Select release
Deployment Tutorials

Configuration Properties

Database Structure

Deploying User Data Store

User Data Store REST API

Migration Instructions

Configuration Properties

Edit on Github Send Feedback v1.3.0

The User Data Store uses the following public configuration properties:

Database Configuration

Property Default Note
spring.datasource.url _empty_ Database JDBC URL
spring.datasource.username _empty_ Database JDBC username
spring.datasource.password _empty_ Database JDBC password
spring.jpa.hibernate.ddl-auto none Configuration of automatic database schema creation
spring.jpa.properties.hibernate.connection.characterEncoding _empty_ Character encoding
spring.jpa.properties.hibernate.connection.useUnicode _empty_ Character encoding - Unicode support

User Data Store Configuration

Property Default Note
user-data-store.db.master.encryption.key _empty_ Master DB encryption key (AES-256, key length of 32 bytes, base64 encoded) to derive server private keys for the encryption of sensitive data in the database. An empty value means no encryption, which is not recommended.

OAuth2.x / OpenID Connect (OIDC)

Instead of basic authentication, you may use OAuth or OpenID Connect (OIDC). User Data Store accepts only JWT, not opaque tokens. Please note that User Data Store works with two roles: READ, and WRITE. So users have to contain the claim roles with a required value in the used token. The name of the role is case-sensitive. (Mind that the role name without the ROLE_ prefix is used, unlike the basic authentication where the authority is inserted in the database table uds_authorities.) The claim name may be changed in the configuration user-data-store.security.auth.oauth2.roles-claim=roles.

Property Default Value Description
user-data-store.security.auth.type BASIC_HTTP BASIC_HTTP for basic HTTP authentication or OAUTH for OpenID Connect. If OAUTH enabled, the properties bellow must be configured.
user-data-store.security.auth.oauth2.roles-claim roles A name of the claim in the JWT that contains the user roles.
spring.security.oauth2.resource-server.jwt.issuer-uri   URL of the provider, e.g. https://sts.windows.net/example/
spring.security.oauth2.resource-server.jwt.audiences   A comma-separated list of allowed aud JWT claim values to be validated.

See the Spring Security documentation and OpenID Connect UserInfo endpoint for details.

Monitoring and Observability

Property Default Note
management.tracing.sampling.probability 1.0 Specifies the proportion of requests that are sampled for tracing. A value of 1.0 means that 100% of requests are sampled, while a value of 0 effectively disables tracing.
Last updated on Sep 11, 2024 (08:38) Edit on Github Send Feedback
On this page:
Search

1.3.x

User Data Store