@@ -12,18 +12,53 @@ registration, account recovery, ... screens, please check out the
1212
1313## Configuration
1414
15- This application can be configured using two environment variables:
15+ Below is a list of environment variables required by the Express.js service to
16+ function properly.
1617
17- - ` KRATOS_PUBLIC_URL ` (required): The URL where ORY Kratos's Public API is
18- located at. If this app and ORY Kratos are running in the same private
19- network, this should be the private network address (e.g.
18+ In a local development run of the service using ` npm run start ` , some of these
19+ values will be set by nodemon and is configured by the ` nodemon.json ` file.
20+
21+ When using this UI with an Ory Network project, you can use ` ORY_SDK_URL `
22+ instead of ` KRATOS_PUBLIC_URL ` and ` HYDRA_ADMIN_URL ` .
23+
24+ Ory Identities requires the following variables to be set:
25+
26+ - ` ORY_SDK_URL ` or ` KRATOS_PUBLIC_URL ` (required): The URL where ORY Kratos's
27+ Public API is located at. If this app and ORY Kratos are running in the same
28+ private network, this should be the private network address (e.g.
2029 ` kratos-public.svc.cluster.local ` ).
30+ - ` KRATOS_BROWSER_URL ` (optional) The browser accessible URL where ORY Kratos's
31+ public API is located, only needed if it differs from ` KRATOS_PUBLIC_URL `
32+
33+ Ory OAuth2 requires more setup to get CSRF cookies on the ` /consent ` endpoint.
34+
35+ - ` ORY_SDK_URL ` or ` HYDRA_ADMIN_URL ` (optional): The URL where Ory Hydra's
36+ Public API is located at. If this app and Ory Hydra are running in the same
37+ private network, this should be the private network address (e.g.
38+ ` hydra-admin.svc.cluster.local ` )
39+ - ` COOKIE_SECRET ` (required): Required for signing cookies. Must be a string
40+ with at least 8 alphanumerical characters.
41+ - ` CSRF_COOKIE_NAME ` (required): Change the cookie name to match your domain
42+ using the ` __HOST-example.com-x-csrf-token ` format.
43+ - ` CSRF_COOKIE_SECRET ` (optional): Required for the Consent route to set a CSRF
44+ cookie with a hashed value. The value must be a string with at least 8
45+ alphanumerical characters.
46+ - ` REMEMBER_CONSENT_SESSION_FOR_SECONDS ` (optional): Sets the ` remember_for `
47+ value of the accept consent request in seconds. The default is 3600 seconds.
48+ - ` ORY_ADMIN_API_TOKEN ` (optional): When using with an Ory Network project, you
49+ should add the ` ORY_ADMIN_API_TOKEN ` for OAuth2 Consent flows.
50+ - ` DANGEROUSLY_DISABLE_SECURE_CSRF_COOKIES ` (optional) This environment
51+ variables should only be used in local development when you do not have HTTPS
52+ setup. This sets the CSRF cookies to ` secure: false ` , required for running
53+ locally. When using this setting, you must also set ` CSRF_COOKIE_NAME ` to a
54+ name without the ` __Host- ` prefix.
55+
56+ Getting TLS working:
57+
2158- ` TLS_CERT_PATH ` (optional): Path to certificate file. Should be set up
2259 together with ` TLS_KEY_PATH ` to enable HTTPS.
2360- ` TLS_KEY_PATH ` (optional): Path to key file Should be set up together with
2461 ` TLS_CERT_PATH ` to enable HTTPS.
25- - ` KRATOS_BROWSER_URL ` (optional) The browser accessible URL where ORY Kratos's
26- public API is located, only needed if it differs from ` KRATOS_PUBLIC_URL `
2762
2863This is the easiest mode as it requires no additional set up. This app runs on
2964port ` :4455 ` and ORY Kratos ` KRATOS_PUBLIC_URL ` URL.
@@ -54,9 +89,12 @@ recommended.
5489To run this app with dummy data and no real connection to ORY Kratos, use:
5590
5691``` shell script
57- $ NODE_ENV=stub npm start
92+ NODE_ENV=stub npm start
5893```
5994
95+ If you would like to also generate fake data for the ` id_token ` , please set the
96+ environment varialbe ` export CONFORMITY_FAKE_CLAIMS=1 `
97+
6098### Test with ORY Kratos
6199
62100The easiest way to test this app with a local installation of ORY Kratos is to
0 commit comments