Service Configurations Summary#

The following combines ESS’ configuration options and their default value (if any) in a single table.

For details of the configuration options, see the individual services pages.

Service

Configuration

Default

Access Grant

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Access Grant

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Access Grant

INRUPT_AUTHZ_AS_URI

Access Grant

INRUPT_JSONLD_CACHE_HOURS

6

Access Grant

INRUPT_JSONLD_CACHE_SIZE

100

Access Grant

INRUPT_JSONLD_CONTEXT_ALLOW_LIST

https://vc.{ESS DOMAIN}/credentials/v1

Access Grant

INRUPT_JSONLD_CONTEXT_DENY_LIST

Access Grant

INRUPT_JSONLD_HTTP_MAX_REDIRECTS

10

Access Grant

INRUPT_JSONLD_HTTP_TIMEOUT

10

Access Grant

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

Access Grant

INRUPT_JWT_AUTHORIZATION_SERVER_ISSUER

Access Grant

INRUPT_JWT_AUTHORIZATION_SERVER_JWKS

Access Grant

INRUPT_JWT_ISSUER_ALLOW_LIST

Access Grant

INRUPT_JWT_ISSUER_DENY_LIST

Access Grant

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Access Grant

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Access Grant

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.encrypt.key.id,smallrye.jwt.encrypt.key.location

Access Grant

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.vc.sign.key-seed,inrupt.kafka

Access Grant

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Access Grant

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Access Grant

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Access Grant

INRUPT_LOGGING_REDACTION_NAME_FIELD

Access Grant

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Access Grant

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Access Grant

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Access Grant

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Access Grant

INRUPT_LOGGING_REQUEST_METADATA_DENY

Access Grant

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Access Grant

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Access Grant

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Access Grant

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Access Grant

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Access Grant

INRUPT_VC_CLIENT_ID_ALLOW_LIST_SOLIDACCESSGRANT

Access Grant

INRUPT_VC_CLIENT_ID_ALLOW_LIST_SOLIDACCESSREQUEST

Any

Access Grant

INRUPT_VC_ISSUER

https://vc.<ESS DOMAIN>

Access Grant

INRUPT_VC_ISSUER_DESCRIPTION

Access Grant

INRUPT_VC_ISSUER_NAME

Access Grant

INRUPT_VC_ISSUER_TOS

Access Grant

INRUPT_VC_MAX_DURATION

P365D (Starting in 2.2)

Access Grant

INRUPT_VC_MONGODB_DATABASE

vc

Access Grant

INRUPT_VC_QUERY_AGENT_PATHS

/credentialSubject/providedConsent/isProvidedTo,/credentialSubject/providedConsent/isProvidedToPerson,/credentialSubject/providedConsent/isProvidedToController

