Configurations

Registry provides following configuration properties

Registry Configurations

Properties Description

Properties	Description
notification_enabled	boolean value which determines whether notification is to be sent or not
notification_url	url which will be used to send notification url
notification_async_enabled	to send out notifications in asynchronous manner
notification_topic	if notification_async_enabled is enabled, then kafka topic to which notification event will be sent
registry_perRequest_indexCreation_enabled	boolean value which determines if index needs to be created at database level
external_entities	comma separated strings of external entities
workflow.enable	boolean value to enable or disable the workflow i.e attestation policy
async_enabled	create entities asynchronously
kafka_create_entity_topic	if async_enabled, then this property defines the topic name to which new async requests are pushed
kafka_post_create_entity_topic	if async is enabled, then this property defines the topic name to which the response of create-entity is pushed
search_offset	this is the default offset that will be used while searching,
search_limit	this is the default limit that will be used or the max value that can be used to as a limit in the search
search_expandInternal	boolean value, if set true, all the search results will be expanded to include internal objects.
database_provider	this property states which database is to be used. Providers available are NEO4J, SQLG, CASSANDRA, ORIENTDB, TINKERGRAPH (in-memory)
connectionInfo_uri	url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb
connectionInfo_username	username to be used to connect to database
connectionInfo_password	password to be used to connect to database
connectionInfo_maxPoolSize	Database connection pool size
verify_url	this url will be used to verify the issued VC. point it to {certification_signer}/verify
certificate_health_check_url	certificate api service's health check url
template_folder_path	path from which default template will be loaded if no external template is provided. File name should be the `name_of_schema.appropriate_extention` The location should be in resources folder
audit_enabled	This audit configuration will enable audit logging in the system
audit_frame_store	FILE : Store the audit log in files. DATABASE : Store the audit log in the primary database configured and in elastic search if it's enabled
audit_suffix	suffix which is used for schema name to store audit information for a particular entity type
audit_suffixSeparator	separator between entity name and audit_suffix
keycloack_user_email_actions	email actions which will be trigger by keycloak example email actions: VERIFY_EMAIL, UPDATE_PROFILE, UPDATE_PASSWORD,TERMS_AND_CONDITIONS etc. email details should be configured in keycloak realm settings
validation_enabled	boolean property to check for request body to be validated in specific format
validation_type	type in which request body needs to be validated. eg JSON
service_connection_timeout	Set the connection timeout in milliseconds for the underlying request configuration
service_connection_request_timeout	Set the timeout in milliseconds used when requesting a connection from the connection manager using the underlying request Configuration
service_read_timeout	Set the socket read timeout in milliseconds for the underlying request configuration
http_max_connections	maximum http connections
taskExecutor_index_threadPoolName	Specify the prefix to use for the names of newly created threads.
taskExecutor_index_corePoolSize	Set the ThreadPoolExecutor's core pool size.
taskExecutor_index_maxPoolSize	Set the ThreadPoolExecutor's maximum pool size.
taskExecutor_index_queueCapacity	Set the capacity for the ThreadPoolExecutor's BlockingQueue.
auditTaskExecutor_threadPoolName	Specify the prefix to use for the names of newly created threads.
auditTaskExecutor_corePoolSize	Set the ThreadPoolExecutor's core pool size.
auditTaskExecutor_maxPoolSize	Set the ThreadPoolExecutor's maximum pool size.
auditTaskExecutor_queueCapacity	Set the capacity for the ThreadPoolExecutor's BlockingQueue.
