2020-02-29 07:43:59 +07:00
|
|
|
---
|
|
|
|
layout: default
|
|
|
|
title: Miscellaneous
|
|
|
|
parent: Configuration
|
2021-08-02 18:55:30 +07:00
|
|
|
nav_order: 7
|
2020-02-29 07:43:59 +07:00
|
|
|
---
|
|
|
|
|
|
|
|
# Miscellaneous
|
|
|
|
|
2021-08-02 18:55:30 +07:00
|
|
|
Here are the main customizable options in Authelia that don't fit into their own sections.
|
2021-01-04 17:28:55 +07:00
|
|
|
|
2021-04-11 18:25:03 +07:00
|
|
|
## certificates_directory
|
2021-01-04 17:28:55 +07:00
|
|
|
|
|
|
|
This option defines the location of additional certificates to load into the trust chain specifically for Authelia.
|
|
|
|
This currently affects both the SMTP notifier and the LDAP authentication backend. The certificates should all be in the
|
2021-04-11 18:25:03 +07:00
|
|
|
PEM format and end with the extension `.pem`, `.crt`, or `.cer`. You can either add the individual certificates public
|
|
|
|
key or the CA public key which signed them (don't add the private key).
|
2021-01-04 17:28:55 +07:00
|
|
|
|
2021-04-11 18:25:03 +07:00
|
|
|
```yaml
|
|
|
|
certificates_directory: /config/certs/
|
|
|
|
```
|
2021-01-04 17:28:55 +07:00
|
|
|
|
2021-04-11 18:25:03 +07:00
|
|
|
## jwt_secret
|
|
|
|
<div markdown="1">
|
|
|
|
type: string
|
|
|
|
{: .label .label-config .label-purple }
|
|
|
|
default: ""
|
|
|
|
{: .label .label-config .label-blue }
|
|
|
|
required: yes
|
|
|
|
{: .label .label-config .label-red }
|
|
|
|
</div>
|
2020-02-29 07:43:59 +07:00
|
|
|
|
|
|
|
Defines the secret used to craft JWT tokens leveraged by the identity
|
2020-04-23 08:11:32 +07:00
|
|
|
verification process. This can also be defined using a [secret](./secrets.md).
|
2020-02-29 07:43:59 +07:00
|
|
|
|
2020-04-11 11:46:07 +07:00
|
|
|
```yaml
|
|
|
|
jwt_secret: v3ry_important_s3cr3t
|
|
|
|
```
|
2020-02-29 07:43:59 +07:00
|
|
|
|
2021-04-11 18:25:03 +07:00
|
|
|
## default_redirection_url
|
|
|
|
<div markdown="1">
|
|
|
|
type: string
|
|
|
|
{: .label .label-config .label-purple }
|
|
|
|
default: ""
|
|
|
|
{: .label .label-config .label-blue }
|
|
|
|
required: no
|
|
|
|
{: .label .label-config .label-green }
|
|
|
|
</div>
|
|
|
|
|
|
|
|
The default redirection URL is the URL where users are redirected when Authelia cannot detect the target URL where the
|
|
|
|
user was heading.
|
|
|
|
|
2022-02-17 09:26:17 +07:00
|
|
|
In a normal authentication workflow, a user tries to access a website and they get redirected to the sign-in portal in
|
2021-04-11 18:25:03 +07:00
|
|
|
order to authenticate. Since the user initially targeted a website, the portal knows where the user was heading and
|
2022-02-17 09:26:17 +07:00
|
|
|
can redirect them after the authentication process. However, when a user visits the sign in portal directly, the portal
|
2021-04-11 18:25:03 +07:00
|
|
|
considers the targeted website is the portal. In that case and if the default redirection URL is configured, the user is
|
|
|
|
redirected to that URL. If not defined, the user is not redirected after authentication.
|
2020-02-29 07:43:59 +07:00
|
|
|
|
2021-04-11 18:25:03 +07:00
|
|
|
```yaml
|
|
|
|
default_redirection_url: https://home.example.com:8080/
|
|
|
|
```
|
2022-04-18 06:58:24 +07:00
|
|
|
|
|
|
|
## default_2fa_method
|
|
|
|
<div markdown="1">
|
|
|
|
type: string
|
|
|
|
{: .label .label-config .label-purple }
|
|
|
|
default: ""
|
|
|
|
{: .label .label-config .label-blue }
|
|
|
|
required: no
|
|
|
|
{: .label .label-config .label-green }
|
|
|
|
</div>
|
|
|
|
|
|
|
|
Sets the default second factor method for users. This must be blank or one of the enabled methods. New users will by
|
|
|
|
default have this method selected for them. In addition if this was configured to `webauthn` and a user had the `totp`
|
|
|
|
method, and the `totp` method was disabled in the configuration, the users' method would automatically update to the
|
|
|
|
`webauthn` method.
|
|
|
|
|
|
|
|
Options are:
|
|
|
|
|
|
|
|
- totp
|
|
|
|
- webauthn
|
|
|
|
- mobile_push
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
default_2fa_method: totp
|
|
|
|
```
|