Access Grant

INRUPT_VC_QUERY_PROPERTY_LIMIT

16

Access Grant

INRUPT_VC_STATUS_LIST_ID_LENGTH

4

Access Grant

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Access Grant

QUARKUS_DATASOURCE_JDBC_URL

Access Grant

QUARKUS_DATASOURCE_PASSWORD

Access Grant

QUARKUS_DATASOURCE_USERNAME

Access Grant

QUARKUS_LOG_LEVEL

INFO

Access Grant

QUARKUS_MONGODB_CONNECTION_STRING

Auditing

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Auditing

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Auditing

INRUPT_AUDIT_SENTINEL_API_VERSION

Auditing

INRUPT_AUDIT_SENTINEL_LOG_TYPE

Audit

Auditing

INRUPT_AUDIT_SENTINEL_SHARED_KEY

Auditing

INRUPT_AUDIT_SENTINEL_WORKSPACE_ID

Auditing

INRUPT_AUDIT_SYSLOG_HOST

localhost

Auditing

INRUPT_AUDIT_SYSLOG_PORT

514

Auditing

INRUPT_AUDIT_SYSLOG_PROTOCOL

SSL_TCP

Auditing

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Auditing

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Auditing

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Auditing

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Auditing

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Auditing

INRUPT_LOGGING_REDACTION_NAME_FIELD

Auditing

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Auditing

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Auditing

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Auditing

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Auditing

INRUPT_LOGGING_REQUEST_METADATA_DENY

Auditing

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Auditing

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Auditing

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Auditing

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Auditing

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Auditing

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Auditing

QUARKUS_HTTP_PORT

8080

Auditing

QUARKUS_LOG_LEVEL

INFO

Auditing

QUARKUS_REST_CLIENT_SENTINEL_API_URL

Authorization

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Authorization

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Authorization

INRUPT_AUTHORIZATION_BASE_URL

Authorization

INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST

https://podbrowser.inrupt.com/api/app

Authorization

INRUPT_AUTHORIZATION_DEFAULT_ACR_ACCESS_GRANTS_ALLOWED_MODES

read,write,append

Authorization

INRUPT_AUTHORIZATION_DEFAULT_ACR_CLIENT_ID_ALLOW_LIST

Authorization

INRUPT_AUTHORIZATION_MAX_POD_COUNT

10

Authorization

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

Authorization

INRUPT_JWT_ISSUER_ALLOW_LIST

Authorization

INRUPT_JWT_ISSUER_DENY_LIST

Authorization

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Authorization

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Authorization

INRUPT_KAFKA_SOLIDACCESSCONTROLRESOURCE_CIPHER_PASSWORD

Authorization

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,mp.messaging

Authorization

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

Authorization

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Authorization

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Authorization

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Authorization

INRUPT_LOGGING_REDACTION_NAME_FIELD

Authorization

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Authorization

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Authorization

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Authorization

INRUPT_LOGGING_REQUEST_METADATA_DENY

Authorization

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Authorization

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Authorization

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Authorization

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Authorization

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Authorization

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Authorization

MP_MESSAGING_OUTGOING_SOLIDACCESSCONTROLRESOURCE_VALUE_SERIALIZER

org.apache.kafka.common.serialization.StringSerializer

Authorization

QUARKUS_GRPC_SERVER_PORT

Authorization

QUARKUS_GRPC_SERVER_SSL_CERTIFICATE

Authorization

QUARKUS_GRPC_SERVER_SSL_KEY

Authorization

QUARKUS_GRPC_SERVER_SSL_TRUST_STORE

Authorization

QUARKUS_GRPC_SERVER_SSL_TRUST_STORE_PASSWORD

Authorization

QUARKUS_LOG_LEVEL

INFO

Notification Gateway

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Notification Gateway

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Notification Gateway

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.sign.key.location

Notification Gateway

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_FIELD

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Notification Gateway

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Notification Gateway

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Notification Gateway

INRUPT_LOGGING_REQUEST_METADATA_DENY

Notification Gateway

INRUPT_NOTIFICATION_PROTOCOLS_WS_ENDPOINT

Notification Gateway

INRUPT_NOTIFICATION_WS_ENDPOINT

Notification Gateway

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Notification Gateway

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Notification Gateway

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Notification Gateway

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Notification Gateway

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

OpenID Provider

COM_INRUPT_OPENID_CDI_DEFAULTCLIENTRESOLVERSERVICE_FETCHREMOTECLIENT_TIMEOUT_UNIT

SECONDS

OpenID Provider

COM_INRUPT_OPENID_CDI_DEFAULTCLIENTRESOLVERSERVICE_FETCHREMOTECLIENT_TIMEOUT_VALUE

10

OpenID Provider

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

OpenID Provider

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

OpenID Provider

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

OpenID Provider

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

OpenID Provider

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.sign.key.location,smallrye.jwt.token.schemes,smallrye.jwt.new-token.lifespan,quarkus.oidc.logout.path,quarkus.oidc.auth-server-url

