Property
|
Description
|
OTP Configurations
|
Defines configurations related to OTP generated by the ADSS CSP Service::
- CSP_OTP_EXPIRY_TIME = 900
Time interval in seconds to define the expiry time of email OTP sent to user. Default value: 900
- CSP_OTP_LENGTH = 6
Number of digits to define the total length of email OTP. Possible values: 4,6 and 9. Default value: 9.
|
OAuth2 Access Token Configurations
|
Defines configurations related to OAuth2 Access Tokens generated by the ADSS CSP Service:
- CLIENT_APP_OAUTH_ACCESS_TOKEN_EXPIRY_TIME = 60
Time interval in minutes to define the expiry time of access token sent to user. Default value: 60 minutes (1 Hour)
- CLIENT_APP_OAUTH_REFRESH_TOKEN_EXPIRY_TIME = 525600
Time interval in minutes to define the expiry time of refresh token sent to user. Default value: 525600 minutes (1 Year)
- EXPIRED_CSPTOKEN_DELETION_PERIOD = 21600
Time period in minutes after which expired access tokens are deleted by ADSS Core. Default value: 21600 (15 Days)
|
User authentication retries limit
|
This property is used to define the number of authentication attempts allowed on a user account for user password. Default value: 5
- CSP_USER_AUTH_RETRIES_LIMIT = 5
|
User block period
|
Time interval in seconds for which a user will be blocked by the CSP Service after its login retries limit reaches. Default value: 100
- CSP_USER_BLOCK_PERIOD = 100
|
Enable V1 API's
|
Enable the CSP V1 API's. Default value: False. Possible values are TRUE and FASLSE.
|
Storing limited data into the database to minimize the database size
|
If your database size grows too quickly because a lot of CSP Service transactions are being logged, then the size of log information can be reduced by removing some data columns from the database logs. The following are the attributes which manages the logging of specified column:
- TRANSACTION_LOG_COLUMNS = ResponseStatus, RequestTime, ResponseTime, Request, Response, UserId, RelyingPartyId, RelyingPartyIp, RelyingPartySslCert, ErrorCode
|
Transaction logs settings
|
Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:
- TRANSACTION_LOG_MODE = LAZY
Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first.
- TRANSACTION_LOG_LAZY_INTERVAL = 2
When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it.
- TRANSACTION_LOG_LAZY_RECORD_COUNT = 50
When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.
|
See also
Signing Service
Verification Service
Certification Service
OCSP Service
OCSP Repeater
TSA Settings
XKMS Service
SCVP Service
LTANS Service
Decryption Service
OCSP Monitor
GoSign Service
RA Service
CRL Monitor
RAS Service
SAM Service
NPKD Service
SPOC Service