-
Notifications
You must be signed in to change notification settings - Fork 131
/
Copy pathapplication.yml.default
513 lines (505 loc) · 22.7 KB
/
application.yml.default
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
# This file is used by the IdentityConfig class
# The defaults set in this file are used as the basis for configuration in all
# production and development environments. On deployed EC2 servers, we run
# deploy/activate to generate the final application.yml using this file for
# defaults and deep merging any overrides set in the application.yml from the
# app secrets S3 bucket. Deployed EC2 servers always set RAILS_ENV=production,
# so they will use values from top-level and from the production block.
# Be sure to restart your server when you modify this file.
# Make sure the secrets in this file are kept private
# if you're sharing your code publicly.
# Make sure any new entries you add are enclosed in single quotes.
aamva_auth_request_timeout: 5.0
aamva_auth_url: 'https://example.org:12345/auth/url'
aamva_cert_enabled: true
aamva_sp_banlist_issuers: '[]'
aamva_supported_jurisdictions: '["AR","AZ","CO","CT","DC","DE","FL","GA","HI","IA","ID","IL","IN","KS","KY","MA","MD","ME","MI","MO","MS","MT","NC","ND","NE","NJ","NM","OH","OR","PA","RI","SC","SD","TN","TX","VA","VT","WA","WI","WY"]'
aamva_verification_request_timeout: 5.0
aamva_verification_url: https://example.org:12345/verification/url
all_redirect_uris_cache_duration_minutes: 2
account_reset_token_valid_for_days: 1
account_reset_wait_period_days: 1
acuant_maintenance_window_start:
acuant_maintenance_window_finish:
acuant_assure_id_password: ''
acuant_assure_id_subscription_id: ''
acuant_assure_id_url: ''
acuant_assure_id_username: ''
acuant_facial_match_url: ''
acuant_passlive_url: ''
# These are publicly available credentials used to initialize the client-side Acuant SDK
acuant_sdk_initialization_creds: 'aWRzY2FuZ293ZWJAYWN1YW50Y29ycC5jb206NVZLcm81Z0JEc1hrdFh2NA=='
acuant_sdk_initialization_endpoint: 'https://us.acas.acuant.net'
acuant_timeout: 45.0
acuant_upload_image_timeout: 1.0
acuant_get_results_timeout: 1.0
acuant_create_document_timeout: 1.0
add_email_link_valid_for_hours: 24
asset_host: ''
async_wait_timeout_seconds: 60
async_stale_job_timeout_seconds: 300
aws_http_timeout: 5
aws_http_retry_limit: 2
aws_http_retry_max_delay: 1
aws_kms_key_id: alias/login-dot-gov-test-keymaker
aws_logo_bucket: ''
aws_region: 'us-west-2'
aws_kms_multi_region_enabled: false
backup_code_cost: '2000$8$1$'
broken_personal_key_window_start: '2021-07-29T00:00:00Z'
broken_personal_key_window_finish: '2021-09-22T00:00:00Z'
country_phone_number_overrides: '{}'
doc_auth_error_dpi_threshold: 290
doc_auth_error_sharpness_threshold: 40
doc_auth_error_glare_threshold: 40
database_pool_idp: 5
database_statement_timeout: 2_500
database_timeout: 5_000
deliver_mail_async: false
deleted_user_accounts_report_configs: '[]'
disable_csp_unsafe_inline: true
disable_email_sending: true
disallow_all_web_crawlers: true
disposable_email_services: '[]'
doc_auth_attempt_window_in_minutes: 360
doc_auth_extend_timeout_by_minutes: 40
doc_capture_polling_enabled: true
doc_auth_client_glare_threshold: 50
doc_auth_client_sharpness_threshold: 50
doc_auth_enable_presigned_s3_urls: false
doc_auth_s3_request_timeout: 5
doc_auth_error_dpi_threshold: 290
doc_auth_error_glare_threshold: 40
doc_auth_error_sharpness_threshold: 40
