Log: Level: debug Formatter: Format: text Port: 8080 ExternalPort: 8080 ExternalDomain: localhost ExternalSecure: true Database: Host: localhost Port: 26257 Database: zitadel MaxOpenConns: 20 MaxConnLifetime: 30m MaxConnIdleTime: 30m Options: "" User: Username: zitadel Password: "" SSL: Mode: disable RootCert: "" Cert: "" Key: "" AdminUser: Username: root Password: "" SSL: Mode: disable RootCert: "" Cert: "" Key: "" Projections: RequeueEvery: 10s RetryFailedAfter: 1s MaxFailureCount: 5 BulkLimit: 200 MaxIterators: 1 Customizations: projects: BulkLimit: 2000 AuthZ: Repository: Spooler: ConcurrentWorkers: 1 BulkLimit: 10000 FailureCountUntilSkip: 5 Auth: SearchLimit: 1000 Spooler: ConcurrentWorkers: 1 BulkLimit: 10000 FailureCountUntilSkip: 5 Admin: SearchLimit: 1000 Spooler: ConcurrentWorkers: 1 BulkLimit: 10000 FailureCountUntilSkip: 5 UserAgentCookie: Name: zitadel.useragent MaxAge: 8760h #365*24h (1 year) OIDC: CodeMethodS256: true AuthMethodPost: true AuthMethodPrivateKeyJWT: true GrantTypeRefreshToken: true RequestObjectSupported: true SigningKeyAlgorithm: RS256 DefaultAccessTokenLifetime: 12h DefaultIdTokenLifetime: 12h DefaultRefreshTokenIdleExpiration: 720h #30d DefaultRefreshTokenExpiration: 2160h #90d Cache: MaxAge: 12h SharedMaxAge: 168h #7d CustomEndpoints: Login: LanguageCookieName: zitadel.login.lang CSRFCookieName: zitadel.login.csrf Cache: MaxAge: 12h SharedMaxAge: 168h #7d Console: ConsoleOverwriteDir: "" ShortCache: MaxAge: 5m SharedMaxAge: 15m LongCache: MaxAge: 12h SharedMaxAge: 168h Notification: Repository: Spooler: ConcurrentWorkers: 1 BulkLimit: 10000 FailureCountUntilSkip: 5 Handlers: EncryptionKeys: DomainVerification: EncryptionKeyID: "domainVerificationKey" DecryptionKeyIDs: IDPConfig: EncryptionKeyID: "idpConfigKey" DecryptionKeyIDs: OIDC: EncryptionKeyID: "oidcKey" DecryptionKeyIDs: OTP: EncryptionKeyID: "otpKey" DecryptionKeyIDs: SMS: EncryptionKeyID: "smsKey" DecryptionKeyIDs: SMTP: EncryptionKeyID: "smtpKey" DecryptionKeyIDs: User: EncryptionKeyID: "userKey" DecryptionKeyIDs: CSRFCookieKeyID: "csrfCookieKey" UserAgentCookieKeyID: "userAgentCookieKey" #TODO: configure as soon as possible #AssetStorage: # Type: $ZITADEL_ASSET_STORAGE_TYPE # Config: # Endpoint: $ZITADEL_ASSET_STORAGE_ENDPOINT # AccessKeyID: $ZITADEL_ASSET_STORAGE_ACCESS_KEY_ID # SecretAccessKey: $ZITADEL_ASSET_STORAGE_SECRET_ACCESS_KEY # SSL: $ZITADEL_ASSET_STORAGE_SSL # Location: $ZITADEL_ASSET_STORAGE_LOCATION # BucketPrefix: $ZITADEL_ASSET_STORAGE_BUCKET_PREFIX # MultiDelete: $ZITADEL_ASSET_STORAGE_MULTI_DELETE #TODO: remove as soon as possible SystemDefaults: # DefaultLanguage: 'en' Domain: $ZITADEL_DEFAULT_DOMAIN ZitadelDocs: Issuer: $ZITADEL_ISSUER DiscoveryEndpoint: '$ZITADEL_ISSUER/.well-known/openid-configuration' SecretGenerators: PasswordSaltCost: 14 MachineKeySize: 2048 ApplicationKeySize: 2048 Multifactors: OTP: Issuer: 'ZITADEL' DomainVerification: VerificationGenerator: Length: 32 IncludeLowerLetters: true IncludeUpperLetters: true IncludeDigits: true IncludeSymbols: false Notifications: Endpoints: InitCode: '$ZITADEL_ACCOUNTS/user/init?userID={{.UserID}}&code={{.Code}}&passwordset={{.PasswordSet}}' PasswordReset: '$ZITADEL_ACCOUNTS/password/init?userID={{.UserID}}&code={{.Code}}' VerifyEmail: '$ZITADEL_ACCOUNTS/mail/verification?userID={{.UserID}}&code={{.Code}}' DomainClaimed: '$ZITADEL_ACCOUNTS/login' PasswordlessRegistration: '$ZITADEL_ACCOUNTS/login/passwordless/init' FileSystemPath: '.notifications/' KeyConfig: Size: 2048 PrivateKeyLifetime: 6h PublicKeyLifetime: 30h SigningKeyRotationCheck: 10s SigningKeyGracefulPeriod: 10m