elastic_search_connection_url	url for elastic search connection if elastic search is enabled. Elastic search is enabled using search_providerName
search_providerName	The search mechanism to use. Values could be either NativeSearchService or ElasticSearchService. If NativeSearchService, then every search API uses the same database as the writes. May not offer high speed reads. This is the default search service, if this config is not provided. If ElasticSearchService, then Elastic search is used. Ex: (dev.sunbirdrc.registry.service.ElasticSearchService, dev.sunbirdrc.registry.service.NativeSearchService)
sunbird_sso_realm	keycloak realm name to be used for authentication and authorization
sunbird_sso_url	keycloak connection url
sunbird_sso_admin_client_id	client id to be used as admin
sunbird_sso_admin_client_secret	secret key of keycloak admin client set by using sunbird_sso_admin_client_id
claims_enabled	default `false`. boolean value which determines whether attestation is to be done
claims_url	url in order to connect to claims service
signature_enabled	boolean value which determines whether signature is to be created for a document
sign_url	url in order to connect to certificate signer to sign the document
sign_health_check_url	certificate signer health check url
certificate_enabled	default `false`. boolean value which determines whether certificate is to be generated
pdf_url	url to fetch certificate from certificate api service
certificate_health_check_url	certificate api health check url
template_base_url	api endpoint to get default templates stored in sunbird-rc
sunbird_keycloak_user_set_password	boolean value to default password for user/owner of entity in keycloak
filestorage_enabled	default `false`. boolean value which determines whether documents are to be stored
filestorage_connection_url	minio connection url to store files
filestorage_access_key	access key of minio
filestorage_secret_key	secret key of minio
filestorage_bucket_key	bucket name where to store the files in minio
registry_base_apis_enable	if enabled the exisitng /add /update apis will be enabled. This is to enable backward compatibility
sunbird_keycloak_user_password	if sunbird_keycloak_user_set_password is set to true, provide this value to set this as default user password
logging.level.root	The log level that will be used for logging. Default logging is INFO. Values supported: INFO DEBUG WARN ERROR
enable_external_templates	boolean value which when set to true, one can retrieve the certificate pdf using external templates
authentication_enabled	boolean value to enable authentication in the system
kafka_bootstrap_address	url for kafka connection
webhook_enabled	boolean value to enable webhook if async_enabled is true
webhook_url	if async_enabled and webhook_enabled is set to true, the caller can retrieve information of the created entity once it is generated via this webhook url
redis_host	redis connection url
redis_port	port on which redis is running
manager_type	if using a single instance of registry, set this value to DefinitionsManager else set to DistributedDefinitionsManager
service_retry_maxAttempts	The number of times an attempt must be made to reach to the service
service_retry_backoff_delay	The fixed time interval, in milliseconds, between each such attempt.
event_enabled	boolean value that indicates whether events should be emitted or not. if enabled, registry will start emitting events
event_topic	kafka topic name to which events will be emitted
event_providerName	name of provider to be used for emitting events. For eg: if Kafka is used, the value should be `dev.sunbirdrc.registry.service.impl.KafkaEventService`. If file is to be used to store events the value should be ``dev.sunbirdrc.registry.service.impl.FileEventService.java``
encryption_enabled	default `false`. boolean value which determines whether to enable encryption to store private fields. Note: External encryption service is required to encrypt/decrypt
swagger_enabled	default `true`. boolean value to enable/disable swagger apis
swagger_title	to set custom title for swagger to be generated
swagger_description	to set custom description for swagger to be generated
swagger_version	to set a custom version for swagger

