ownCloud
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
Edit page

Service Configuration

Example YAML Config

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Autogenerated
# Filename: idp-config-example.yaml

tracing:
  enabled: false
  type: ""
  endpoint: ""
  collector: ""
log:
  level: ""
  pretty: false
  color: false
  file: ""
debug:
  addr: 127.0.0.1:9134
  token: ""
  pprof: false
  zpages: false
http:
  addr: 127.0.0.1:9130
  root: /
  tls_cert: ~/.ocis/idp/server.crt
  tls_key: ~/.ocis/idp/server.key
  tls: false
reva:
  address: 127.0.0.1:9142
machine_auth_api_key: ""
asset:
  asset: ""
idp:
  iss: https://localhost:9200
  identity_manager: ldap
  uri_base_path: ""
  sign_in_uri: ""
  signed_out_uri: ""
  authorization_endpoint_uri: ""
  end_session_endpoint_uri: ""
  insecure: false
  trusted_proxy: []
  allow_scope: []
  allow_client_guests: false
  allow_dynamic_client_registration: false
  encrypt_secret_file: ""
  listen: ""
  identifier_client_disabled: true
  identifier_scopes_conf: ""
  identifierdefaultbannerlogo: ""
  identifierdefaultsigninpagetext: ""
  identifierdefaultusernamehinttext: ""
  identifieruilocales: []
  signing_kid: ""
  signing_method: PS256
  signing_private_key_files: []
  validation_keys_path: ""
  cookiebackenduri: ""
  cookienames: []
  access_token_duration_seconds: 86400
  id_token_duration_seconds: 3600
  refresh_token_duration_seconds: 94608000
  dynamic_client_secret_duration_seconds: 0
clients:
- id: web
  name: ownCloud Web app
  trusted: true
  secret: ""
  redirect_uris:
  - '{{OCIS_URL}}/'
  - '{{OCIS_URL}}/oidc-callback.html'
  - '{{OCIS_URL}}/oidc-silent-redirect.html'
  origins:
  - '{{OCIS_URL}}'
  application_type: ""
- id: ocis-explorer.js
  name: oCIS Graph Explorer
  trusted: true
  secret: ""
  redirect_uris:
  - '{{OCIS_URL}}/graph-explorer/'
  origins:
  - '{{OCIS_URL}}'
  application_type: ""
- id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
  name: ownCloud desktop app
  trusted: false
  secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh
  redirect_uris:
  - http://127.0.0.1
  - http://localhost
  origins: []
  application_type: native
- id: e4rAsNUSIUs0lF4nbv9FmCeUkTlV9GdgTLDH1b5uie7syb90SzEVrbN7HIpmWJeD
  name: ownCloud Android app
  trusted: false
  secret: dInFYGV33xKzhbRmpqQltYNdfLdJIfJ9L5ISoKhNoT9qZftpdWSP71VrpGR9pmoD
  redirect_uris:
  - oc://android.owncloud.com
  origins: []
  application_type: native
- id: mxd5OQDk6es5LzOzRvidJNfXLUZS2oN3oUFeXPP8LpPrhx3UroJFduGEYIBOxkY1
  name: ownCloud iOS app
  trusted: false
  secret: KFeFWWEZO9TkisIQzR3fo7hfiMXlOpaqP8CFuTbSHzV1TUuGECglPxpiVKJfOXIx
  redirect_uris:
  - oc://ios.owncloud.com
  - oc.ios://ios.owncloud.com
  origins: []
  application_type: native
ldap:
  uri: ldaps://localhost:9235
  cacert: ~/.ocis/idm/ldap.crt
  bind_dn: uid=idp,ou=sysusers,o=libregraph-idm
  bind_password: ""
  base_dn: ou=users,o=libregraph-idm
  scope: sub
  login_attribute: uid
  email_attribute: mail
  name_attribute: displayName
  uuid_attribute: uid
  uuid_attribute_type: text
  filter: ""
  objectclass: inetOrgPerson

