authgear.yaml

The app configuration authgear.yaml

This is the main configuration file affecting every aspect of Authgear.

JSON Schema

The configuration file is validated against the following JSON Schema:

{
  "$defs": {
    "AccessControlLevelString": {
      "enum": [
        "hidden",
        "readonly",
        "readwrite"
      ],
      "type": "string"
    },
    "AccountDeletionConfig": {
      "additionalProperties": false,
      "properties": {
        "grace_period_days": {
          "$ref": "#/$defs/DurationDays",
          "maximum": 180,
          "minimum": 1
        },
        "scheduled_by_end_user_enabled": {
          "type": "boolean"
        }
      },
      "type": "object"
    },
    "AppConfig": {
      "additionalProperties": false,
      "properties": {
        "account_deletion": {
          "$ref": "#/$defs/AccountDeletionConfig"
        },
        "authentication": {
          "$ref": "#/$defs/AuthenticationConfig"
        },
        "authenticator": {
          "$ref": "#/$defs/AuthenticatorConfig"
        },
        "forgot_password": {
          "$ref": "#/$defs/ForgotPasswordConfig"
        },
        "google_tag_manager": {
          "$ref": "#/$defs/GoogleTagManagerConfig"
        },
        "hook": {
          "$ref": "#/$defs/HookConfig"
        },
        "http": {
          "$ref": "#/$defs/HTTPConfig"
        },
        "id": {
          "type": "string"
        },
        "identity": {
          "$ref": "#/$defs/IdentityConfig"
        },
        "localization": {
          "$ref": "#/$defs/LocalizationConfig"
        },
        "messaging": {
          "$ref": "#/$defs/MessagingConfig"
        },
        "oauth": {
          "$ref": "#/$defs/OAuthConfig"
        },
        "session": {
          "$ref": "#/$defs/SessionConfig"
        },
        "ui": {
          "$ref": "#/$defs/UIConfig"
        },
        "user_profile": {
          "$ref": "#/$defs/UserProfileConfig"
        },
        "verification": {
          "$ref": "#/$defs/VerificationConfig"
        },
        "welcome_message": {
          "$ref": "#/$defs/WelcomeMessageConfig"
        }
      },
      "required": [
        "id",
        "http"
      ],
      "type": "object"
    },
    "AuthenticationConfig": {
      "additionalProperties": false,
      "properties": {
        "device_token": {
          "$ref": "#/$defs/DeviceTokenConfig"
        },
        "identities": {
          "items": {
            "$ref": "#/$defs/IdentityType"
          },
          "type": "array",
          "uniqueItems": true
        },
        "primary_authenticators": {
          "items": {
            "$ref": "#/$defs/PrimaryAuthenticatorType"
          },
          "type": "array",
          "uniqueItems": true
        },
        "public_signup_disabled": {
          "type": "boolean"
        },
        "recovery_code": {
          "$ref": "#/$defs/RecoveryCodeConfig"
        },
        "secondary_authentication_mode": {
          "$ref": "#/$defs/SecondaryAuthenticationMode"
        },
        "secondary_authenticators": {
          "items": {
            "$ref": "#/$defs/SecondaryAuthenticatorType"
          },
          "type": "array",
          "uniqueItems": true
        }
      },
      "type": "object"
    },
    "AuthenticatorConfig": {
      "additionalProperties": false,
      "properties": {
        "oob_otp": {
          "$ref": "#/$defs/AuthenticatorOOBConfig"
        },
        "password": {
          "$ref": "#/$defs/AuthenticatorPasswordConfig"
        },
        "totp": {
          "$ref": "#/$defs/AuthenticatorTOTPConfig"
        }
      },
      "type": "object"
    },
    "AuthenticatorOOBConfig": {
      "additionalProperties": false,
      "properties": {
        "email": {
          "$ref": "#/$defs/AuthenticatorOOBEmailConfig"
        },
        "sms": {
          "$ref": "#/$defs/AuthenticatorOOBSMSConfig"
        }
      },
      "type": "object"
    },
    "AuthenticatorOOBEmailConfig": {
      "additionalProperties": false,
      "properties": {
        "maximum": {
          "type": "integer"
        }
      },
      "type": "object"
    },
    "AuthenticatorOOBSMSConfig": {
      "additionalProperties": false,
      "properties": {
        "maximum": {
          "type": "integer"
        }
      },
      "type": "object"
    },
    "AuthenticatorPasswordConfig": {
      "additionalProperties": false,
      "properties": {
        "force_change": {
          "type": "boolean"
        },
        "policy": {
          "$ref": "#/$defs/PasswordPolicyConfig"
        }
      },
      "type": "object"
    },
    "AuthenticatorTOTPConfig": {
      "additionalProperties": false,
      "properties": {
        "maximum": {
          "type": "integer"
        }
      },