doc_auth_max_attempts: 20
doc_auth_max_capture_attempts_before_tips: 3
doc_capture_request_valid_for_minutes: 15
email_from: no-reply@login.gov
email_from_display_name: Login.gov
enable_load_testing_mode: false
enable_numeric_authentication_otp: true
enable_numeric_authentication_otp_input: true
enable_partner_api: false
enable_rate_limiting: true
enable_test_routes: true
enable_usps_verification: true
event_disavowal_expiration_hours: 240
geo_data_file_path: 'geo_data/GeoLite2-City.mmdb'
good_job_max_threads: 5
good_job_queues: 'default:5;low:1;*'
gpo_designated_receiver_pii: '{}'
hide_phone_mfa_signup: false
identity_pki_disabled: false
identity_pki_local_dev: false
idv_api_enabled_steps: '[]'
idv_attempt_window_in_hours: 6
idv_max_attempts: 5
idv_min_age_years: 13
idv_public_key: 'LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBS3p4d25rbUxqeGx1NmhsRlQ2d2JreUlweHNtYkMyaApjYW5TMGhuWm1DRGIrTEhaME5zQTdHWURpZkMxQlRBMHRuRFo0Zm9HNTRmYjNzYk9ubGpGWXVNQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo='
idv_private_key: 'LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlCT2dJQkFBSkJBS3p4d25rbUxqeGx1NmhsRlQ2d2JreUlweHNtYkMyaGNhblMwaG5abUNEYitMSFowTnNBCjdHWURpZkMxQlRBMHRuRFo0Zm9HNTRmYjNzYk9ubGpGWXVNQ0F3RUFBUUpCQUp6TUMvOSs2RWlHQzkrZTFlWWkKVzc0ejN4MjBkanZndFlhOHh4UDh2ZnA3TjdKQXMvaGNUbjVLOCtDM2swaXUyR2RNb21qSlp2ckxwT0IyTWh4RQo3QkVDSVFEVERhbVRCMHhKSlVpV0ljNk15Y0dFa2J4SEZ3eEtURVNCaHhzREFISDZEUUloQU5IR2NwVUs5dmVSCkdrZlZTOS9MSVNZQlk2YzRUZk1NUFJZU21KVHFNRVN2QWlBZFdiY05aV1JzZjZ6YWhCVVBhemRvVWtRV3R0UFUKdVVxRm9ONVd5b2NQT1FJZ1FrUjlaK1haMUtVcTl5eERWc1FWaWFzQXJ3K1RXRWN5ZU9tUTkrSHZNNU1DSUcrMQpxVldqNW9PL0FBSU1QbXZVZmp5L0JnMnhEQVRiOEp6alFrQ3dLSnNwCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg=='
idv_send_link_attempt_window_in_minutes: 10
idv_send_link_max_attempts: 5
idv_sp_required: false
in_person_proofing_enabled: false
in_person_proofing_enabled_issuers: '[]'
in_person_enrollment_validity_in_days: 30
include_slo_in_saml_metadata: false
irs_attempt_api_audience: 'https://irs.gov'
irs_attempt_api_auth_tokens: ''
irs_attempt_api_enabled: false
irs_attempt_api_event_ttl_seconds: 86400
irs_attempt_api_event_count_default: 1000
irs_attempt_api_event_count_max: 10000
kantara_2fa_phone_restricted: false
kantara_2fa_phone_existing_user_restriction: false
kantara_restriction_enforcement_date: '2022-07-19'
liveness_checking_enabled: false
logins_per_ip_track_only_mode: false
# LexisNexis #####################################################
lexisnexis_base_url: https://www.example.com
lexisnexis_request_mode: testing
# Instant Verify and Phone Finder Integrations
lexisnexis_account_id: test_account
lexisnexis_username: test_username
lexisnexis_password: test_password
lexisnexis_phone_finder_timeout: 1.0
lexisnexis_phone_finder_workflow: customers.gsa.phonefinder.workflow
lexisnexis_instant_verify_timeout: 1.0
lexisnexis_instant_verify_workflow: customers.gsa.instant.verify.workflow
# TrueID DocAuth Integration
lexisnexis_trueid_account_id: '12345'
lexisnexis_trueid_username: test_username
lexisnexis_trueid_password: test_password
lexisnexis_trueid_timeout: 60.0
lexisnexis_trueid_liveness_cropping_workflow: customers.gsa.trueid.workflow
lexisnexis_trueid_liveness_nocropping_workflow: customers.gsa.trueid.workflow
lexisnexis_trueid_noliveness_cropping_workflow: customers.gsa.trueid.workflow
lexisnexis_trueid_noliveness_nocropping_workflow: customers.gsa.trueid.workflow