OpenID Provider

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_FIELD

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_LEVEL

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_PATTERN

OpenID Provider

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

OpenID Provider

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

OpenID Provider

INRUPT_LOGGING_REQUEST_METADATA_DENY

OpenID Provider

INRUPT_OPENID_ACCESS_TOKEN_SUB

false

OpenID Provider

INRUPT_OPENID_APPROVAL_TEMPLATE_LOCATION

OpenID Provider

INRUPT_OPENID_CATALOG_DISABLED

OpenID Provider

INRUPT_OPENID_CLIENT_DOMAIN_ALLOWLIST

OpenID Provider

INRUPT_OPENID_CLIENT_DOMAIN_DENYLIST

OpenID Provider

INRUPT_OPENID_CUSTOM_CLAIMS

OpenID Provider

INRUPT_OPENID_ISSUER

OpenID Provider

INRUPT_OPENID_JWT_ALTERNATIVE_PUBLIC_KEY_LOCATIONS

OpenID Provider

INRUPT_OPENID_LOGOUT_URL

OpenID Provider

INRUPT_OPENID_SCHEDULED_TASKS

300s (every 300 seconds)

OpenID Provider

INRUPT_OPENID_SCOPES

OpenID Provider

INRUPT_OPENID_USER_CLAIM_NAME

OpenID Provider

INRUPT_OPENID_WEBHOOK_POST_CONSENT_AUTH

OpenID Provider

INRUPT_OPENID_WEBHOOK_POST_CONSENT_URL

OpenID Provider

INRUPT_OPENID_WEBID_FRAGMENT

OpenID Provider

INRUPT_OPENID_WEBID_HOST

OpenID Provider

INRUPT_OPENID_WEBID_PATH

OpenID Provider

INRUPT_OPENID_WEBID_REENCODE_BASE64

false

OpenID Provider

INRUPT_OPENID_WEBID_SUBJECT_PREFIX

OpenID Provider

INRUPT_OPENID_WEBID_TRIM_BASE64_PADDING

false

OpenID Provider

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

OpenID Provider

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

OpenID Provider

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

OpenID Provider

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

OpenID Provider

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

OpenID Provider

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

OpenID Provider

MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS

localhost:9092

OpenID Provider

QUARKUS_DATASOURCE_JDBC_URL

OpenID Provider

QUARKUS_DATASOURCE_PASSWORD

OpenID Provider

QUARKUS_DATASOURCE_USERNAME

OpenID Provider

QUARKUS_LOG_LEVEL

INFO

OpenID Provider

QUARKUS_OIDC_AUTHENTICATION_SCOPES

OpenID Provider

QUARKUS_OIDC_AUTH_SERVER_URL

OpenID Provider

QUARKUS_OIDC_CLIENT_ID

OpenID Provider

QUARKUS_OIDC_CREDENTIALS_SECRET

OpenID Provider

QUARKUS_OIDC_LOGOUT_PATH

OpenID Provider

QUARKUS_OIDC_LOGOUT_POST_LOGOUT_PATH

OpenID Provider

SMALLRYE_JWT_NEW_TOKEN_LIFESPAN

300

OpenID Provider

SMALLRYE_JWT_SIGN_KEY_LOCATION

Pod Provision

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Pod Provision

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Pod Provision

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

Pod Provision

INRUPT_JWT_ISSUER_ALLOW_LIST

Pod Provision

INRUPT_JWT_ISSUER_DENY_LIST

Pod Provision

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Pod Provision

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Pod Provision

INRUPT_KAFKA_SOLIDRESOURCE_CIPHER_PASSWORD

Pod Provision

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.expiration.grace,mp.jwt.verify.clock.skew,smallrye.jwt.always-check-authorization,smallrye.jwt.token.decryption.kid,smallrye.jwt.token.schemes,smallrye.jwt.require.named-principal,smallrye.jwt.time-to-live,smallrye.jwt.jwks.refresh-interval,smallrye.jwt.jwks.forced-refresh-interval,smallrye.jwt.required.claims,mp.jwt.verify.audiences

