-
Notifications
You must be signed in to change notification settings - Fork 284
/
id-repository-default.properties
456 lines (399 loc) · 25.8 KB
/
id-repository-default.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
# Follow properites have their values assigned via 'overrides' environment variables of config server docker.
# DO NOT define these in any of the property files. They must be passed as env variables. Refer to config-server
# helm chart:
# db.dbuser.password
# mosip.crereq.client.secret
# mosip.creser.client.secret
# mosip.regproc.client.secret
# mosip.kernel.tokenid.uin.salt
# mosip.kernel.tokenid.partnercode.salt
# idrepo.websub.vid.credential.update.secret
# keycloak.internal.url
# s3.accesskey
# s3.region
# s3.secretkey
management.endpoint.restart.enabled=true
# Database hostname below is assuming postgres is running inside cluster in 'postgres' namespace
# If database is external to production, provide the DNS or ip of the host and port
mosip.idrepo.db.url=postgres-postgresql.postgres
mosip.idrepo.db.port=5432
mosip.idrepo.db.identity.db-name=mosip_idrepo
mosip.idrepo.db.identity.username=idrepouser
mosip.idrepo.db.identity.password=${db.dbuser.password}
mosip.idrepo.db.vid.db-name=mosip_idmap
mosip.idrepo.db.vid.username=idmapuser
mosip.idrepo.db.vid.password=${db.dbuser.password}
mosip.idrepo.objectstore.account-name=idrepo
mosip.idrepo.objectstore.bucket-name=${s3.pretext.value:}idrepo
mosip.idrepo.objectstore.adapter-name=s3Adapter
#IDRepo identity/vid service authentication details
mosip.idrepo.auth.client-id=mosip-idrepo-client
mosip.idrepo.auth.secret-key=${mosip.idrepo.client.secret}
mosip.idrepo.auth.app-id=idrepo
# For auditing
mosip.idrepo.application.name=ID-Repository
mosip.idrepo.application.version.pattern=^v\\d+(\\.\\d+)?$
# Configuration for +/- time period adjustment in minutes for the request time validation, so that
#the requests originating from a system that is not in time-sync will be accepted for the time period
mosip.idrepo.datetime.future-time-adjustment=2
# Reference IDs of base keys used for encryption/decryption
mosip.idrepo.crypto.refId.uin=uin
mosip.idrepo.crypto.refId.uin-data=identity_data
mosip.idrepo.crypto.refId.demo-doc-data=demographic_data
mosip.idrepo.crypto.refId.bio-doc-data=biometric_data
# Limit the number of async threads created in IDRepo services. This count is divided into 4 thread groups configured in IdRepoConfig.class
mosip.idrepo.active-async-thread-count=100
# Logging of thread queue done based on below value in ms. Logging is done only if queue value of any one thread group crosses below specified threshold.
mosip.idrepo.monitor-thread-queue-in-ms=600000
mosip.idrepo.max-thread-queue-threshold=100
## Kernel retry
# The retry limit excluding the first attempt before attempting for retries. Default is set to 5.
kernel.retry.attempts.limit=5
# The initial interval to be used for exponential backoff in milli seconds. If the exponential backoff is disabled by setting 'kernel.retry.exponential.backoff.multiplier' value as 1, this initial interval will be used as the fixed backoff interval for every retries. Default value is 200 millisecs
kernel.retry.exponential.backoff.initial.interval.millisecs=100
# The multiplier for exponential backoff intreval. A double value greater than or equal to 1. Setting to 1 will make it to fixed backoff, more than 1 will apply exponential backoff. Default is 1.0 (fixed backoff). For exponential backoff the suggested value is 1.5 or 2. The next backoff interval is calculated with the formula: NextBackOffInterval = initialInterval * Math.pow(multiplier, retryCount)
kernel.retry.exponential.backoff.multiplier=1.5
kernel.retry.exponential.backoff.max.interval.millisecs=1000
# Whether to traverse to the root cause exception from the exception thrown and use the same root cause to decide whether to retry or not. Default is true.
kernel.retry.traverse.root.cause.enabled=false
#Comma separated List of fully qualified Exceptions which are retryable (inclusion list). Their subclasses will also be considered in the evaluation.