notification_enabled

boolean value which determines whether notification is to be sent or not

notification_url

url which will be used to send notification url

notification_async_enabled

to send out notifications in asynchronous manner

notification_topic

if notification_async_enabled is enabled, then kafka topic to which notification event will be sent

registry_perRequest_indexCreation_enabled

boolean value which determines if index needs to be created at database level

external_entities

comma separated strings of external entities

workflow.enable

boolean value to enable or disable the workflow i.e attestation policy

async_enabled

create entities asynchronously

kafka_create_entity_topic

if async_enabled, then this property defines the topic name to which new async requests are pushed

kafka_post_create_entity_topic

if async is enabled, then this property defines the topic name to which the response of create-entity is pushed

search_offset

this is the default offset that will be used while searching,

search_limit

this is the default limit that will be used or the max value that can be used to as a limit in the search

search_expandInternal

boolean value, if set true, all the search results will be expanded to include internal objects.

database_provider

this property states which database is to be used. Providers available are NEO4J, SQLG, CASSANDRA, ORIENTDB, TINKERGRAPH (in-memory)

connectionInfo_uri

url to connect to database. eg Postgres - jdbc:postgresql://localhost:5432/yourdb

connectionInfo_username

username to be used to connect to database

connectionInfo_password

password to be used to connect to database

connectionInfo_maxPoolSize

Database connection pool size

verify_url

this url will be used to verify the issued VC. point it to {certification_signer}/verify

certificate_health_check_url

certificate api service's health check url

template_folder_path

path from which default template will be loaded if no external template is provided. File name should be the name_of_schema.appropriate_extention The location should be in resources folder

audit_enabled

This audit configuration will enable audit logging in the system

audit_frame_store

FILE : Store the audit log in files. DATABASE : Store the audit log in the primary database configured and in elastic search if it's enabled

audit_suffix

suffix which is used for schema name to store audit information for a particular entity type

audit_suffixSeparator

separator between entity name and audit_suffix

keycloack_user_email_actions

email actions which will be trigger by keycloak example email actions: VERIFY_EMAIL, UPDATE_PROFILE, UPDATE_PASSWORD,TERMS_AND_CONDITIONS etc. email details should be configured in keycloak realm settings

validation_enabled

boolean property to check for request body to be validated in specific format

validation_type

type in which request body needs to be validated. eg JSON

service_connection_timeout

Set the connection timeout in milliseconds for the underlying request configuration

service_connection_request_timeout

Set the timeout in milliseconds used when requesting a connection from the connection manager using the underlying request Configuration

service_read_timeout

Set the socket read timeout in milliseconds for the underlying request configuration

http_max_connections

maximum http connections

taskExecutor_index_threadPoolName

Specify the prefix to use for the names of newly created threads.

taskExecutor_index_corePoolSize

Set the ThreadPoolExecutor's core pool size.

taskExecutor_index_maxPoolSize

Set the ThreadPoolExecutor's maximum pool size.

taskExecutor_index_queueCapacity

Set the capacity for the ThreadPoolExecutor's BlockingQueue.

auditTaskExecutor_threadPoolName

Specify the prefix to use for the names of newly created threads.

auditTaskExecutor_corePoolSize

Set the ThreadPoolExecutor's core pool size.

auditTaskExecutor_maxPoolSize

Set the ThreadPoolExecutor's maximum pool size.

auditTaskExecutor_queueCapacity

Set the capacity for the ThreadPoolExecutor's BlockingQueue.

elastic_search_connection_url

url for elastic search connection if elastic search is enabled. Elastic search is enabled using search_providerName

search_providerName

The search mechanism to use. Values could be either NativeSearchService or ElasticSearchService. If NativeSearchService, then every search API uses the same database as the writes. May not offer high speed reads. This is the default search service, if this config is not provided. If ElasticSearchService, then Elastic search is used. Ex: (dev.sunbirdrc.registry.service.ElasticSearchService, dev.sunbirdrc.registry.service.NativeSearchService)

sunbird_sso_realm

keycloak realm name to be used for authentication and authorization

sunbird_sso_url

keycloak connection url

sunbird_sso_admin_client_id

client id to be used as admin

sunbird_sso_admin_client_secret

secret key of keycloak admin client set by using sunbird_sso_admin_client_id

claims_enabled

default false. boolean value which determines whether attestation is to be done

claims_url

url in order to connect to claims service

signature_enabled

boolean value which determines whether signature is to be created for a document

sign_url

url in order to connect to certificate signer to sign the document

sign_health_check_url

certificate signer health check url

certificate_enabled

default false. boolean value which determines whether certificate is to be generated

pdf_url

url to fetch certificate from certificate api service

certificate_health_check_url

certificate api health check url

template_base_url

api endpoint to get default templates stored in sunbird-rc

sunbird_keycloak_user_set_password

boolean value to default password for user/owner of entity in keycloak

filestorage_enabled

default false. boolean value which determines whether documents are to be stored

filestorage_connection_url

minio connection url to store files

filestorage_access_key

access key of minio

filestorage_secret_key

secret key of minio

filestorage_bucket_key

bucket name where to store the files in minio

registry_base_apis_enable

if enabled the exisitng /add /update apis will be enabled. This is to enable backward compatibility

sunbird_keycloak_user_password

if sunbird_keycloak_user_set_password is set to true, provide this value to set this as default user password