###################################################################
lockout_period_in_minutes: 10
log_to_stdout: false
logins_per_email_and_ip_bantime: 60
logins_per_email_and_ip_limit: 5
logins_per_email_and_ip_period: 60
logins_per_ip_period: 60
logo_upload_enabled: false
mailer_domain_name: http://localhost:3000
max_auth_apps_per_account: 2
max_bad_passwords: 100
max_bad_passwords_window_in_seconds: 60
max_emails_per_account: 12
max_mail_events: 4
max_mail_events_window_in_days: 30
max_phone_numbers_per_account: 5
max_piv_cac_per_account: 2
min_password_score: 3
mx_timeout: 3
new_sign_up_cancellation_url_enabled: true
otp_delivery_blocklist_maxretry: 10
otp_valid_for: 10
otps_per_ip_limit: 25
otps_per_ip_period: 300
otps_per_ip_track_only_mode: true
outbound_connection_check_retry_count: 2
outbound_connection_check_timeout: 5
outbound_connection_check_url: 'https://checkip.amazonaws.com'
participate_in_dap: false
partner_api_bucket_prefix: ''
password_max_attempts: 3
personal_key_retired: true
phone_confirmation_max_attempts: 20
phone_confirmation_max_attempt_window_in_minutes: 1_440
phone_setups_per_ip_limit: 25
phone_setups_per_ip_period: 300
phone_setups_per_ip_track_only_mode: false
pii_lock_timeout_in_minutes: 30
pinpoint_sms_sender_id: 'aaa'
pinpoint_sms_configs: '[]'
pinpoint_voice_configs: '[]'
piv_cac_service_url: https://localhost:8443/
piv_cac_service_timeout: 5.0
piv_cac_verify_token_url: https://localhost:8443/
platform_authentication_enabled: true
poll_rate_for_verify_in_seconds: 3
proofer_mock_fallback: true
proofing_send_partial_dob: false
proof_address_max_attempts: 5
proof_address_max_attempt_window_in_minutes: 360
proof_ssn_max_attempts: 10
proof_ssn_max_attempt_window_in_minutes: 60
push_notifications_enabled: false
pwned_passwords_file_path: 'pwned_passwords/pwned_passwords.txt'
rack_mini_profiler: false
rack_timeout_service_timeout_seconds: 15
rails_mailer_previews_enabled: false
reauthn_window: 120
recovery_code_length: 4
redis_irs_attempt_api_url: redis://localhost:6379/2
redis_throttle_url: redis://localhost:6379/1
redis_url: redis://localhost:6379/0
reg_confirmed_email_max_attempts: 20
reg_confirmed_email_window_in_minutes: 60
reg_unconfirmed_email_max_attempts: 20
reg_unconfirmed_email_window_in_minutes: 60
remember_device_expiration_hours_aal_1: 720
remember_device_expiration_hours_aal_2: 12
report_timeout: 0
requests_per_ip_cidr_allowlist: ''
requests_per_ip_limit: 300
requests_per_ip_path_prefixes_allowlist: ''
requests_per_ip_period: 300
requests_per_ip_track_only_mode: false
reset_password_email_max_attempts: 20
reset_password_email_window_in_minutes: 60
risc_notifications_local_enabled: false
risc_notifications_active_job_enabled: false
risc_notifications_rate_limit_interval: 60
risc_notifications_rate_limit_max_requests: 1_000
risc_notifications_rate_limit_overrides: '{"https://example.com/push":{"interval":120,"max_requests":10000}}'
risc_notifications_request_timeout: 3
ruby_workers_idv_enabled: true
rules_of_use_horizon_years: 6
rules_of_use_updated_at: '2022-01-19T00:00:00Z' # Production has a newer timestamp than this, update directly in S3
s3_public_reports_enabled: false
s3_reports_enabled: false
saml_secret_rotation_enabled: false
seed_agreements_data: true
select_multiple_mfa_options: false
service_provider_request_ttl_hours: 24
session_check_delay: 30
session_check_frequency: 30
session_encryptor_alert_enabled: false
