Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Removed the property "batchSyncItemReader.pageSize"



This article is valid for Smart ID 22.04 and later.

This is a non exhaustive list of properties that can be set for the Identity Manager components (Admin and/or Operator).

See also Set properties for Identity Manager Admin and Set properties for Identity Manager Operator.

PropertyDefault Value if not setIDM componentDescription
jobExecutorStarter.startOnSystemStartuptrueOperatorEnable or disable the activiti engine on system startup.

deleteConfigurationVisibility.deleteConfigurationVisible

falseAdmin

Shows or hides the Delete Configuration button.

Note

Do not use this property in production systems.


uploadPopup.enableUploadButtonStrategyNameenableUploadButtonStrategyAllowUnsignedAdmin, Operator

Sets the behavior of the Upload button. Configure the tolerance for configuration/zip signing and verification.

This configuration should be set to reflect how "zipPacker.signZip" and "zipUnpacker.verifyZip" are configured.

Accepted values:

  • enableUploadButtonStrategyStrict
  • enableUploadButtonStrategyAllowUnsigned
  • enableUploadButtonStrategyIgnoreSigning
zipPacker.signZiptrueAdmin, Operator

Enable or disable signing of ZIP archives and configuration.

zipUnpacker.verifyZiptrueAdmin, Operator

Enable or disable verification of ZIP archives and configuration.

historyServiceSigner.descriptorNameObjectHistorySignerOperator

Activate the chained signature feature in object history.

cardSDKConnectorBaseConfig.cardSDKUrlhttps://localhost:54881Operator

The URL to CardSDK. Used for image capture.

commonHistoryService.historyCutOffDuration

12Operator

This value is number of month.

If no historyCutOffDuration is set, then history verification and cleanup will behave as follows:

    •  verification (via REST or scheduled task) checks the entire history.
    • no cleaning (via scheduled task) will be done.

You can set historyCutOffDuration to N >= 12, then it will behave as follows:

    • verification (via REST or scheduled task) checks the most recent N months.
    • cleaning (via scheduled task) deletes entries older than N months.

If historyCutOffDuration is set to N < 12 then the minimum value as 12 will be used instead.

Note: In order for verification of a chain to succeed, the oldest entry within the interval still requires a valid predecessor (if a predecessorId is set).

cronUsernameadminOperator

The system user for scheduled tasks. Executes tasks relevant to all tenants.

cronPasswordadminOperator

The system user password for scheduled tasks. Executes tasks relevant to all tenants.

cronTenantId

1Operator

The tenant id of the system user for scheduled tasks. Executes tasks relevant to all tenants, not only for this specific tenant, such as sending out notifications to admins.

historyVerificationTrigger.cronExpression

0 30 0 ? * SUN *Operator

A cron expression that defines at which frequency the History verification task will run.

historyCleaningTrigger.cronExpression

0 30 0 ? * FRI *Operator

A cron expression that defines at which frequency the History Cleaning task will run.

schedulingReporter.cc


Operator

Email address (CC) of users to be notified by the history verification task.

schedulingReporter.to
Operator

Email address (TO) of users to be notified by the history verification task.

activitiHistoryCleaner.daysAfterEndTime30Operator

Parameter for the Activiti process history cleanup task.

Defines the number of days to wait, after a process is completed, until it will be removed.

activitiHistoryCleaner.daysOfInactivity180Operator

Parameter for the Activiti process history cleanup task.

Defines the number of days a running process can stay inactive until it will be removed.

activitiHistoryCleanerJobTrigger.cronExpression0 0 23 ? * FRI *Operator

Parameter for the Activiti process history cleanup task.

A cron expression that defines at which frequency the cleanup task is run.

quartzScheduler.enable

trueOperator

Enable or disable the quartz scheduler. By disabling, all the scheduled tasks are disabled.

caasCommunicationService.clientId


Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.clientSecret


Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.organisationId


Admin, Operator

See Integrate Nexus GO Cards to Identity Manager 

caasCommunicationService.hostname

cards.nxsas.com

Admin, OperatorSee Integrate Nexus GO Cards to Identity Manager 
webappUrlInfo.httpsOverridePort
Operator

Disabled by default (see info "HTTPS Override Ports" below the table), for JPKIEncoder download.

webServer.httpsOverridePort


Operator

Disabled by default (see info "HTTPS Override Ports" below the table), for CA connector calls.

supportMultiTenantSelectiontrueAdmin, Operator

When enabled, this parameter shows the tenant selection page when no tenantId is specified on the URL.

batchSync.monitorInterval

0 0/1 * * * ?Operator

This cron expression determines the scan interval of the BatchSyncMonitor.

batchSync.permissionRoleBaseRoleBatchSyncOperator

The batch synchronization jobs are executed with this role.

batchSyncItemReader.pageSize1000Operator

The number of entries read at once while executing batch synchronization.

processtracker.enabledtrueOperator

Enable or disable the Process Tracker. Note: Debug logging for de.nexus.projectutils.processtracker has to be enabled. (It is disabled by default.)

You can enable it here and change it on/off without restarting tomcat by changing the log4j2 config. Note: The performance might slightly decrease due to this.

idmInstanceId


Operator

In a multi-node environment, the instance ID is the value that uniquely identifies each Tomcat.

MLTextTranslationProvider.defaultLanguage

enAdmin, OperatorSee Configure language in Smart ID Identity Manager.
multilanguageHelper.localeStringde,en,fr,svAdmin, OperatorSee Configure language in Smart ID Identity Manager.
licenseRestController.permittedRoleAdministratorAdmin, OperatorThe role which is allowed to upload product licenses, either on first login or through the REST API.


Info
titleHTTPS Override Ports

If you use client-auth to log into Identity Manager Operator or Self Service, you need to configure overrides to non-client-auth HTTPS ports here, otherwise the CardSDK trying to download the JPKIEncoder or the JPKIEncoder calling an integrated CA connector will not be able to connect.