Environment Variables

Name Type Default Value Description
IDP_PASSWORD_RESET_URI string The URI where a user can reset their password.
OCIS_TRACING_ENABLED
IDP_TRACING_ENABLED
bool false
OCIS_TRACING_TYPE
IDP_TRACING_TYPE
string
OCIS_TRACING_ENDPOINT
IDP_TRACING_ENDPOINT
string
OCIS_TRACING_COLLECTOR
IDP_TRACING_COLLECTOR
string
OCIS_LOG_LEVEL
IDP_LOG_LEVEL
string
OCIS_LOG_PRETTY
IDP_LOG_PRETTY
bool false
OCIS_LOG_COLOR
IDP_LOG_COLOR
bool false
OCIS_LOG_FILE
IDP_LOG_FILE
string
IDP_DEBUG_ADDR string 127.0.0.1:9134 Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed.
IDP_DEBUG_TOKEN string Token to secure the metrics endpoint
IDP_DEBUG_PPROF bool false Enables pprof, which can be used for profiling
IDP_DEBUG_ZPAGES bool false Enables zpages, which can be used for collecting and viewing traces in-me
IDP_HTTP_ADDR string 127.0.0.1:9130
IDP_HTTP_ROOT string /
IDP_TRANSPORT_TLS_CERT string ~/.ocis/idp/server.crt
IDP_TRANSPORT_TLS_KEY string ~/.ocis/idp/server.key
IDP_TLS bool false
REVA_GATEWAY string 127.0.0.1:9142 CS3 gateway used to authenticate and look up users
OCIS_MACHINE_AUTH_API_KEY
IDP_MACHINE_AUTH_API_KEY
string Machine auth API key used to impersonate users when looking up their userinfo via the ‘cs3’ backend.
IDP_ASSET_PATH string
OCIS_URL
OCIS_OIDC_ISSUER
IDP_ISS
string https://localhost:9200 The OIDC issuer URL to use.
IDP_IDENTITY_MANAGER string ldap The identity manager implementation to use, defaults to ‘ldap’, can be changed to ‘cs3’, ‘kc’, ‘libregraph’, ‘cookie’ or ‘guest’.
IDP_URI_BASE_PATH string
IDP_SIGN_IN_URI string
IDP_SIGN_OUT_URI string
IDP_ENDPOINT_URI string
IDP_ENDSESSION_ENDPOINT_URI string
IDP_INSECURE bool false Allow insecure connections to the backend.
IDP_ALLOW_CLIENT_GUESTS bool false
IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION bool false
IDP_ENCRYPTION_SECRET_FILE string
IDP_DISABLE_IDENTIFIER_WEBAPP bool true
IDP_IDENTIFIER_SCOPES_CONF string
IDP_SIGNING_KID string
IDP_SIGNING_METHOD string PS256
IDP_SIGNING_PRIVATE_KEY_FILES []
IDP_VALIDATION_KEYS_PATH string
IDP_ACCESS_TOKEN_EXPIRATION uint64 86400
IDP_ID_TOKEN_EXPIRATION uint64 3600
IDP_REFRESH_TOKEN_EXPIRATION uint64 94608000
uint64 0
LDAP_URI
IDP_LDAP_URI
string ldaps://localhost:9235
LDAP_CACERT
IDP_LDAP_TLS_CACERT
string ~/.ocis/idm/ldap.crt
LDAP_BIND_DN
IDP_LDAP_BIND_DN
string uid=idp,ou=sysusers,o=libregraph-idm
LDAP_BIND_PASSWORD
IDP_LDAP_BIND_PASSWORD
string
LDAP_USER_BASE_DN
IDP_LDAP_BASE_DN
string ou=users,o=libregraph-idm
LDAP_USER_SCOPE
IDP_LDAP_SCOPE
string sub
IDP_LDAP_LOGIN_ATTRIBUTE string uid
LDAP_USER_SCHEMA_MAIL
IDP_LDAP_EMAIL_ATTRIBUTE
string mail
LDAP_USER_SCHEMA_USERNAME
IDP_LDAP_NAME_ATTRIBUTE
string displayName
LDAP_USER_SCHEMA_ID
IDP_LDAP_UUID_ATTRIBUTE
string uid
IDP_LDAP_UUID_ATTRIBUTE_TYPE string text
LDAP_USER_FILTER
IDP_LDAP_FILTER
string
LDAP_USER_OBJECTCLASS
IDP_LDAP_OBJECTCLASS
string inetOrgPerson