kernel.retry.retryable.exceptions=io.mosip.idrepository.core.exception.IdRepoRetryException
#Comma separated List of fully qualified Exceptions which are not-retryable (exclusion list). Their subclasses will also be considered in the evaluation.
kernel.retry.nonretryable.exceptions=
## Identity service
# Application version expected in the request
mosip.idrepo.identity.application.version=v1
# Application ids expected in the requests
mosip.idrepo.identity.id.create=mosip.id.create
mosip.idrepo.identity.id.read=mosip.id.read
mosip.idrepo.identity.id.update=mosip.id.update
mosip.identity.get.drafts.id=mosip.identity.get.drafts
mosip.identity.get.drafts.version=1.0
#database mappings for identity service
mosip.idrepo.identity.db.url=jdbc:postgresql://${mosip.idrepo.db.url}:${mosip.idrepo.db.port}/${mosip.idrepo.db.identity.db-name}
mosip.idrepo.identity.db.username=${mosip.idrepo.db.identity.username}
mosip.idrepo.identity.db.password=${mosip.idrepo.db.identity.password}
mosip.idrepo.identity.db.driverClassName=org.postgresql.Driver
# Path of UIN expected in the input idrepo request. This path is based on Identity schema.
mosip.idrepo.identity.json.path=identity.UIN
# UIN status value which is stored in database for newly inserted UIN/active UINs.
mosip.idrepo.identity.uin-status.registered=ACTIVATED
# List of allowed UIN status in ID-Repo
mosip.idrepo.identity.uin-status=ACTIVATED,BLOCKED,DEACTIVATED
# idobjectvalidator
# Class name of the referenceValidator. Commenting or removing this property will disable reference validator.
mosip.kernel.idobjectvalidator.referenceValidator=io.mosip.kernel.idobjectvalidator.impl.IdObjectReferenceValidator
# VID
# Application version expected in the request
mosip.idrepo.vid.application.version=v1
# Application ids expected in the requests
mosip.idrepo.vid.id.create=mosip.vid.create
mosip.idrepo.vid.id.read=mosip.vid.read
mosip.idrepo.vid.id.update=mosip.vid.update
mosip.idrepo.vid.id.regenerate=mosip.vid.regenerate
mosip.idrepo.vid.id.reactivate=mosip.vid.reactivate
mosip.idrepo.vid.id.deactivate=mosip.vid.deactivate
# Database mapping for VID service
mosip.idrepo.vid.db.url=jdbc:postgresql://${mosip.idrepo.db.url}:${mosip.idrepo.db.port}/${mosip.idrepo.db.vid.db-name}
mosip.idrepo.vid.db.username=${mosip.idrepo.db.vid.username}
mosip.idrepo.vid.db.password=${mosip.idrepo.db.vid.password}
mosip.idrepo.vid.db.driverClassName=org.postgresql.Driver
# VID status value which is stored in database for newly inserted VID/active VIDs.
mosip.idrepo.vid.active-status=ACTIVE
# VID status for which unlimited txn is not allowed
mosip.idrepo.vid.unlimited-txn-status=USED
# VID status which are allowed for VID regeneration
mosip.idrepo.vid.regenerate.allowed-status=ACTIVE,REVOKED,EXPIRED,USED
# List of allowed VID status in ID-Repo
mosip.idrepo.vid.allowedstatus=ACTIVE,REVOKED,EXPIRED,USED,INVALIDATED,DEACTIVATED