session_encryptor_v2_enabled: true
session_timeout_in_minutes: 15
session_timeout_warning_seconds: 150
session_total_duration_timeout_in_minutes: 720
set_remember_device_session_expiration: false
sp_handoff_bounce_max_seconds: 2
show_user_attribute_deprecation_warnings: false
test_ssn_allowed_list: ''
totp_code_interval: 30
unauthorized_scope_enabled: false
usps_upload_enabled: false
usps_upload_sftp_timeout: 5
valid_authn_contexts: '["http://idmanagement.gov/ns/assurance/loa/1", "http://idmanagement.gov/ns/assurance/loa/3", "http://idmanagement.gov/ns/assurance/ial/1", "http://idmanagement.gov/ns/assurance/ial/2", "http://idmanagement.gov/ns/assurance/ial/0", "http://idmanagement.gov/ns/assurance/ial/2?strict=true", "urn:gov:gsa:ac:classes:sp:PasswordProtectedTransport:duo", "http://idmanagement.gov/ns/assurance/aal/2", "http://idmanagement.gov/ns/assurance/aal/3", "http://idmanagement.gov/ns/assurance/aal/3?hspd12=true"]'
vendor_status_acuant: 'operational'
vendor_status_lexisnexis_instant_verify: 'operational'
vendor_status_lexisnexis_trueid: 'operational'
vendor_status_sms: 'operational'
vendor_status_voice: 'operational'
verification_errors_report_configs: '[]'
verify_gpo_key_attempt_window_in_minutes: 10
verify_gpo_key_max_attempts: 3
verify_personal_key_attempt_window_in_minutes: 15
verify_personal_key_max_attempts: 5
use_dashboard_service_providers: false
use_kms: false
usps_confirmation_max_days: 10
usps_ipp_password: ''
usps_ipp_root_url: ''
usps_ipp_request_timeout: 10
usps_ipp_sponsor_id: ''
usps_ipp_username: ''
gpo_allowed_for_strict_ial2: true
voice_otp_pause_time: '0.5s'
voice_otp_speech_rate: 'slow'
voip_check: true
voip_block: true
voip_allowed_phones: '[]'
development:
aamva_private_key: 123abc
aamva_public_key: 123abc
attribute_encryption_key: 2086dfbd15f5b0c584f3664422a1d3409a0d2aa6084f65b6ba57d64d4257431c124158670c7655e45cabe64194f7f7b6c7970153c285bdb8287ec0c4f7553e25
attribute_encryption_key_queue: '[{ "key": "11111111111111111111111111111111" }, { "key": "22222222222222222222222222222222" }]'
aws_logo_bucket: ''
aws_kms_regions: '["us-west-2", "us-east-1"]'
dashboard_api_token: test_token
dashboard_url: http://localhost:3001/api/service_providers
database_host: ''
database_name: ''
database_password: ''
database_read_replica_host: ''
database_readonly_password: ''
database_readonly_username: ''
database_username: ''
database_worker_jobs_name: ''
database_worker_jobs_username: ''
database_worker_jobs_host: ''
database_worker_jobs_password: ''
doc_auth_vendor: 'mock'
doc_auth_vendor_randomize: false
doc_auth_vendor_randomize_percent: 0
doc_auth_vendor_randomize_alternate_vendor: ''
domain_name: localhost:3000
enable_rate_limiting: false
hmac_fingerprinter_key: a2c813d4dca919340866ba58063e4072adc459b767a74cf2666d5c1eef3861db26708e7437abde1755eb24f4034386b0fea1850a1cb7e56bff8fae3cc6ade96c
hmac_fingerprinter_key_queue: '["11111111111111111111111111111111", "22222222222222222222222222222222"]'
identity_pki_local_dev: true
idv_api_enabled_steps: '["password_confirm", "personal_key","personal_key_confirm"]'
in_person_proofing_enabled: true
kantara_2fa_phone_restricted: true
kantara_2fa_phone_existing_user_restriction: true
kantara_restriction_enforcement_date: '2022-07-01'
