openid-client-server/.env.example at master · Optum/openid-client-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# Client Metadata Options
# see complete set of options here:
# https://github.com/panva/node-openid-client/blob/master/docs/README.md#new-clientmetadata-jwks-options
# All options are supported via environment variables with the prefix of OPENID_${propertyname.toUpperCase()}
# Example: client_id would be OPENID_CLIENT_ID
OPENID_CLIENT_ID=
OPENID_CLIENT_SECRET=
OPENID_REDIRECT_URIS=

# Session Options
OPENID_SESSION_NAME=
OPENID_SESSION_SAME_SITE=
# Session Keys are required
# Examples:
# OPENID_SESSION_KEYS= asdfington
# OPENID_SESSION_KEYS= asdfington,fdsaington
OPENID_SESSION_KEYS=

# Client Server Options
OPENID_SIGNIN_PATH=
OPENID_CALLBACK_PATH=
OPENID_PROCESS_CALLBACK_PATH=
OPENID_SIGNOUT_PATH=
OPENID_USER_INFO_PATH=
OPENID_ERROR_PAGE_PATH=
# Discovery Endpoint is required
# see discription of use here:
# https://github.com/panva/node-openid-client/blob/master/docs/README.md#issuerdiscoverissuer
# Examples:
# https://samples.auth0.com/
# https://samples.auth0.com/.well-known/openid-configuration
OPENID_DISCOVERY_ENDPOINT=
# Override default openid-client scope with space delimited value(s)
# Examples:
# api://azure-ad-app-id/api_access
# api://azure-ad-app-id/api_access openid profile
OPENID_SCOPE=

# Optional flag to enable PKCE Option
OPENID_ENABLE_PKCE=

# OAuth2 Options
ENABLE_OAUTH2=
OAUTH2_AUTH_ENDPOINT=
OAUTH2_TOKEN_ENDPOINT=
OAUTH2_USERINFO_ENDPOINT=

# A flag to enable OpenID Request Listener Events
OPENID_REQUEST_LISTENER_EMIT_EVENTS=

# Proxy Options
# Proxy Paths is a csv of path values the openid web app will call
# Examples:
# /proxy
# /api,/api2
OPENID_PROXY_PATHS=
# Proxy Hosts is a csv of hosts that will via the proxy path of the same index
# Examples:
# http://localhost:3005
# http://localhost:3000,http://localhost:3005
OPENID_PROXY_HOSTS=
# Proxy exclude cookie is a csv of boolean flags indicating whether or not to exclude the cookie header from the wep app request
# Examples:
# false
# false,true
OPENID_PROXY_EXCLUDE_COOKIE=

# Exclude all origin headers. Overrides OPENID_PROXY_EXCLUDE_COOKIE if true
# Examples:
# false
# false,true
OPENID_PROXY_EXCLUDE_ORIGIN_HEADERS=

# Optional csv of boolean flags indicating to use id_token instead of access token for proxy requests
OPENID_PROXY_USE_ID_TOKEN=

# Logger Options
# NOTE: to override all these settings, simply overwrite options.loggerOptions within server setup
# customize basic options within the default pino logger
# see pino log-level for possible values:
# http://getpino.io/#/docs/api?id=level-string
OPENID_LOG_LEVEL=
# see pino name-string for possible values:
# http://getpino.io/#/docs/api?id=name-string
OPENID_LOG_NAME=

# Required if the application is using the OPENID_SIGNOUT_PATH settings to allow the user to explicitly sign out
# of the application
OPENID_SIGNED_OUT_PAGE=

# Optional comma separated list of secured pages
# example:
# /dashboard
# /dashboard,/editor
OPENID_SECURED_PATHS=