and convert bid currencies from external source. Also enables/currency-rates
endpoint on admin port.currency-converter.external-rates.url
- the url for Prebid.org’s currency file. More detailscurrency-converter.external-rates.default-timeout-ms
- default operation timeout for fetching currency rates.currency-converter.external-rates.refresh-period-ms
- default refresh period for currency rates updates.currency-converter.external-rates.stale-after-ms
- how old currency rates should be to become considered stale.currency-converter.external-rates.stale-period-ms
- stale period after which the latest external currency rates get discarded.
-
admin-endpoints.version.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.version.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.version.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.version.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.currency-rates.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.currency-rates.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.currency-rates.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.currency-rates.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.storedrequest.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.storedrequest.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.storedrequest.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.storedrequest.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.storedrequest-amp.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.storedrequest-amp.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.storedrequest-amp.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.storedrequest-amp.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.cache-invalidation.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.cache-invalidation.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.cache-invalidation.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.cache-invalidation.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.logging-httpinteraction.enabled
- if equals totrue
the endpoint will be available. -
admin-endpoints.logging-httpinteraction.path
- the server context path where the endpoint will be accessible. -
admin-endpoints.logging-httpinteraction.on-application-port
- when equals tofalse
endpoint will be bound toadmin.port
. -
admin-endpoints.logging-httpinteraction.protected
- when equals totrue
endpoint will be protected by basic authentication configured inadmin-endpoints.credentials
-
admin-endpoints.credentials
- user and password for access to admin endpoints ifadmin-endpoints.[NAME].protected
is true`.
metrics.metricType
- set the type of metric counter for Dropwizard Metrics. Can beflushingCounter
(default),counter
ormeter
.
So far metrics cannot be submitted simultaneously to many backends. Currently we support graphite
and influxdb
.
Also, for debug purposes you can use console
as metrics backend.
For graphite
backend type available next options:
metrics.graphite.enabled
- if equals totrue
thengraphite
will be used to submit metrics.metrics.graphite.prefix
- the prefix of all metric names.metrics.graphite.host
- the graphite host for sending statistics.metrics.graphite.port
- the graphite port for sending statistics.metrics.graphite.interval
- interval in seconds between successive sending metrics.
For influxdb
backend type available next options:
metrics.influxdb.enabled
- if equals totrue
theninfluxdb
will be used to submit metrics.metrics.influxdb.prefix
- the prefix of all metric names.metrics.influxdb.protocol
- external service destination protocol.metrics.influxdb.host
- the influxDb host for sending metrics.metrics.influxdb.port
- the influxDb port for sending metrics.metrics.influxdb.database
- the influxDb database to write metrics.metrics.influxdb.auth
- the authorization string to be used to connect to InfluxDb, of formatusername:password
.metrics.influxdb.connectTimeout
- the connect timeout.metrics.influxdb.readTimeout
- the response timeout.metrics.influxdb.interval
- interval in seconds between successive sending metrics.metrics.influxdb.tags
- the influxDb tags, optional key-value metrics metadata.
For console
backend type available next options:
metrics.console.enabled
- if equals totrue
thenconsole
will be used to submit metrics.metrics.console.interval
- interval in seconds between successive sending metrics.
It is possible to define how many account-level metrics will be submitted on per-account basis. See metrics documentation for complete list of metrics submitted at each verbosity level.
metrics.accounts.default-verbosity
- verbosity for accounts not specified in next sections. Allowed values:none, basic, detailed
. Default isnone
.metrics.accounts.basic-verbosity
- a list of accounts for which only basic metrics will be submitted.metrics.accounts.detailed-verbosity
- a list of accounts for which all metrics will be submitted.
cache.scheme
- set the external Cache Service protocol:http
,https
, etc.cache.host
- set the external Cache Service destination in formathost:port
.cache.path
- set the external Cache Service path, for example/cache
.cache.query
- appends to the cache path as query string params (used for legacy Auction requests).cache.banner-ttl-seconds
- how long (in seconds) banner will be available via the external Cache Service.cache.video-ttl-seconds
- how long (in seconds) video creative will be available via the external Cache Service.cache.account.<ACCOUNT>.banner-ttl-seconds
- how long (in seconds) banner will be available in Cache Service for particular publisher account. Overridescache.banner-ttl-seconds
property.cache.account.<ACCOUNT>.video-ttl-seconds
- how long (in seconds) video creative will be available in Cache Service for particular publisher account. Overridescache.video-ttl-seconds
property.
