The Gateway configuration properties are generated during an application build. The following table contains information about Fusion-related parameters.
nametypeDetails
properties
audit.enabledjava.lang.Booleandescription: Is audit enabled. defaultValue: true
audit.excludesjava.util.List<java.lang.String>description: Comma separated list of paths to exclude from auditing.
audit.get.enablejava.lang.Booleandescription: Audit GET requests. defaultValue: false
audit.get.excludesjava.util.List<java.lang.String>description: Comma separated list of paths to exclude from GET auditing. defaultValue: /api/ui-logs
audit.get.resources-enabledjava.lang.Booleandescription: Audit GET requests to static resources. defaultValue: false
fusion.error.translation.enabledjava.lang.BooleandefaultValue: false
fusion.error.translation.exclude-servicesjava.lang.String[]
jwt.issuer.urijava.net.URI
jwt.token.cache-sizejava.lang.Integerdescription: Size of the cache of valid JWT. If value exists in the cache, its signature is not validated. Cache is used for recognized, already logged users for audit logging. defaultValue: 1000
jwt.token.expiration-secsjava.lang.Integerdescription: Validity time of JWT token, before next login will be required. defaultValue: 1800
jwt.token.keyjava.lang.Stringdescription: Name of the key in keystore. defaultValue: jwt-signer
jwt.token.key-storejava.lang.Stringdescription: Path to keystore.
jwt.token.passjava.lang.Stringdescription: Password for the keystore. defaultValue:
security.auth.password-cache-sizejava.lang.Integerdescription: Size of the cache of user credentials for native authentication. If 0, then cache is disabled. defaultValue: 0
security.auth.urljava.lang.Stringdescription: Redirect path to authorization UI. defaultValue: /auth/login
security.auth.user-cache-sizejava.lang.Integerdescription: Size of the cache of user data. If 0, then cache is disabled. defaultValue: 100
security.cors.allow-credentialsjava.lang.Boolean
security.cors.allowed-headersjava.util.List<java.lang.String>
security.cors.allowed-methodsjava.util.List<java.lang.String>
security.cors.allowed-originsjava.util.List<java.lang.String>
security.cors.enabledjava.lang.BooleandefaultValue: true
security.internal.enforce-internal-address-exceptionsjava.util.List<java.lang.String>description: List of names of service accounts which request IP does not check against the service registry. Applies only if enforceInternalAddressForServiceAccounts is true.
security.internal.enforce-internal-address-for-service-accountsjava.lang.Booleandescription: Check if service is listed in the service registry under IP or hostname of where the request originated. defaultValue: true
security.internal.service-account-keyjava.lang.Stringdescription: Key or password for all services to authenticate in proxy. defaultValue: invalid
security.passthrujava.util.List<java.lang.String>description: List of paths to which anonymous access should be allowed.
security.saml.max-authentication-agejava.lang.IntegerdefaultValue: 7200
fusion.cors.allow-credentialsjava.lang.Booleandeprecated: true, deprecation: { replacement: security.cors.allow-credentials }
fusion.cors.allowed-headersjava.util.List<java.lang.String>deprecated: true, deprecation: { replacement: security.cors.allowed-headers }
fusion.cors.allowed-methodsjava.util.List<java.lang.String>deprecated: true, deprecation: { replacement: security.cors.allowed-methods }
fusion.cors.allowed-methodsjava.util.List<java.lang.String>deprecated: true, deprecation: { replacement: security.cors.allowed-methods }
fusion.cors.allowed-originsjava.util.List<java.lang.String>deprecated: true, deprecation: { replacement: security.cors.allow-origins }
fusion.cors.enabledjava.lang.BooleandefaultValue: true, deprecated: true, deprecation: { replacement: security.cors.enabled }
You can also enter hints: [ ] information in a similar format as the properties defined in the table.