Pod Provision

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_FIELD

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Pod Provision

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Pod Provision

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Pod Provision

INRUPT_LOGGING_REQUEST_METADATA_DENY

Pod Provision

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Pod Provision

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Pod Provision

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Pod Provision

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Pod Provision

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Pod Provision

INRUPT_STORAGE_HTTP_BASE_URL

Pod Provision

INRUPT_STORAGE_MAX_PODS_PER_OWNER

10

Pod Provision

INRUPT_STORAGE_S3_BUCKET_NAME

inrupt.ess.storage

Pod Provision

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Pod Provision

MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS

localhost:9092

Pod Provision

MP_MESSAGING_OUTGOING_SOLIDRESOURCE_BOOTSTRAP_SERVERS

localhost:9092

Pod Provision

MP_MESSAGING_OUTGOING_SOLIDRESOURCE_VALUE_SERIALIZER

org.apache.kafka.common.serialization.StringSerializer

Pod Provision

QUARKUS_LOG_LEVEL

INFO

Pod Provision

QUARKUS_OPENTELEMETRY_TRACER_EXPORTER_OTLP_ENABLED

false

Pod Provision

QUARKUS_OPENTELEMETRY_TRACER_EXPORTER_OTLP_ENDPOINT

Pod Provision

QUARKUS_S3_AWS_CREDENTIALS_STATIC_PROVIDER_ACCESS_KEY_ID

Pod Provision

QUARKUS_S3_AWS_CREDENTIALS_STATIC_PROVIDER_SECRET_ACCESS_KEY

Pod Provision

QUARKUS_S3_AWS_REGION

Pod Provision

QUARKUS_S3_ENDPOINT_OVERRIDE

Pod Storage

COM_INRUPT_STORAGE_METADATA_JDBC_CONNECTIONLIMITER_OPENCONNECTION_TIMEOUT_VALUE

5000

Pod Storage

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Pod Storage

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Pod Storage

INRUPT_AUTHORIZATION_CLIENT_ID_ALLOW_LIST

https://podbrowser.inrupt.com/api/app

Pod Storage

INRUPT_AUTHZ_AS_URI

Pod Storage

INRUPT_AUTHZ_UMA_ANONYMOUS_ENABLED

false

Pod Storage

INRUPT_AUTHZ_UMA_OIDC_ENABLED

false

Pod Storage

INRUPT_JSONLD_CONTEXT_ALLOW_LIST

Pod Storage

INRUPT_JSONLD_CONTEXT_DENY_LIST

Pod Storage

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

Pod Storage

INRUPT_JWT_AUTHORIZATION_SERVER_ISSUER

Pod Storage

INRUPT_JWT_AUTHORIZATION_SERVER_JWKS

Pod Storage

INRUPT_JWT_ISSUER_ALLOW_LIST

Pod Storage

INRUPT_JWT_ISSUER_DENY_LIST

Pod Storage

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Pod Storage

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Pod Storage

INRUPT_KAFKA_SOLIDRESOURCE_CIPHER_PASSWORD

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,quarkus.s3.aws.region

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,quarkus.s3.aws.region

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.expiration.grace,mp.jwt.verify.clock.skew,smallrye.jwt.always-check-authorization,smallrye.jwt.token.decryption.kid,smallrye.jwt.token.schemes,smallrye.jwt.require.named-principal,smallrye.jwt.time-to-live,smallrye.jwt.jwks.refresh-interval,smallrye.jwt.jwks.forced-refresh-interval,smallrye.jwt.required.claims,mp.jwt.verify.audiences