Preconfigured application settings can be obtained from multiple data sources consequently:
- Try to fetch from filesystem data source (if configured).
- Try to fetch from database data source (if configured).
- Try to fetch from http data source (if configured).
Warning! Application will not start in case of no one data source is defined and you'll get an exception in logs.
For filesystem data source available next options:
settings.filesystem.settings-filename
- location of file settings.settings.filesystem.stored-requests-dir
- directory with stored requests.settings.filesystem.stored-imps-dir
- directory with stored imps.
For database data source available next options:
settings.database.type
- type of database to be used:mysql
orpostgres
.settings.database.host
- database destination host.settings.database.port
- database destination port.settings.database.dbname
- database name.settings.database.user
- database user.settings.database.password
- database password.settings.database.pool-size
- set the initial/min/max pool size of database connections.settings.database.account-query
- the SQL query to fetch account.settings.database.stored-requests-query
- the SQL query to fetch stored requests.settings.database.amp-stored-requests-query
- the SQL query to fetch AMP stored requests.settings.database.stored-responses-query
- the SQL query to fetch stored responses.settings.database.circuit-breaker.enabled
- if equals totrue
circuit breaker will be used to make database client more robust.settings.database.circuit-breaker.opening-threshold
- the number of failures before opening the circuit.settings.database.circuit-breaker.opening-interval-ms
- time interval for opening the circuit breaker if failures count reached.settings.database.circuit-breaker.closing-interval-ms
- time spent in open state before attempting to re-try.
For HTTP data source available next options:
settings.http.endpoint
- the url to fetch stored requests.settings.http.amp-endpoint
- the url to fetch AMP stored requests.settings.http.video-endpoint
- the url to fetch video stored requests.
For account processing rules available next options:
settings.enforce-valid-account
- if equals totrue
then request without account id will be rejected with 401.
For caching available next options:
settings.in-memory-cache.ttl-seconds
- how long (in seconds) data will be available in LRU cache.settings.in-memory-cache.cache-size
- the size of LRU cache.settings.in-memory-cache.notification-endpoints-enabled
- if equals totrue
two additional endpoints will be available: /storedrequests/openrtb2 and /storedrequests/amp.settings.in-memory-cache.account-invalidation-enabled
- if equals totrue
additional admin protected endpoints will be available:/cache/invalidate?account={accountId}
which remove account from the cache.settings.in-memory-cache.http-update.endpoint
- the url to fetch stored request updates.settings.in-memory-cache.http-update.amp-endpoint
- the url to fetch AMP stored request updates.settings.in-memory-cache.http-update.refresh-rate
- refresh period in ms for stored request updates.settings.in-memory-cache.http-update.timeout
- timeout for obtaining stored request updates.settings.in-memory-cache.jdbc-update.init-query
- initial query for fetching all stored requests at the startup.settings.in-memory-cache.jdbc-update.update-query
- a query for periodical update of stored requests, that should contain 'WHERE last_updated > ?' to fetch only the records that were updated since previous check.settings.in-memory-cache.jdbc-update.amp-init-query
- initial query for fetching all AMP stored requests at the startup.settings.in-memory-cache.jdbc-update.amp-update-query
- a query for periodical update of AMP stored requests, that should contain 'WHERE last_updated > ?' to fetch only the records that were updated since previous check.settings.in-memory-cache.jdbc-update.refresh-rate
- refresh period in ms for stored request updates.settings.in-memory-cache.jdbc-update.timeout
- timeout for obtaining stored request updates.