      "type": "object"
    },
    "BiometricConfig": {
      "additionalProperties": false,
      "properties": {
        "list_enabled": {
          "type": "boolean"
        }
      },
      "type": "object"
    },
    "BlockingHookHandlersConfig": {
      "additionalProperties": false,
      "properties": {
        "event": {
          "enum": [
            "user.pre_create",
            "user.profile.pre_update",
            "user.pre_schedule_deletion"
          ],
          "type": "string"
        },
        "url": {
          "format": "uri",
          "type": "string"
        }
      },
      "required": [
        "event",
        "url"
      ],
      "type": "object"
    },
    "CustomAttributesAttributeConfig": {
      "allOf": [
        {
          "if": {
            "properties": {
              "type": {
                "const": "number"
              }
            }
          },
          "then": {
            "properties": {
              "maximum": {
                "type": "number"
              },
              "minimum": {
                "type": "number"
              }
            }
          }
        },
        {
          "if": {
            "properties": {
              "type": {
                "const": "integer"
              }
            }
          },
          "then": {
            "properties": {
              "maximum": {
                "type": "integer"
              },
              "minimum": {
                "type": "integer"
              }
            }
          }
        },
        {
          "if": {
            "properties": {
              "type": {
                "const": "enum"
              }
            }
          },
          "then": {
            "properties": {
              "enum": {
                "items": {
                  "minLength": 1,
                  "pattern": "^[a-zA-Z0-9_]*$",
                  "type": "string"
                },
                "minItems": 1,
                "type": "array",
                "uniqueItems": true
              }
            },
            "required": [
              "enum"
            ]
          }
        },
        {
          "if": {
            "properties": {
              "type": {
                "not": {
                  "enum": [
                    "number",
                    "integer",
                    "enum"
                  ]
                }
              }
            }
          },
          "then": true
        }
      ],
      "properties": {
        "access_control": {
          "$ref": "#/$defs/UserProfileAttributesAccessControl"
        },
        "id": {
          "minLength": 1,
          "type": "string"
        },
        "pointer": {
          "format": "x_custom_attribute_pointer",
          "not": {
            "enum": [
              "/iss",
              "/sub",
              "/aud",
              "/exp",
              "/nbf",
              "/iat",
              "/jti",
              "/sub",
              "/email",
              "/email_verified",
              "/phone_number",
              "/phone_number_verified",
              "/preferred_username",
              "/family_name",
              "/given_name",
              "/picture",
              "/gender",
              "/birthdate",
              "/zoneinfo",
              "/locale",
              "/name",
              "/nickname",
              "/middle_name",
              "/profile",
              "/website",
              "/address",
              "/updated_at"
            ]
          },
          "type": "string"
        },
        "type": {
          "enum": [
            "string",
            "number",
            "integer",
            "enum",
            "phone_number",
            "email",
            "url",
            "country_code"
          ],
          "type": "string"
        }
      },
      "required": [
        "id",
        "pointer",
        "type"
      ],
      "type": "object"
    },
    "CustomAttributesConfig": {
      "additionalProperties": false,
      "properties": {
        "attributes": {
          "items": {
            "$ref": "#/$defs/CustomAttributesAttributeConfig"
          },
          "type": "array"
        }
      },
      "type": "object"
    },
    "DeviceTokenConfig": {
      "additionalProperties": false,
      "properties": {
        "disabled": {
          "type": "boolean"
        },
        "expire_in_days": {
          "$ref": "#/$defs/DurationDays"
        }
      },
      "type": "object"
    },
    "DurationDays": {
      "type": "integer"
    },
    "DurationSeconds": {
      "type": "integer"
    },
    "ForgotPasswordConfig": {
      "additionalProperties": false,
      "properties": {
        "enabled": {
          "type": "boolean"
        },