logging.level.root

The log level that will be used for logging. Default logging is INFO. Values supported: INFO DEBUG WARN ERROR

enable_external_templates

boolean value which when set to true, one can retrieve the certificate pdf using external templates

authentication_enabled

boolean value to enable authentication in the system

kafka_bootstrap_address

url for kafka connection

webhook_enabled

boolean value to enable webhook if async_enabled is true

webhook_url

if async_enabled and webhook_enabled is set to true, the caller can retrieve information of the created entity once it is generated via this webhook url

redis_host

redis connection url

redis_port

port on which redis is running

manager_type

if using a single instance of registry, set this value to DefinitionsManager else set to DistributedDefinitionsManager

service_retry_maxAttempts

The number of times an attempt must be made to reach to the service

service_retry_backoff_delay

The fixed time interval, in milliseconds, between each such attempt.

event_enabled

boolean value that indicates whether events should be emitted or not. if enabled, registry will start emitting events

event_topic

kafka topic name to which events will be emitted

event_providerName

name of provider to be used for emitting events. For eg: if Kafka is used, the value should be dev.sunbirdrc.registry.service.impl.KafkaEventService. If file is to be used to store events the value should be `dev.sunbirdrc.registry.service.impl.FileEventService.java`

encryption_enabled

default false. boolean value which determines whether to enable encryption to store private fields. Note: External encryption service is required to encrypt/decrypt

swagger_enabled

default true. boolean value to enable/disable swagger apis

swagger_title

to set custom title for swagger to be generated

swagger_description

to set custom description for swagger to be generated

swagger_version

to set a custom version for swagger

Claims Service

Properties	Description
sunbirdrc_url	used by claim service to communicate with sunbirdrc. url which corresponds to registry deployed host and port

Properties

Description

sunbirdrc_url

used by claim service to communicate with sunbirdrc. url which corresponds to registry deployed host and port

Certificate Api service

Properties Description

Properties	Description
CUSTOM_TEMPLATE_DELIMITERS	Delimeters to be used to parse credential/certificate template. By default `{{,}}`
QR_TYPE	Types of QR codes that sunbird supports 1. W3C-VC 2. URL-W3C-VC (if VC needs to be sent as a URL) 3. URL (If only a URL needs to be part of the QR. The URL will only contain the entity name and osid.
CERTIFICATE_DOMAIN_URL	Base URL to be used when `QR_TYPE` is URL*

CUSTOM_TEMPLATE_DELIMITERS

Delimeters to be used to parse credential/certificate template. By default {{,}}

QR_TYPE

Types of QR codes that sunbird supports 1. W3C-VC 2. URL-W3C-VC (if VC needs to be sent as a URL) 3. URL (If only a URL needs to be part of the QR. The URL will only contain the entity name and osid.

CERTIFICATE_DOMAIN_URL

Base URL to be used when QR_TYPE is URL*

Certificate signer service

Properties Description

Properties	Description
CACHE_CONTEXT_URLS	Predefine a set of context urls to be cached to avoid runtime network access.
CONFIG_BASE_PATH	path to config.json file where all the signing keys are stored
CUSTOM_TEMPLATE_DELIMITERS	Delimeters to be used to parse credential/certificate template. By default `{{,}}`

CACHE_CONTEXT_URLS

Predefine a set of context urls to be cached to avoid runtime network access.

CONFIG_BASE_PATH

path to config.json file where all the signing keys are stored

CUSTOM_TEMPLATE_DELIMITERS

Delimeters to be used to parse credential/certificate template. By default {{,}}

Notification Service

Properties	Description
KAFKA_BOOTSTRAP_SERVERS	Kafka bootstrap servers (ex: host:port)
SMS_AUTH_KEY	api url to send sms to provided mobile numbers
SMS_AUTH_KEY	authorization key for sms api url
ENABLE_SMS	flag to enable sending sms using sms api
TRACK_NOTIFICATIONS	boolean value to track all sent notifications and fetch them if needed

Properties

Description

KAFKA_BOOTSTRAP_SERVERS

Kafka bootstrap servers (ex: host:port)