For targeting available next options:
settings.targeting.truncate-attr-chars
- set the max length for names of targeting keywords (0 means no truncation).
host-cookie.optout-cookie.name
- set the cookie name for optout checking.host-cookie.optout-cookie.value
- set the cookie value for optout checking.host-cookie.opt-out-url
- set the url for user redirect in case of opt out.host-cookie.opt-in-url
- set the url for user redirect in case of opt in.host-cookie.family
- set the family name value for host cookie.host-cookie.cookie-name
- set the name value for host cookie.host-cookie.domain
- set the domain value for host cookie.host-cookie.ttl-days
- set the cookie ttl in days.host-cookie.max-cookie-size-bytes
- a size limit for UIDs Cookie. Valid values are0
(disabled) and>500
.
recaptcha-url
- the url for Google Recaptcha service to submit user verification.recaptcha-secret
- Google Recaptcha secret string given to certain domain account.
status-response
- message returned by ApplicationChecker in /status endpoint when server is ready to serve requests. If not defined in config all other Health Checkers would be disabled and endpoint will respond with 'No Content' (204) status with empty body.
health-check.database.enabled
- if equals totrue
the database health check will be enabled to periodically check database status.health-check.database.refresh-period-ms
- the refresh period for database status updates.health-check.geolocation.enabled
- if equals totrue
the geolocation service health check will be enabled to periodically check the status.health-check.geolocation.refresh-period-ms
- the refresh period for geolocation service status updates.
gdpr.eea-countries
- comma separated list of countries in European Economic Area (EEA).gdpr.default-value
- determines GDPR in scope default value (if no information in request and no geolocation data).gdpr.host-vendor-id
- the organization running a cluster of Prebid Servers.gdpr.enabled
- gdpr feature switch. Defaulttrue
.gdpr.purposes.pN.enforce-purpose
- define type of enforcement confirmation:no
/basic
/full
. Defaultfull
gdpr.purposes.pN.enforce-vendors
- if equals totrue
, user must give consent to use vendors. Purposes will be omitted. Defaulttrue
gdpr.purposes.pN.vendor-exceptions[]
- bidder names that will be treated opposite topN.enforce-vendors
value.gdpr.special-features.sfN.enforce
- if equals totrue
, special feature will be enforced for purpose. Defaulttrue
gdpr.special-features.sfN.vendor-exceptions[]
- bidder names that will be treated opposite tosfN.enforce
value.gdpr.purpose-one-treatment-interpretation
- option that allows to skip the Purpose one enforcement workflow.gdpr.vendorlist.default-timeout-ms
- default operation timeout for obtaining new vendor list.gdpr.vendorlist.vN.http-endpoint-template
- template string for vendor list url, where{VERSION}
is used as version number placeholder.gdpr.vendorlist.vN.refresh-missing-list-period-ms
- time to wait between attempts to fetch vendor list version that previously was reported to be missing by origin. Default3600000
(one hour).gdpr.vendorlist.vN.fallback-vendor-list-path
- location on the file system of the fallback vendor list that will be used in place of missing vendor list versions. Optional.gdpr.vendorlist.vN.deprecated
- Flag to show is this vendor list is deprecated or not.gdpr.vendorlist.vN.cache-dir
- directory for local storage cache for vendor list. Should be withWRITE
permissions for user application run from.
ccpa.enforce
- if equals totrue
enforces to check ccpa policy, otherwise ignore ccpa verification.
lmt.enforce
- if equals totrue
enforces to check lmt policy, otherwise ignore lmt verification.
geolocation.enabled
- if equals totrue
the geo location service will be used to determine the country for client request.geolocation.circuit-breaker.enabled
- if equals totrue
circuit breaker will be used to make geo location client more robust.geolocation.circuit-breaker.opening-threshold
- the number of failures before opening the circuit.geolocation.circuit-breaker.opening-interval-ms
- time interval for opening the circuit breaker if failures count reached.geolocation.circuit-breaker.closing-interval-ms
- time spent in open state before attempting to re-try.geolocation.type
- set the geo location service provider, can bemaxmind
or custom provided by hosting company.geolocation.maxmind
- section for MaxMind configuration as geo location service provider.geolocation.maxmind.remote-file-syncer
- use RemoteFileSyncer component for downloading/updating MaxMind database file. See RemoteFileSyncer section for its configuration.