irs_attempt_api_public_key: MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyut9Uio5XxsIUVrXARqCoHvcMVYT0p6WyU1BnbhxLRW4Q60p+4Bn32vVOt9nzeih7qvauYM5M0PZdKEmwOHflqPP+ABfKhL+6jxBhykN5P5UY375wTFBJZ20Fx8jOJbRhJD02oUQ49YKlDu3MG5Y0ApyD4ER4WKgxuB2OdyQKd9vg2ZZa+P2pw1HkFPEin0h8KBUFBeLGDZni8PIJdHBP6dA+xbayGBxSM/8xQC0JIg6KlGTcLql37QJIhP2oSv0nAJNb6idFPAz0uMCQDQWKKWV5FUDCsFVH7VuQz8xUCwnPn/SdaratB+29bwUpVhgHXrHdJ0i8vjBEX7smD7pI8CcFHuVgACt86NMlBnNCVkwumQgZNAAxe2mJoYcotEWOnhCuMc6MwSj985bj8XEdFlbf4ny9QO9rETd5aYcwXBiV/T6vd637uvHb0KenghNmlb1Tv9LMj2b9ZwNc9C6oeCnbN2YAfxSDrb8Ik+yq4hRewOvIK7f0CcpZYDXK25aHXnHm306Uu53KIwMGf1mha5T5LWTNaYy5XFoMWHJ9E+AnU/MUJSrwCAITH/S0JFcna5Oatn70aTE9pISATsqB5Iz1c46MvdrxD8hPoDjT7x6/EO316DZrxQfJhjbWsCB+R0QxYLkXPHczhB2Z0HPna9xB6RbJHzph7ifDizhZoMCAwEAAQ==
liveness_checking_enabled: true
logins_per_ip_limit: 5
logo_upload_enabled: true
max_bad_passwords: 5
newrelic_browser_app_id: ''
newrelic_browser_key: ''
newrelic_license_key: ''
nonessential_email_banlist: '["banned_email@gmail.com"]'
otp_delivery_blocklist_findtime: 5
password_pepper: f22d4b2cafac9066fe2f4416f5b7a32c
piv_cac_verify_token_secret: ee7f20f44cdc2ba0c6830f70470d1d1d059e1279cdb58134db92b35947b1528ef5525ece5910cf4f2321ab989a618feea12ef95711dbc62b9601e8520a34ee12
rails_mailer_previews_enabled: true
rack_timeout_service_timeout_seconds: 9_999_999_999
recurring_jobs_disabled_names: "[]"
s3_report_bucket_prefix: ''
s3_report_public_bucket_prefix: ''
saml_endpoint_configs: '[{"suffix":"2021","secret_key_passphrase":"trust-but-verify"},{"suffix":"2022","secret_key_passphrase":"trust-but-verify"}]'
scrypt_cost: 10000$8$1$
secret_key_base: development_secret_key_base
select_multiple_mfa_options: true
session_encryption_key: 27bad3c25711099429c1afdfd1890910f3b59f5a4faec1c85e945cb8b02b02f261ba501d99cfbb4fab394e0102de6fecf8ffe260f322f610db3e96b2a775c120
skip_encryption_allowed_list: '["urn:gov:gsa:SAML:2.0.profiles:sp:sso:localhost"]'
sps_over_quota_limit_notify_email_list: '[]'
state_tracking_enabled: true
telephony_adapter: test
use_dashboard_service_providers: true
usps_upload_sftp_directory: "/gsa_order"
usps_upload_sftp_host: localhost
usps_upload_sftp_password: test
usps_upload_sftp_username: brady
# These values serve as defaults for all production-like environments, which
# includes *.identitysandbox.gov and *.login.gov.
#
production:
aamva_auth_url: 'https://authentication-cert.aamva.org/Authentication/Authenticate.svc'
aamva_private_key: ''
aamva_public_key: ''
aamva_verification_url: 'https://verificationservices-cert.aamva.org:18449/dldv/2.1/online'
attribute_encryption_key:
attribute_encryption_key_queue: '[]'
aws_kms_regions: '["us-west-2"]'
aws_logo_bucket: ''
dashboard_api_token: ''
dashboard_url: https://dashboard.demo.login.gov
database_host: ''
database_name: ''
database_password: ''
database_read_replica_host: ''
database_readonly_password: ''
database_readonly_username: ''
database_username: ''
database_worker_jobs_name: ''
database_worker_jobs_username: ''
database_worker_jobs_host: ''
database_worker_jobs_password: ''
disable_email_sending: false
disallow_all_web_crawlers: false
doc_auth_vendor: 'acuant'
doc_auth_vendor_randomize: false
doc_auth_vendor_randomize_percent: 0
doc_auth_vendor_randomize_alternate_vendor: ''
domain_name: login.gov
enable_numeric_authentication_otp: false
enable_numeric_authentication_otp_input: false
enable_test_routes: false
enable_usps_verification: false
hmac_fingerprinter_key:
hmac_fingerprinter_key_queue: '[]'
idv_sp_required: true
irs_attempt_api_public_key: change-me-pls
kantara_2fa_phone_restricted: false
kantara_2fa_phone_existing_user_restriction: false