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

Pod Storage

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_FIELD

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Pod Storage

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Pod Storage

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Pod Storage

INRUPT_LOGGING_REQUEST_METADATA_DENY

Pod Storage

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Pod Storage

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Pod Storage

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Pod Storage

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Pod Storage

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Pod Storage

INRUPT_STORAGE_AUDIT_RESOURCE_READ_ENABLED

false

Pod Storage

INRUPT_STORAGE_HTTP_BASE_URL

Pod Storage

INRUPT_STORAGE_HTTP_CACHE_CONTROL_MAX_AGE

0

Pod Storage

INRUPT_STORAGE_PRUNE_ORPHAN_BATCH_SIZE

Pod Storage

INRUPT_STORAGE_PRUNE_PRUNABLE_BATCH_SIZE

Pod Storage

INRUPT_STORAGE_PRUNE_RETENTION_WINDOW

Pod Storage

INRUPT_STORAGE_S3_BUCKET_NAME

inrupt.ess.storage

Pod Storage

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Pod Storage

MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS

localhost:9092

Pod Storage

MP_MESSAGING_OUTGOING_SOLIDRESOURCE_BOOTSTRAP_SERVERS

localhost:9092

Pod Storage

MP_MESSAGING_OUTGOING_SOLIDRESOURCE_VALUE_SERIALIZER

org.apache.kafka.common.serialization.StringSerializer

Pod Storage

QUARKUS_LOG_LEVEL

INFO

Pod Storage

QUARKUS_OPENTELEMETRY_TRACER_EXPORTER_OTLP_ENABLED

false

Pod Storage

QUARKUS_OPENTELEMETRY_TRACER_EXPORTER_OTLP_ENDPOINT

Pod Storage

QUARKUS_S3_AWS_CREDENTIALS_STATIC_PROVIDER_ACCESS_KEY_ID

Pod Storage

QUARKUS_S3_AWS_CREDENTIALS_STATIC_PROVIDER_SECRET_ACCESS_KEY

Pod Storage

QUARKUS_S3_AWS_REGION

Pod Storage

QUARKUS_S3_ENDPOINT_OVERRIDE

Pod Storage

SMALLRYE_JWT_ENCRYPT_KEY_ID

Pod Storage

SMALLRYE_JWT_ENCRYPT_KEY_LOCATION

Query

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Query

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Query

INRUPT_AUTHZ_AS_URI

Query

INRUPT_FRAGMENTS_PAGE_SIZE

10

Query

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

Query

INRUPT_JWT_AUTHORIZATION_SERVER_ISSUER

Query

INRUPT_JWT_AUTHORIZATION_SERVER_JWKS

Query

INRUPT_JWT_ISSUER_ALLOW_LIST

Query

INRUPT_JWT_ISSUER_DENY_LIST

Query

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

Query

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

Query

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.expiration.grace,mp.jwt.verify.clock.skew,smallrye.jwt.always-check-authorization,smallrye.jwt.token.decryption.kid,smallrye.jwt.token.schemes,smallrye.jwt.require.named-principal,smallrye.jwt.time-to-live,smallrye.jwt.jwks.refresh-interval,smallrye.jwt.jwks.forced-refresh-interval,smallrye.jwt.required.claims,mp.jwt.verify.audiences

Query

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

Query

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Query

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Query

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Query

INRUPT_LOGGING_REDACTION_NAME_FIELD

Query

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Query

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Query

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Query

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Query

INRUPT_LOGGING_REQUEST_METADATA_DENY

Query

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Query

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Query

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Query

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Query

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Query

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

Query

QUARKUS_LOG_LEVEL

INFO

Query Indexer

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Query Indexer

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Query Indexer

INRUPT_AUTHZ_AS_URI

Query Indexer

INRUPT_FRAGMENTS_INGEST_IGNORE_ERRORS

false

Query Indexer

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.encrypt.key.id,smallrye.jwt.encrypt.key.location,smallrye.jwt.sign.key.location,quarkus.mongodb.database

Query Indexer

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_FIELD

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Query Indexer

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Query Indexer

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Query Indexer

INRUPT_LOGGING_REQUEST_METADATA_DENY

Query Indexer

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Query Indexer

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Query Indexer

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Query Indexer

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Query Indexer

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Start

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

Start

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

Start

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,quarkus.oidc.auth-server-url