# VID status value which is stored in database for deactivated VIDs. Used in deactivate-all-vids api.
mosip.idrepo.vid.deactive-status=DEACTIVATED
# VID status value which is stored in database for reactivated VIDs. Used in reactivate-all-vids api.
mosip.idrepo.vid.reactive-status=ACTIVE
#RID
# Application version expected in the request
mosip.idrepo.rid.get.version=1.0
# Application ids expected in the requests
mosip.idrepo.rid.get.id=mosip.idrepo.rid.get
# Config server url
mosip.idrepo.mosip-config-url=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/
# VID policy schema against which VID policy is validated
mosip.idrepo.vid.policy-schema-url=${mosip.idrepo.mosip-config-url}mosip-vid-policy-schema.json
# VID policy based on which VID is created
mosip.idrepo.vid.policy-file-url=${mosip.idrepo.mosip-config-url}mosip-vid-policy.json
# Default type of VID to be created automatically while publishing UIN
mosip.idrepo.draft-vid.default-type-to-create=PERPETUAL
## Rest servies
mosip.idrepo.audit.rest.uri=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits
mosip.idrepo.audit.rest.httpMethod=POST
mosip.idrepo.audit.rest.headers.mediaType=application/json
mosip.idrepo.encryptor.rest.uri=${mosip.kernel.keymanager.url}/v1/keymanager/encrypt
mosip.idrepo.encryptor.rest.httpMethod=POST
mosip.idrepo.encryptor.rest.headers.mediaType=application/json
mosip.idrepo.encryptor.rest.timeout=100
mosip.idrepo.decryptor.rest.uri=${mosip.kernel.keymanager.url}/v1/keymanager/decrypt
mosip.idrepo.decryptor.rest.httpMethod=POST
mosip.idrepo.decryptor.rest.headers.mediaType=application/json
mosip.idrepo.decryptor.rest.timeout=100
mosip.idrepo.vid-service.rest.uri=${mosip.idrepo.vid.url}/idrepository/v1/vid/uin/{uin}
mosip.idrepo.vid-service.rest.httpMethod=GET
mosip.idrepo.vid-service.rest.headers.mediaType=application/json
mosip.idrepo.vid-service.rest.timeout=100
mosip.idrepo.retrieve-uin-by-vid.rest.uri=${mosip.idrepo.vid.url}/idrepository/v1/vid/{vid}
mosip.idrepo.retrieve-uin-by-vid.rest.httpMethod=GET
mosip.idrepo.retrieve-uin-by-vid.rest.headers.mediaType=application/json
mosip.idrepo.retrieve-uin-by-vid.rest.timeout=100
# in minutes
mosip.iam.adapter.validate-expiry-check-rate=15
# in minutes
mosip.iam.adapter.renewal-before-expiry-interval=15
#this should be false if you don?t use the self token restTemplate from auth adapter true if you do (needed for websubclient).
mosip.iam.adapter.self-token-renewal-enable=true
mosip.auth.filter_disable=false
mosip.idrepo.bio-extractor-service.rest.uri=${mosip.mock.biosdk.url}/biosdk-service/{extractionFormat}/extracttemplates
mosip.idrepo.bio-extractor-service.rest.httpMethod=POST
mosip.idrepo.bio-extractor-service.rest.headers.mediaType=application/json
mosip.idrepo.bio-extractor-service.rest.timeout=100
mosip.idrepo.syncdata-service.rest.uri=${mosip.kernel.masterdata.url}/v1/masterdata/idschema/latest
mosip.idrepo.syncdata-service.rest.httpMethod=GET
mosip.idrepo.syncdata-service.rest.headers.mediaType=application/json
mosip.idrepo.syncdata-service.rest.timeout=100
mosip.idrepo.pmp.partner.rest.uri=${mosip.pms.partnermanager.url}/v1/partnermanager/partners?partnerType=Online_Verification_Partner
mosip.idrepo.pmp.partner.rest.httpMethod=GET
mosip.idrepo.pmp.partner.rest.headers.mediaType=application/json
mosip.idrepo.pmp.partner.rest.timeout=100
mosip.idrepo.credential.request.rest.uri=${mosip.idrepo.credrequest.generator.url}/v1/credentialrequest/requestgenerator
mosip.idrepo.credential.request.rest.httpMethod=POST
mosip.idrepo.credential.request.rest.headers.mediaType=application/json
mosip.idrepo.credential.request.rest.timeout=100
mosip.idrepo.credential.cancel-request.rest.uri=${mosip.idrepo.credrequest.generator.url}/v1/credentialrequest/cancel/{requestId}