SMS_AUTH_KEY

api url to send sms to provided mobile numbers

SMS_AUTH_KEY

authorization key for sms api url

ENABLE_SMS

flag to enable sending sms using sms api

TRACK_NOTIFICATIONS

boolean value to track all sent notifications and fetch them if needed

Metrics Service

Properties	Description
CLICK_HOUSE_URL	clickhouse database url along with port on which clickhouse is hosted
CLICKHOUSE_DATABASE	database name where the events will be stored
KAFKA_BOOTSTRAP_SERVERS	url along with port number on which kafka is running
KAFKA_METRICS_TOPIC	topic name to which registry produces events
DATABASE_PROVIDER_NAME	type of database being used. eg clickhouse
REDIS_URL	url where redis is hosted
CRON_ENABLE	boolean value which will run the cron job and save the aggregates to redis
SCHEDULE_INTERVAL	days interval after which you want to run cron job to compute aggregates
SCHEDULE_TIME	time at which you want to run cron job to compute aggregates

Properties

Description

CLICK_HOUSE_URL

clickhouse database url along with port on which clickhouse is hosted

CLICKHOUSE_DATABASE

database name where the events will be stored

KAFKA_BOOTSTRAP_SERVERS

url along with port number on which kafka is running

KAFKA_METRICS_TOPIC

topic name to which registry produces events

DATABASE_PROVIDER_NAME

type of database being used. eg clickhouse

REDIS_URL

url where redis is hosted

CRON_ENABLE

boolean value which will run the cron job and save the aggregates to redis

SCHEDULE_INTERVAL

days interval after which you want to run cron job to compute aggregates

SCHEDULE_TIME

time at which you want to run cron job to compute aggregates

Bulk Issuance

Properties	Description
REGISTRY_BASE_URL	url on which registry is hosted
DATABASE_HOST	host address of database
DATABASE_PORT	port on which database is running
DATABASE_USER	username of database
DATABASE_PASSWORD	password for that user of the database
DATABASE_NAME	database name
KEYCLOAK_PUBLIC_KEY	public key from keycloak
KEYCLOAK_URL	url for keycloak
KEYCLOAK_REALM	keycloak realm name

Properties

Description

REGISTRY_BASE_URL

url on which registry is hosted

DATABASE_HOST

host address of database

DATABASE_PORT

port on which database is running

DATABASE_USER

username of database

DATABASE_PASSWORD

password for that user of the database

DATABASE_NAME

database name

KEYCLOAK_PUBLIC_KEY

public key from keycloak

KEYCLOAK_URL

url for keycloak

KEYCLOAK_REALM

keycloak realm name

Digilocker Certificate API

Properties Description

Properties	Description
DIGILOCKER_HMAC_AUTHKEY	A random generated string. This will be used to verify the HMAC from request and HMAC from the request body. This is the API Key of Digilocker
DIGILOCKER_AUTH_KEYNAME	Needed to fetch HMAC From Request. Its default value is `x-digilocker-hmac`
DIGILOCKER_DOC_ID_PREFIX	Document prefix which needs to be sent it in response in order to map it to correct document in digilocker. This is different for different issuers
KEYCLOAK_TOKEN_URL	Keycloak connection url
KEYCLOAK_CLIENT_SECRET	secret key of keycloak admin client set by using sunbird_sso_admin_client_id
KEYCLOAK_CLIENT_ID	client id to be used as admin
REGISTRY_URL	Registry url

DIGILOCKER_HMAC_AUTHKEY

A random generated string. This will be used to verify the HMAC from request and HMAC from the request body. This is the API Key of Digilocker

DIGILOCKER_AUTH_KEYNAME

Needed to fetch HMAC From Request. Its default value is x-digilocker-hmac

DIGILOCKER_DOC_ID_PREFIX

Document prefix which needs to be sent it in response in order to map it to correct document in digilocker. This is different for different issuers

KEYCLOAK_TOKEN_URL

Keycloak connection url

KEYCLOAK_CLIENT_SECRET

secret key of keycloak admin client set by using sunbird_sso_admin_client_id

KEYCLOAK_CLIENT_ID

client id to be used as admin

REGISTRY_URL

Registry url

PreviousDeveloper's Guide NextFrontend Configurations

Last updated 4 months ago