Start

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

Start

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

Start

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

Start

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

Start

INRUPT_LOGGING_REDACTION_NAME_FIELD

Start

INRUPT_LOGGING_REDACTION_NAME_LEVEL

Start

INRUPT_LOGGING_REDACTION_NAME_PATTERN

Start

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

Start

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

Start

INRUPT_LOGGING_REQUEST_METADATA_DENY

Start

INRUPT_PROVISION_HTTP_BASE_URL

Start

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

Start

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

Start

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

Start

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

Start

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

Start

INRUPT_WEBID_HTTP_BASE_URL

Start

QUARKUS_LOG_LEVEL

INFO

Start

QUARKUS_OIDC_AUTH_SERVER_URL

Start

QUARKUS_OIDC_CLIENT_ID

https://start.{ESS DOMAIN}/app/id

UMA

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

UMA

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

UMA

INRUPT_JSONLD_CONTEXT_ALLOW_LIST

https://vc.{ESS DOMAIN}/credentials/v1

UMA

INRUPT_JSONLD_CONTEXT_DENY_LIST

UMA

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

UMA

INRUPT_JWT_ISSUER_ALLOW_LIST

UMA

INRUPT_JWT_ISSUER_DENY_LIST

UMA

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

UMA

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

UMA

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.expiration.grace,mp.jwt.verify.clock.skew,smallrye.jwt.always-check-authorization,smallrye.jwt.token.decryption.kid,smallrye.jwt.token.schemes,smallrye.jwt.require.named-principal,smallrye.jwt.time-to-live,smallrye.jwt.jwks.refresh-interval,smallrye.jwt.jwks.forced-refresh-interval,smallrye.jwt.required.claims,mp.jwt.verify.audiences

UMA

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

UMA

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

UMA

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

UMA

INRUPT_LOGGING_REDACTION_NAME_FIELD

UMA

INRUPT_LOGGING_REDACTION_NAME_LEVEL

UMA

INRUPT_LOGGING_REDACTION_NAME_PATTERN

UMA

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

UMA

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

UMA

INRUPT_LOGGING_REQUEST_METADATA_DENY

UMA

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

UMA

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

UMA

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

UMA

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

UMA

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

UMA

INRUPT_UMA_DPOP_ALGORITHMS

ES256, RS256

UMA

INRUPT_UMA_ISSUER

UMA

INRUPT_UMA_VC_ISSUER_ALLOW_LIST

https://vc.{ESS_DOMAIN}

UMA

INRUPT_UMA_VC_REVOCATION_LIST_CREDENTIAL_ALLOW_LIST

unset

UMA

INRUPT_UMA_VC_VERIFICATION_METHOD_ALLOW_LIST

unset

UMA

INRUPT_UMA_VC_VERIFIER

UMA

INRUPT_VC_ISSUER

UMA

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

UMA

QUARKUS_GRPC_CLIENTS_AUTHZ_HOST

UMA

QUARKUS_GRPC_CLIENTS_AUTHZ_PORT

UMA

QUARKUS_LOG_LEVEL

INFO

UMA

SMALLRYE_JWT_NEW_TOKEN_LIFESPAN

300

UMA

SMALLRYE_JWT_SIGN_KEY_LOCATION

WebID

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

WebID

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

WebID

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

WebID

INRUPT_JWT_ISSUER_ALLOW_LIST

WebID

INRUPT_JWT_ISSUER_DENY_LIST

WebID

INRUPT_KAFKA_AUDITV1EVENTSENCRYPTED_CIPHER_PASSWORD

WebID

INRUPT_KAFKA_AUDITV1EVENTSPRODUCERENCRYPTED_CIPHER_PASSWORD

WebID

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.expiration.grace,mp.jwt.verify.clock.skew,smallrye.jwt.always-check-authorization,smallrye.jwt.token.decryption.kid,smallrye.jwt.token.schemes,smallrye.jwt.require.named-principal,smallrye.jwt.time-to-live,smallrye.jwt.jwks.refresh-interval,smallrye.jwt.jwks.forced-refresh-interval,smallrye.jwt.required.claims,mp.jwt.verify.audiences

