Property

Description

Business Application Authorisation Code configuration

Defines configurations related to OAuth authorisation code provided to business applications:

  • BA_OAUTH_CODE_EXPIRY_TIME = 10
    Time interval in minutes to define the expiry time of OAuth2 authorisation code generated for business applications. Default value: 10 minutes.

Business Application Access token configuration

Defines configurations related to access token granted to business applications:

  • BA_OAUTH_ACCESS_TOKEN_EXPIRY_TIME = 60
    Time interval in minutes to define the expiry time of access token for business applications. Default value: 60 minutes (1 Hour).
  • BA_OAUTH_REFRESH_TOKEN_EXPIRY_TIME = 525600
    Time interval in minutes to define the expiry time of refresh token for business applications. Default value: 525600 minutes (1 Year).

Mobile Application Access token Configurations 

Defines configurations related to access token granted to mobile applications:

  • MOBILE_OAUTH_ACCESS_TOKEN_EXPIRY_TIME = 60
    Time interval in minutes to define the expiry time of access token for mobile applications. Default value: 60 minutes (1 Hour).
  • MOBILE_OAUTH_REFRESH_TOKEN_EXPIRY_TIME = 525600
    Time interval in minutes to define the expiry time of refresh token for mobile applications. Default value: 525600 minutes (1 Year).

Authorisation request Configurations

Defines configurations related to authorisation requests:

  • RASDATA_CREDENTIALS_EXPIRY_PERIOD = 86399
    Time period in seconds after which Pending Authorisation Request (ARQ) transactions are deleted. Default value: 86399 (1 Day).
  • EXPIRED_RASTOKEN_DELETION_PERIOD = 21600
    Time period in minutes after which expired access tokens are deleted by RAS Service. Default value: 21600 minutes(15 Days).
  • RAS_REQUEST_EXPIRY_PERIOD = 100
    Time interval in seconds to define the expiry period of authorised pending request. Default value: 100 seconds
  • QR_CODE_EXPIRY = 60
    Time interval in seconds to define the expiry of a QR code. Default value: 60 seconds.

Database Lookup Threshold

It defines the time interval after which the service will look for Signature Activation Data (SAD) in database. The database lookup threshold is defined using the following property:

  • DB_LOOKUP_THRESHOLD = 20

Default value: 20 seconds.

CA capabilities

List of CA Capabilities to be returned in GetCACaps response.

  • CA_CAPABILITIES = POSTPKIOperation\nAES\nSHA-512\nSHA-256\nSHA-1

Storing limited data into the database to minimize the database size

If your database size grows too quickly because a lot of RAS Service transactions are being logged, then the size of log information can be reduced by removing some data columns from the database logs. The following are the attributes which manages the logging of specified column:

  • TRANSACTION_LOG_COLUMNS = ResponseStatus, RequestTime, ResponseTime, Request, Response, UserId, RelyingPartyId, RelyingPartyIp, RelyingPartySslCert, ErrorCode

Rate Limit Configurations for REST APIs

Define configurations for REST APIs related to rate limit:

  • ENABLE_RATE_LIMIT = FALSE
    Enables the rate limit restrictions for all RESTful APIs in this service. Default value is FALSE and possible values are FALSE/TRUE. IF the value is set to TRUE, then, the Server will throw HTTP response code (429). This code indicates that TOO MANY REQUESTS are occuring incase where request count of APIs has exceeded in allowed time interval.
  • RATE_LIMIT_INTERVAL = 1
    Time limit in seconds to apply rate limit in RESTful APIs. The configuration is applicable on each RESTful API seperately. Default value: 1
  • RATE_LIMIT_REQUEST_COUNT = 100
    Number of requests that are acceptable in given time for RESTful APIs. The configuration is applicable on each RESTful API seperately. Default value: 100

Transaction logs settings

Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:

  • TRANSACTION_LOG_MODE = LAZY
    Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER
    In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first.
  • TRANSACTION_LOG_LAZY_INTERVAL = 2
    When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it.
  • TRANSACTION_LOG_LAZY_RECORD_COUNT = 50
    When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.


See also

Signing Service

Verification Service
Certification Service
OCSP Service
OCSP Repeater
TSA Settings
XKMS Service

SCVP Service
LTANS Service
Decryption Service
OCSP Monitor
GoSign Service
RA Service
CRL Monitor
SAM Service
CSP Service
NPKD Service
SPOC Service