mosip.idrepo.credential.cancel-request.rest.httpMethod=GET
mosip.idrepo.credential.cancel-request.rest.headers.mediaType=application/json
mosip.idrepo.credential.cancel-request.rest.timeout=100
## Credential status job
# Fixed delay time after which job will be triggered again to process the created/updated credential details.
mosip.idrepo.credential-status-update-job.fixed-delay-in-ms=10000
# Dummy partner id used to create a credential request record in credential_request_status.
# Credential won't be issued for the below provided. id-repository-credential-feeder will utilize
# the credential request with below partner id to issue credential to new IDA partners.
idrepo-dummy-online-verification-partner-id=MOVP
mosip.idrepo.retrieve-by-uin.rest.uri=${mosip.idrepo.identity.url}/idrepository/v1/identity/idvid/{uin}
mosip.idrepo.retrieve-by-uin.rest.httpMethod=GET
mosip.idrepo.retrieve-by-uin.rest.headers.mediaType=application/json
mosip.idrepo.retrieve-by-uin.rest.timeout=100
mosip.idrepo.vid-generator.rest.uri=${mosip.kernel.idgenerator.url}/v1/idgenerator/vid
mosip.idrepo.vid-generator.rest.httpMethod=GET
mosip.idrepo.vid-generator.rest.headers.mediaType=application/json
mosip.idrepo.vid-generator.rest.timeout=100
## Websub
mosip.idrepo.websub.vid-credential-update.callback-url=${mosip.idrepo.identity.url}/idrepository/v1/identity/callback/vid_credential_status_update
mosip.idrepo.websub.vid-credential-update.topic=VID_CRED_STATUS_UPDATE
mosip.idrepo.websub.vid-credential-update.secret= ${idrepo.websub.vid.credential.update.secret}
mosip.idrepo.websub.credential-status-update.topic=CREDENTIAL_STATUS_UPDATE
## Auth adapter
mosip.iam.adapter.clientid.id-repository=${mosip.idrepo.auth.client-id}
mosip.iam.adapter.clientsecret.id-repository=${mosip.idrepo.auth.secret-key}
mosip.iam.adapter.appid.id-repository=${mosip.idrepo.auth.app-id}
mosip.authmanager.client-token-endpoint=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/clientidsecretkey
mosip.idrepo.uin-generator.rest.uri=${mosip.kernel.idgenerator.url}/v1/idgenerator/uin
mosip.idrepo.uin-generator.rest.httpMethod=GET
mosip.idrepo.uin-generator.rest.headers.mediaType=application/json
mosip.idrepo.uin-generator.rest.timeout=100
mosip.idrepo.draft-vid.rest.uri=${mosip.idrepo.vid.url}/idrepository/v1/draft/vid
mosip.idrepo.draft-vid.rest.httpMethod=POST
mosip.idrepo.draft-vid.rest.headers.mediaType=application/json
mosip.idrepo.draft-vid.rest.timeout=100
mosip.idrepo.update-vid.rest.uri=${mosip.idrepo.vid.url}/idrepository/v1/vid/{vid}
mosip.idrepo.update-vid.rest.httpMethod=PATCH
mosip.idrepo.update-vid.rest.headers.mediaType=application/json
mosip.idrepo.update-vid.rest.timeout=100
## Credential request generator
mosip.credential.service.database.hostname=postgres-postgresql.postgres
mosip.credential.service.database.port=5432
mosip.credential.service.jdbc.url=jdbc:postgresql://${mosip.credential.service.database.hostname}:${mosip.credential.service.database.port}/mosip_credential?currentSchema=credential
mosip.credential.service.jdbc.user=credentialuser
mosip.credential.service.jdbc.password=${db.dbuser.password}
mosip.credential.service.jdbc.driver=org.postgresql.Driver
hibernate.hbm2ddl.auto=none
spring.jpa.hibernate.ddl-auto=none
hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
hibernate.jdbc.lob.non_contextual_creation=true
hibernate.show_sql=false
# Token generator properties
credential.request.token.request.appid=${mosip.idrepo.credential-req-generator.auth.app-id}
credential.request.token.request.clientId=${mosip.idrepo.credential-req-generator.auth.client-id}
credential.request.token.request.secretKey=${mosip.idrepo.credential-req-generator.auth.secret-key}
credential.request.token.request.version=1.0
credential.request.token.request.id=io.mosip.credentialrequestgenerator
credential.request.token.request.issuerUrl=${keycloak.internal.url}/auth/realms/mosip
mosip.credential.request.service.id=mosip.credential.request.generator
