General
Name | Basic Description | Default value |
|---|---|---|
App Name Identifier | Server identifier; used when generating client certificates and metrics management | |
Business Adaptor Dir | Path to business adaptors directory | /opt/veridiumid/tomcat/adaptors |
Enrollment Timeout | Seconds while a complete enrollment must be fulfilled | 301 |
Enable Generic Integration | Turned on | |
Max Devices Per Account | Maximum allowed number of devices registered under the same account | -1 |
Device Recognition | Apply heuristincs to detect returning devices. | Turned off |
Replace Device When One Device Per Account | If only one device is allowed per account, when an enroll is tried for a new device the existing device is automatically removed. | Turned off |
Allowed Phone Manufacturers | Restrict Veridium system usage to the phone manufacturer list | |
OPA | Port - Port where OPA accepts connections. | 8181 |
Host - Address of OPA server. | 127.0.0.1 | |
FIDO settings | Fido Origin - The Origin use by the VID server when proxy the request to Fido | |
Fido Alliance Cert - The Fido Alliance cert used for download attestations | ||
Fido URL - The Fido Service Url | ||
FIDO Origin | ||
Session Timeout | Seconds after a session is timeout | 60 |
Authentication Max Retries | Number of maximum authentication retries, after which the account gets locked by setting its status to REACTIVATE_DEVICE | 1 |
Max Resend Code | Maximum number of validation code resend operation | 3 |
Sms Max Attempts | Number of maximum attempts for sms authentication, after which session will be FAILED | 3 |
Enabled User Enumeration Protection | Flag to enable user enumeration protection. This will make the error message more generic. | Turned on |
Client IP Location | This section allows for header settings to be taken into account for user access. | |
Identity Token Validity | Seconds after an identity token expires | 36000 |
Otp Tolerance Interval | Number of checks up if One-Time Password is invalid | 50 |
Server License Key | Server license key used to double sign master license + device fingerprint | DOJdjHoqFc4Z2ijQW33V13wu7OJyyiwtC4WtEwTHvZ2t3IGbarob0DbRWPlXFsqXRZgEFaefqDcQX5aYVPZn6Yw== |
Data Protection | Keystore Password | |
Master Key password | ||
Master Key Alias | data-protection-generate | |
Keystore | ||
Enabled - Enable data encryption | Switched on | |
Key Protection - The place where the master key is stored | JCEKS | |
Encoded Secret - Encoded secret used | 7pzjVeV/sAcOei4WS+yZ+UVMx/ | |
Notifications Enabled | Enable notifications passed in Kafka | Turned on |
Push Auth Disabled | Flag which disable the push auth method on demand | Turned off |
Statistics Enabled | Enable statistics calculated with Kafka | Turned on |
Disable Val1 And Val2 | Flag to disable Val1 and Val2 check | Turned off |
Alerts | Deactivation URL - Deactivation link | |
Mail Template High - Mail template for high severity alert | some mail template high content | |
Mail Template Low - Mail template for low severity alert | some mail template low content | |
Mail Template Reactivation - Reactivation email template (due to x failed authentications) | some mail template reactivation | |
Reactivation URL - Reactivation link after device deactivation | ||
DMZ | DMZ URL | |
Websec URL - Websec connection URL | https://dev1.veridium-dev.com/websec/ |