WebID

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

WebID

INRUPT_LOGGING_REDACTION_NAME_ACTION

REPLACE

WebID

INRUPT_LOGGING_REDACTION_NAME_ENABLED

true

WebID

INRUPT_LOGGING_REDACTION_NAME_EXCEPTION

WebID

INRUPT_LOGGING_REDACTION_NAME_FIELD

WebID

INRUPT_LOGGING_REDACTION_NAME_LEVEL

WebID

INRUPT_LOGGING_REDACTION_NAME_PATTERN

WebID

INRUPT_LOGGING_REDACTION_NAME_REPLACEMENT

WebID

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

WebID

INRUPT_LOGGING_REQUEST_METADATA_DENY

WebID

INRUPT_PROVISION_HTTP_BASE_URL

WebID

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

WebID

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

WebID

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

WebID

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

WebID

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

WebID

INRUPT_START_CLIENT_ID

https://start.{ESS_DOMAIN}/app/id

WebID

INRUPT_WEBID_ALLOWED_CLIENT_IDS

INRUPT_START_CLIENT_ID, INRUPT_WEBID_CLIENT_ID

WebID

INRUPT_WEBID_CLIENT_CONTACTS

WebID

INRUPT_WEBID_CLIENT_ID

https://id.{ESS_DOMAIN}/app/id

WebID

INRUPT_WEBID_CLIENT_LOGO_URI

https://{ESS DOMAIN}/logo.png

WebID

INRUPT_WEBID_CLIENT_NAME

Inrupt WebID Manager

WebID

INRUPT_WEBID_CLIENT_TOS_URI

WebID

INRUPT_WEBID_ISSUER

https://openid.{ESS DOMAIN}

WebID

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

WebID

QUARKUS_DATASOURCE_JDBC_URL

WebID

QUARKUS_DATASOURCE_PASSWORD

WebID

QUARKUS_DATASOURCE_USERNAME

WebID

QUARKUS_LOG_LEVEL

INFO

WebSocket

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW

WebSocket

INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_DENY

WebSocket

INRUPT_JWT_ALLOWED_SIGNATURE_ALGORITHMS

ES256, RS256

WebSocket

INRUPT_JWT_ISSUER_ALLOW_LIST

WebSocket

INRUPT_JWT_ISSUER_DENY_LIST

WebSocket

INRUPT_KAFKA_SOLIDRESOURCE_CIPHER_PASSWORD

WebSocket

INRUPT_LOGGING_CONFIGURATION_PREFIX_ALLOW

inrupt,smallrye.jwt.sign.key.location

WebSocket

INRUPT_LOGGING_CONFIGURATION_PREFIX_DENY

inrupt.kafka

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_ACTION

REPLACE

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_ENABLED

true

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_EXCEPTION

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_FIELD

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_LEVEL

DEBUG

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_PATTERN

WebSocket

INRUPT_LOGGING_REDACTION_{NAME}_REPLACEMENT

[REDACTED]

WebSocket

INRUPT_LOGGING_REQUEST_METADATA_ALLOW

WebSocket

INRUPT_LOGGING_REQUEST_METADATA_DENY

WebSocket

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW

WebSocket

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_DENY

WebSocket

INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES

WebSocket

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW

WebSocket

INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_DENY

WebSocket

INRUPT_WEBSOCKET_BASE_URI

WebSocket

KAFKA_BOOTSTRAP_SERVERS

localhost:9092

WebSocket

MP_MESSAGING_INCOMING_SOLIDRESOURCE_SSL_TRUSTSTORE_LOCATION

WebSocket

MP_MESSAGING_INCOMING_SOLIDRESOURCE_SSL_TRUSTSTORE_PASSWORD

WebSocket

MP_MESSAGING_INCOMING_SOLIDRESOURCE_VALUE_DESERIALIZER

org.apache.kafka.common.serialization.StringDeserializer

WebSocket

MP_MESSAGING_OUTGOING_AUDITV1OUT_BOOTSTRAP_SERVERS

localhost:9092

WebSocket

QUARKUS_GRPC_CLIENTS_AUTHZ_HOST

WebSocket

QUARKUS_LOG_LEVEL

INFO

WebSocket

SMALLRYE_JWT_SIGN_KEY_LOCATION