mosip.credential.request.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
mosip.credential.request.service.version=1.0
# Reference Id which is used for encryption/decryption of credential request using keymanager
mosip.credential.request.crypto-ref-id=credential_request
## Batch job
# batch job time intervel in miliseconds
mosip.credential.request.job.timedelay=3000
#Reprocessing job timeintervel in miliseconds
mosip.credential.request.reprocess.job.timedelay=1200000
credential.request.type=auth
credential.request.retry.max.count=10
credential.request.reprocess.statuscodes=FAILED,RETRY
credential.batch.page.size=10
credential.request.process.locktimeout=60000
credential.request.reprocess.locktimeout=60000
credential.batch.status=NEW
## Rest services
CRDENTIALSERVICE=${mosip.idrepo.credential.service.url}/v1/credentialservice/issue
KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/clientidsecretkey
CALLBACKURL=${mosip.idrepo.credrequest.generator.url}/v1/credentialrequest/callback/notifyStatus
ENCRYPTION=${mosip.idrepo.encryptor.rest.uri}
DECRYPTION=${mosip.idrepo.decryptor.rest.uri}
# Websub
#Delay (in milliseconds) for subscription on application startup to avoid failure during intent verification by hub.
subscription-delay-secs=120000
# The time interval in seconds to schedule subscription of topics which is done as a
# work-around , By default the
# this property value is set to 0 that disables this workaround.
# To enable the resubscrition scheduling, this property should be assigned with a positive
# number like 1 * 60 * 60 = 3600 for one hour
resubscription-delay-secs=43200
WEBSUBSECRET=test
# Credential service
credential.service.token.request.appid=${mosip.idrepo.credential.auth.app-id}
credential.service.token.request.clientId=${mosip.idrepo.credential.auth.client-id}
credential.service.token.request.secretKey=${mosip.creser.client.secret}
credential.service.token.request.id=io.mosip.credentialstore
# Credential formatter properties
mosip.credential.vc.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss'Z'
mosip.credential.service.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
mosip.credential.service.service.id=mosip.credential.store
mosip.credential.service.service.version=1.0
credential.service.credentialtype.file=CredentialType.json
credential.service.mvel.file=credentialdata.mvel
credential.service.dob.format=yyyy/MM/dd
mosip.credential.service.credential.schema=MOSIPVerifiableCredential
mosip.credential.service.type.name=mosip
mosip.credential.service.type.namespace=mosip
credentialType.formatter.AUTH=IdAuthProvider
credentialType.formatter.QRCODE=QrCodeProvider
credentialType.formatter.MOSIP=CredentialProvider
credentialType.formatter.EUIN=QrCodeProvider
credentialType.formatter.REPRINT=QrCodeProvider
credentialType.formatter.EUIN_WITH_QR=QrCodeProvider
credentialType.formatter.EUIN_WITH_FACEQR=QrCodeProvider
mosip.credential.service.format.id=http://mosip.io/credentials/
mosip.credential.service.format.issuer=https://mosip.io/issuers/
mosip.credential.service.application.id=PARTNER
mosip.credential.service.includeCertificateHash=true
mosip.credential.service.includeCertificate=true
mosip.credential.service.includePayload=false
mosip.credential.service.share.prependThumbprint=false
mosip.credential.service.retry.maxAttempts=3
mosip.credential.service.retry.maxDelay=100
IDREPOGETIDBYID=${mosip.idrepo.identity.url}/idrepository/v1/identity/idvid
mosip.data.share.protocol=http
mosip.data.share.internal.domain.name=datashare.datashare
CREATEDATASHARE=/v1/datashare/create
KEYMANAGER_JWTSIGN=${mosip.kernel.keymanager.url}/v1/keymanager/jwtSign
KEYMANAGER_ENCRYPT_PIN=${mosip.kernel.keymanager.url}/v1/keymanager/encryptWithPin
KEYMANAGER_ENCRYPT_ZK=${mosip.kernel.keymanager.url}/v1/keymanager/zkEncrypt
PARTNER_POLICY=${mosip.pms.partnermanager.url}/v1/partnermanager/partners/{partnerId}/credentialtype/{credentialType}/policies