        "reset_code_expiry_seconds": {
          "$ref": "#/$defs/DurationSeconds"
        }
      },
      "type": "object"
    },
    "GoogleTagManagerConfig": {
      "additionalProperties": false,
      "properties": {
        "container_id": {
          "format": "google_tag_manager_container_id",
          "type": "string"
        }
      },
      "type": "object"
    },
    "HTTPConfig": {
      "additionalProperties": false,
      "properties": {
        "allowed_origins": {
          "items": {
            "format": "http_origin_spec",
            "minLength": 1,
            "type": "string"
          },
          "type": "array"
        },
        "cookie_domain": {
          "type": "string"
        },
        "cookie_prefix": {
          "type": "string"
        },
        "public_origin": {
          "format": "http_origin",
          "type": "string"
        }
      },
      "required": [
        "public_origin"
      ],
      "type": "object"
    },
    "HookConfig": {
      "additionalProperties": false,
      "properties": {
        "blocking_handlers": {
          "items": {
            "$ref": "#/$defs/BlockingHookHandlersConfig"
          },
          "type": "array"
        },
        "non_blocking_handlers": {
          "items": {
            "$ref": "#/$defs/NonBlockingHookHandlersConfig"
          },
          "type": "array"
        },
        "sync_hook_timeout_seconds": {
          "$ref": "#/$defs/DurationSeconds"
        },
        "sync_hook_total_timeout_seconds": {
          "$ref": "#/$defs/DurationSeconds"
        }
      },
      "type": "object"
    },
    "ISO31661Alpha2": {
      "enum": [
        "AD",
        "AE",
        "AF",
        "AG",
        "AI",
        "AL",
        "AM",
        "AO",
        "AR",
        "AS",
        "AT",
        "AU",
        "AW",
        "AX",
        "AZ",
        "BA",
        "BB",
        "BD",
        "BE",
        "BF",
        "BG",
        "BH",
        "BI",
        "BJ",
        "BL",
        "BM",
        "BN",
        "BO",
        "BQ",
        "BR",
        "BS",
        "BT",
        "BW",
        "BY",
        "BZ",
        "CA",
        "CC",
        "CD",
        "CF",
        "CG",
        "CH",
        "CI",
        "CK",
        "CL",
        "CM",
        "CN",
        "CO",
        "CR",
        "CU",
        "CV",
        "CW",
        "CX",
        "CY",
        "CZ",
        "DE",
        "DJ",
        "DK",
        "DM",
        "DO",
        "DZ",
        "EC",
        "EE",
        "EG",
        "EH",
        "ER",
        "ES",
        "ET",
        "FI",
        "FJ",
        "FK",
        "FM",
        "FO",
        "FR",
        "GA",
        "GB",
        "GD",
        "GE",
        "GF",
        "GG",
        "GH",
        "GI",
        "GL",
        "GM",
        "GN",
        "GP",
        "GQ",
        "GR",
        "GT",
        "GU",
        "GW",
        "GY",
        "HK",
        "HN",
        "HR",
        "HT",
        "HU",
        "ID",
        "IE",
        "IL",
        "IM",
        "IN",
        "IO",
        "IQ",
        "IR",
        "IS",
        "IT",
        "JE",
        "JM",
        "JO",
        "JP",
        "KE",
        "KG",
        "KH",
        "KI",
        "KM",
        "KN",
        "KP",
        "KR",
        "KW",
        "KY",
        "KZ",
        "LA",
        "LB",
        "LC",
        "LI",
        "LK",
        "LR",
        "LS",
        "LT",
        "LU",
        "LV",
        "LY",
        "MA",
        "MC",
        "MD",
        "ME",
        "MF",
        "MG",
        "MH",
        "MK",
        "ML",
        "MM",
        "MN",
        "MO",
        "MP",
        "MQ",
        "MR",
        "MS",
        "MT",
        "MU",
        "MV",
        "MW",
        "MX",
        "MY",
        "MZ",
        "NA",
        "NC",
        "NE",
        "NF",
        "NG",
        "NI",
        "NL",
        "NO",
        "NP",
        "NR",
        "NU",
        "NZ",
        "OM",
        "PA",
        "PE",
        "PF",
        "PG",
        "PH",
        "PK",
        "PL",
        "PM",
        "PR",
        "PS",
        "PT",
        "PW",
        "PY",
        "QA",
        "RE",
        "RO",
        "RS",
        "RU",
        "RW",
        "SA",
        "SB",
        "SC",
        "SD",
        "SE",
        "SG",
        "SH",
        "SI",
        "SJ",
        "SK",
        "SL",
        "SM",
        "SN",
        "SO",
        "SR",
        "SS",
        "ST",
        "SV",
        "SX",
        "SY",
        "SZ",
        "TC",
        "TD",
        "TG",
        "TH",
        "TJ",
        "TK",
        "TL",
        "TM",
        "TN",
        "TO",
        "TR",
        "TT",
        "TV",
        "TW",
        "TZ",
