Skip to content

Settings

The settings contain global configuration options for your API application.

Field Description
debug Enable debug mode for testing
logging Configure your Logging Level
timezone Configure the global timezone for you API application
licence Licence Key
cors Specify cors setting for your instance

Debug

Enable debug mode for your API application. This will enable an API documentation page to be published with the start of your API under:
https://localhost:8080/swagger-ui/index.html

settings:
  debug: true

For security reasons Debug mode should not be enabled on your productive system.

Logging Level Options

Specify the wanted log level for you API application by setting the logging tag. The available log levels are:

  • notice: The default and recommended level for production. Logs basic information without exposing sensitive details.
  • info: Logs general operational information.
  • debug: Logs detailed information, including sensitive values such as SQL queries and REST API calls. Use with caution in testing environments only, as it may expose private API keys and other sensitive information.
settings:
  debug: true
  logging: notice  # Default for production

Licence

In order to use your API application on your servers the container comes with an offline licence key.

Contact us to get your licence key: Contact.

settings:
  debug: true
  licence: Your_Licence_Key

Default Timezone

Set a default timezone for your API application. This timezone will be used for all date and time conversions performed by the server.

settings:
  timezone: UTC

In this example, the server will use the UTC timezone for all date-related operations. You can replace UTC with any valid timezone name, such as Europe/Vienna or America/New_York. For a list of supported timezones, refer to this resource.

Cors Settings

The cors setting allows you to configure Cross-Origin Resource Sharing (CORS) for your API application. If not specified, the default CORS settings are applied automatically.

  • allowOrigin: Specifies the origins that are allowed to access the resources (e.g., * to allow all origins).
  • allowMethods: The HTTP methods that are allowed. Defaults are GET, POST, HEAD. If you need DELETE, you must explicitly allow it.
  • allowHeaders: Set specific headers if needed.
  • allowCredentials: Set to true if you want to allow credentials to be included in requests.
settings:
  debug: true
  cors:
    allowOrigin: "http://localhost:4200"
    allowMethods: "GET,POST"
    allowHeaders: "X-Auth-Custom-Header"
    allowCredentials: true

It is not recommended to use wildcard as a cors setting on production. If you use a wildcard think about using apostrophes "*", because it is a reserved sign in the yaml language.

For more details on CORS, you can refer to CORS Documentation.