PARTNER_EXTRACTION_POLICY=${mosip.pms.partnermanager.url}/v1/partnermanager/partners/{partnerId}/bioextractors/{policyId}
credential.service.token.request.issuerUrl=${keycloak.internal.url}/auth/realms/mosip
# BioSDK service
mosip.biosdk.default.service.url=${mosip.mock.biosdk.url}/biosdk-service
# The fully qualified Class Name of the BIO SDK API implemented for Finger modality
# This class will be loaded in runtime, the containing jar should be available in classpath
mosip.biometric.sdk.providers.finger.mosip-ref-impl-sdk-client.classname=io.mosip.biosdk.client.impl.spec_1_0.Client_V_1_0
# The version of the BIO SDK API implemeted for Finger modality
mosip.biometric.sdk.providers.finger.mosip-ref-impl-sdk-client.version=0.9
mosip.biometric.sdk.providers.finger.mosip-ref-impl-sdk-client.format.url.mock-1.1=${mosip.biosdk.default.service.url}
# The default URL will be taken if no format specified in the extraction or the incoming extraction format is not configured.
# If the below default configuration is not configured, the one of the configured url will be used as the default URL.
# If no URL is configured, the default URL will be taken from the environment variable 'mosip_biosdk_service'.
mosip.biometric.sdk.providers.finger.mosip-ref-impl-sdk-client.format.url.default=${mosip.biosdk.default.service.url}
# The fully qualified Class Name of the BIO SDK API implemented for Iris modality
# This class will be loaded in runtime, the containing jar should be available in classpath
mosip.biometric.sdk.providers.iris.mosip-ref-impl-sdk-client.classname=io.mosip.biosdk.client.impl.spec_1_0.Client_V_1_0
# The version of the BIO SDK API implemeted for Iris modality
mosip.biometric.sdk.providers.iris.mosip-ref-impl-sdk-client.version=0.9
mosip.biometric.sdk.providers.iris.mosip-ref-impl-sdk-client.format.url.mock-1.1=${mosip.biosdk.default.service.url}
# The fully qualified Class Name of the BIO SDK API implemented for Face modality
# This class will be loaded in runtime, the containing jar should be available in classpath
mosip.biometric.sdk.providers.face.mosip-ref-impl-sdk-client.classname=io.mosip.biosdk.client.impl.spec_1_0.Client_V_1_0
# The version of the BIO SDK API implemeted for Face modality
mosip.biometric.sdk.providers.face.mosip-ref-impl-sdk-client.version=0.9
mosip.biometric.sdk.providers.face.mosip-ref-impl-sdk-client.format.url.mock-1.1=${mosip.biosdk.default.service.url}
# Credential issuance Event properties
id-repo-ida-event-type-namespace=mosip
id-repo-ida-event-type-name=ida
id-repo-ida-credential-type=auth
id-repo-ida-credential-recepiant=IDA
# Kernel token ID generator properties
mosip.kernel.tokenid.uin.salt=${mosip.kernel.uin.salt}
mosip.kernel.tokenid.partnercode.salt=${mosip.kernel.partnercode.salt}
# Enabling below property will start logging performance logs in identity and vid service
mosip.idrepo.aspect-logging.enabled=false
auth.server.admin.allowed.audience=mosip-regproc-client,mosip-prereg-client,mosip-admin-client,mosip-crereq-client,mosip-creser-client,mosip-datsha-client,mosip-ida-client,mosip-resident-client,mosip-reg-client,mpartner-default-print,mosip-idrepo-client,mpartner-default-auth,mosip-syncdata-client,mosip-masterdata-client,mosip-idrepo-client,mosip-pms-client,mosip-hotlist-client,opencrvs-partner,mpartner-default-digitalcard,mpartner-default-mobile,mosip-signup-client
#openapi properties to sort tag and operations of id-repository services
springdoc.swagger-ui.tagsSorter=alpha
springdoc.swagger-ui.operationsSorter=alpha
# Object store
object.store.s3.accesskey=${s3.accesskey}
object.store.s3.secretkey=${s3.secretkey}
## For Minio: object.store.s3.url=http://minio.minio:9000
## For AWS: object.store.s3.url=s3.${s3.region}.amazonaws.com
object.store.s3.url=http://minio.minio:9000
object.store.s3.region=${s3.region}
object.store.s3.readlimit=10000000
# Roles
mosip.role.idrepo.credentialrequest.postrequestgenerator=CREDENTIAL_REQUEST,ID_REPOSITORY