        "UA",
        "UG",
        "US",
        "UY",
        "UZ",
        "VA",
        "VC",
        "VE",
        "VG",
        "VI",
        "VN",
        "VU",
        "WF",
        "WS",
        "XK",
        "YE",
        "YT",
        "ZA",
        "ZM",
        "ZW"
      ],
      "type": "string"
    },
    "IdentityConfig": {
      "additionalProperties": false,
      "properties": {
        "biometric": {
          "$ref": "#/$defs/BiometricConfig"
        },
        "login_id": {
          "$ref": "#/$defs/LoginIDConfig"
        },
        "oauth": {
          "$ref": "#/$defs/OAuthSSOConfig"
        },
        "on_conflict": {
          "$ref": "#/$defs/IdentityConflictConfig"
        }
      },
      "type": "object"
    },
    "IdentityConflictConfig": {
      "additionalProperties": false,
      "properties": {
        "promotion": {
          "$ref": "#/$defs/PromotionConflictBehavior"
        }
      },
      "type": "object"
    },
    "IdentityType": {
      "enum": [
        "login_id",
        "oauth",
        "anonymous",
        "biometric"
      ],
      "type": "string"
    },
    "LocalizationConfig": {
      "additionalProperties": false,
      "properties": {
        "fallback_language": {
          "format": "bcp47",
          "type": "string"
        },
        "supported_languages": {
          "items": {
            "format": "bcp47",
            "type": "string"
          },
          "minItems": 1,
          "type": "array",
          "uniqueItems": true
        }
      },
      "type": "object"
    },
    "LoginIDConfig": {
      "additionalProperties": false,
      "properties": {
        "keys": {
          "items": {
            "$ref": "#/$defs/LoginIDKeyConfig"
          },
          "type": "array"
        },
        "types": {
          "$ref": "#/$defs/LoginIDTypesConfig"
        }
      },
      "type": "object"
    },
    "LoginIDEmailConfig": {
      "additionalProperties": false,
      "allOf": [
        {
          "if": {
            "properties": {
              "domain_blocklist_enabled": {
                "enum": [
                  true
                ]
              }
            },
            "required": [
              "domain_blocklist_enabled"
            ]
          },
          "then": {
            "properties": {
              "domain_allowlist_enabled": {
                "enum": [
                  false
                ]
              }
            }
          }
        },
        {
          "if": {
            "properties": {
              "block_free_email_provider_domains": {
                "enum": [
                  true
                ]
              }
            },
            "required": [
              "block_free_email_provider_domains"
            ]
          },
          "then": {
            "properties": {
              "domain_blocklist_enabled": {
                "enum": [
                  true
                ]
              }
            },
            "required": [
              "domain_blocklist_enabled"
            ]
          }
        }
      ],
      "properties": {
        "block_free_email_provider_domains": {
          "type": "boolean"
        },
        "block_plus_sign": {
          "type": "boolean"
        },
        "case_sensitive": {
          "type": "boolean"
        },
        "domain_allowlist_enabled": {
          "type": "boolean"
        },
        "domain_blocklist_enabled": {
          "type": "boolean"
        },
        "ignore_dot_sign": {
          "type": "boolean"
        }
      },
      "type": "object"
    },
    "LoginIDKeyConfig": {
      "additionalProperties": false,
      "properties": {
        "key": {
          "type": "string"
        },
        "max_length": {
          "type": "integer"
        },
        "modify_disabled": {
          "type": "boolean"
        },
        "type": {
          "$ref": "#/$defs/LoginIDKeyType"
        }
      },
      "required": [
        "type"
      ],
      "type": "object"
    },
    "LoginIDKeyType": {
      "enum": [
        "email",
        "phone",
        "username"
      ],
      "type": "string"
    },
    "LoginIDTypesConfig": {
      "additionalProperties": false,
      "properties": {
        "email": {
          "$ref": "#/$defs/LoginIDEmailConfig"
        },
        "username": {
          "$ref": "#/$defs/LoginIDUsernameConfig"
        }
      },
      "type": "object"
    },
    "LoginIDUsernameConfig": {
      "additionalProperties": false,
      "properties": {
        "ascii_only": {
          "type": "boolean"
        },
        "block_reserved_usernames": {
          "type": "boolean"
        },
        "case_sensitive": {
          "type": "boolean"
        },
        "exclude_keywords_enabled": {