Application properties

Property Default Example Description
ONEGINI_​IDP_​CCC_​COOKIE_​CONFIG_​SECURE false true or false If true, the cookies can only be read on https.
ONEGINI_​IDP_​CCC_​COOKIE_​CONFIG_​PATH / The base path for the cookies.

Proxy configuration

If Onegini UMA runs behind a proxy (Apache Httpd, Nginx) that does SSL offloading, extra configuration is needed to take care of correct redirects. Otherwise internal redirects will bring the user from https to http.

Property Default Example Description
ONEGINI_​IDP_​CCC_​CONTAINER_​PROXY_​ENABLED false true or false Set true if the proxy handles SSL offloading.
ONEGINI_​IDP_​CCC_​CONTAINER_​SCHEME http or https Set https if the proxy handles SSL offloading.
ONEGINI_​IDP_​CCC_​CONTAINER_​PROXY_​NAME myapp.example.com Name of the proxy server.
ONEGINI_​IDP_​CCC_​CONTAINER_​PROXY_​PORT 80 or 443 Port of the proxy server.

Search keys

Property Default Example Description
ONEGINI_​IDP_​CCC_​IDP_​PERSON_​SEARCH_​KEYS_​EMAIL false true or false Enable or disable search by email.
ONEGINI_​IDP_​CCC_​IDP_​PERSON_​SEARCH_​KEYS_​PHONE false true or false Enable or disable search by phone number.

Person details custom message

Custom HTML based message can be shown in the person details view, directly below the Account section. To add such message please define property ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_CUSTOM_MESSAGE, e.g. ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_CUSTOM_MESSAGE=<h2>Warning</h2>

The custom HTML message can be shown (below ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_CUSTOM_MESSAGE custom message) for external users only. To add such message please define property ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_EXTERNAL_USER, e.g. ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_EXTERNAL_USER=<h2>External user</h2>

If any of the variables is defined via docker-compose and the value contains double quotation marks make sure the entire key-pair is wrapped in single quotation marks e.g. 'ONEGINI_IDP_CCC_EXTENSION_PERSON_DETAILS_CUSTOM_MESSAGE=<h2 style="color: red; border: 2px solid red; background-color: yellow; padding: 10px;">Warning</h2>'.

Profile fields management

You can configure which fields of user's profile are editable on user's profile view. This can be configured using the following environment properties:

Property Default Example Description
ONEGINI_​IDP_​CCC_​PERSON_​PROFILE_​EDITABLE_​PROFILE_​FIELDS EMAIL_ADDRESS EMAIL_ADDRESS, PHONE_NUMBER Comma separated list of editable profile fields. Supported values: EMAIL_ADDRESS, PHONE_NUMBER
ONEGINI_​IDP_​CCC_​VALIDATION_​PHONE_​NUMBER ^\\+[1-9](?:[0-9]){4,14}$ ^+31[0-9]{4,14}$ Regular Expression that should be applied to phone number validation.
ONEGINI_​IDP_​CCC_​VALIDATION_​EMAIL_​ADDRESS .+@.+ .+@onegini.com Regular Expression that should be applied to email address validation.

Custom attributes management

Custom attributes management can be configured as described in custom attributes management topic guide.

Property Default Example Description
ONEGINI_​IDP_​CCC_​PERSON_​PROFILE_​EDITABLE_​CUSTOM_​ATTRIBUTES attr1,attr2,attr3 Comma separated list of custom attribute names that user is able to add, edit and delete. An empty value means that this feature is disabled.

Person Creation

The feature to create a new user can be enabled/ disabled.

Property Default Example Description
ONEGINI_​IDP_​CCC_​PERSON_​PROFILE_​CREATE_​ENABLED false true If true the feature to add user via form is enabled.

Device management

The device management can be enabled and configured using below environment variables. See the Manage devices topic guide for details.

Property Default Description
TOKEN_​SERVER_​DEVICE_​MANAGEMENT_​ENABLED false Enables management of user's devices.
TOKEN_​SERVER_​DEVICE_​MANAGEMENT_​IGNORED_​EVENT_​TYPES API_EVENTS_LISTED, API_DEVICES_LISTED, API_DEVICES_NO_DATA_FOUND Comma separated list of events that should not be displayed in Onegini UMA.

This feature requires access to the Onegini Token Server's End User and Event APIs. Make sure the API connection is setup properly.