mosip.role.idrepo.credentialrequest.postv2requestgeneratorrid=CREDENTIAL_REQUEST,ID_REPOSITORY
mosip.role.idrepo.credentialrequest.getcancelrequestid=CREDENTIAL_REQUEST,ID_REPOSITORY
mosip.role.idrepo.credentialrequest.getgetrequestid=CREDENTIAL_REQUEST
mosip.role.idrepo.credentialrequest.getgetrequestids=CREDENTIAL_REQUEST
mosip.role.idrepo.credentialrequest.putretriggerrequestid=CREDENTIAL_REQUEST
mosip.role.idrepo.credentialservice.postissue=CREDENTIAL_REQUEST
mosip.role.idrepo.identity.postidrepo=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.getidvidid=REGISTRATION_PROCESSOR,RESIDENT,REGISTRATION_ADMIN,REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,ID_AUTHENTICATION,ID_REPOSITORY
mosip.role.idrepo.identity.patchidrepo=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.getauthtypesstatusindividualidtypeindividualid=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.identity.postauthtypesstatus=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.identity.postdraftcreateregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.patchdraftupdateregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.getdraftpublishregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.deletedraftdiscardregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY,RESIDENT
mosip.role.idrepo.identity.draftregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.getdraftregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.putdraftextractbiometricsregistrationId=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.remainingUpdateCountByIndividualId=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.identity.getRidByIndividualId=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.postvid=RESIDENT,REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.vid.getvid=REGISTRATION_PROCESSOR,ID_AUTHENTICATION,RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.getviduin=REGISTRATION_PROCESSOR,ID_REPOSITORY,RESIDENT
mosip.role.idrepo.vid.patchvid=ID_AUTHENTICATION,REGISTRATION_PROCESSOR,RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.postvidregenerate=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.postviddeactivate=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.postvidreactivate=RESIDENT,ID_REPOSITORY
mosip.role.idrepo.vid.postdraftvid=REGISTRATION_PROCESSOR,ID_REPOSITORY
mosip.role.idrepo.identity.getdraftUIN=RESIDENT,ID_REPOSITORY
mosip.mask.function.identityAttributes=convertToMaskData
mosip.credential.service.fetch-identity.type=bio
mosip.idrepo.credential.request.enable-convention-based-id=false
mosip.idrepo.credential-request-v2.rest.uri=${mosip.idrepo.credrequest.generator.url}/v1/credentialrequest/v2/requestgenerator/{rid}
mosip.idrepo.credential-request-v2.rest.httpMethod=POST
mosip.idrepo.credential-request-v2.rest.headers.mediaType=application/json
mosip.idrepo.credential-request-v2.rest.timeout=100
# It is recommended to not support UIN based authentication (both external & internal)
# To stop issuing UIN+credential to IDA set flag to true otherwise set the flag to false to issue UIN+credential to IDA.
mosip.idrepo.identity.disable-uin-based-credential-request=false
# Field Id as in the identity schema will be the key and value is the actual postfix to append. Empty values are also supported.
# This configuration is considered only when mentioned fieldId is marked to be a handle in the identity schema and it is one of the selectedHandle in the ID-object.
mosip.identity.fieldid.handle-postfix.mapping={'phone':'@phone'}
mosip.idrepo.identity.max-request-time-deviation-seconds=60
#Enable this property only when to check cache log
#logging.level.org.springframework.cache=TRACE
# By default, it is false. To enable force merge of data, change it to true.
mosip.idrepo.create-identity.enable-force-merge=false
mosip.identity.get.excluded.attribute.list=UIN,verifiedAttributes,IDSchemaVersion