kantara_restriction_enforcement_date: '2022-07-19'
logins_per_ip_limit: 20
logins_per_ip_period: 20
logins_per_ip_track_only_mode: true
newrelic_browser_app_id: ''
newrelic_browser_key: ''
newrelic_license_key: ''
new_sign_up_cancellation_url_enabled: false
nonessential_email_banlist: '[]'
otp_delivery_blocklist_findtime: 5
participate_in_dap: true
password_pepper:
piv_cac_verify_token_secret:
platform_authentication_enabled: false
session_encryptor_alert_enabled: true
recurring_jobs_disabled_names: "[]"
redis_irs_attempt_api_url: redis://redis.login.gov.internal:6379/2
redis_throttle_url: redis://redis.login.gov.internal:6379/1
redis_url: redis://redis.login.gov.internal:6379
report_timeout: 1_000_000
ruby_workers_cron_enabled: 'false'
ruby_workers_idv_enabled: false
s3_report_bucket_prefix: login-gov.reports
s3_report_public_bucket_prefix: login-gov-pubdata
s3_reports_enabled: true
saml_endpoint_configs: '[]'
scrypt_cost: 10000$8$1$
secret_key_base:
seed_agreements_data: false
session_encryption_key:
skip_encryption_allowed_list: '["urn:gov:gsa:SAML:2.0.profiles:sp:sso:dev", "urn:gov:gsa:SAML:2.0.profiles:sp:sso:int"]'
sps_over_quota_limit_notify_email_list: '[]'
state_tracking_enabled: false
telephony_adapter: pinpoint
use_kms: true
usps_confirmation_max_days: 30
usps_upload_sftp_directory: ''
usps_upload_sftp_host: ''
usps_upload_sftp_password: ''
usps_upload_sftp_username: ''
test:
aamva_private_key: 123abc
aamva_public_key: 123abc
acuant_assure_id_url: https://example.com
acuant_facial_match_url: https://facial_match.example.com
acuant_passlive_url: https://liveness.example.com
attribute_encryption_key: 2086dfbd15f5b0c584f3664422a1d3409a0d2aa6084f65b6ba57d64d4257431c124158670c7655e45cabe64194f7f7b6c7970153c285bdb8287ec0c4f7553e25
attribute_encryption_key_queue: '[{ "key": "11111111111111111111111111111111" }, { "key": "22222222222222222222222222222222" }]'
aws_kms_regions: '["us-west-2", "us-east-1"]'
dashboard_api_token: 123ABC
dashboard_url: https://dashboard.demo.login.gov
database_host: ''
database_name: ''
database_password: ''
database_read_replica_host: ''
database_readonly_password: ''
database_readonly_username: ''
database_username: ''
database_worker_jobs_name: ''
database_worker_jobs_username: ''
database_worker_jobs_host: ''
database_worker_jobs_password: ''
doc_auth_enable_presigned_s3_urls: true
doc_auth_max_attempts: 4
doc_auth_vendor: 'mock'
doc_auth_vendor_randomize: false
doc_auth_vendor_randomize_percent: 0
doc_auth_vendor_randomize_alternate_vendor: ''
doc_capture_polling_enabled: false
domain_name: www.example.com
hmac_fingerprinter_key: a2c813d4dca919340866ba58063e4072adc459b767a74cf2666d5c1eef3861db26708e7437abde1755eb24f4034386b0fea1850a1cb7e56bff8fae3cc6ade96c
hmac_fingerprinter_key_queue: '["old-key-one", "old-key-two"]'
identity_pki_disabled: true
irs_attempt_api_auth_tokens: 'test-token-1,test-token-2'
irs_attempt_api_public_key: MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyut9Uio5XxsIUVrXARqCoHvcMVYT0p6WyU1BnbhxLRW4Q60p+4Bn32vVOt9nzeih7qvauYM5M0PZdKEmwOHflqPP+ABfKhL+6jxBhykN5P5UY375wTFBJZ20Fx8jOJbRhJD02oUQ49YKlDu3MG5Y0ApyD4ER4WKgxuB2OdyQKd9vg2ZZa+P2pw1HkFPEin0h8KBUFBeLGDZni8PIJdHBP6dA+xbayGBxSM/8xQC0JIg6KlGTcLql37QJIhP2oSv0nAJNb6idFPAz0uMCQDQWKKWV5FUDCsFVH7VuQz8xUCwnPn/SdaratB+29bwUpVhgHXrHdJ0i8vjBEX7smD7pI8CcFHuVgACt86NMlBnNCVkwumQgZNAAxe2mJoYcotEWOnhCuMc6MwSj985bj8XEdFlbf4ny9QO9rETd5aYcwXBiV/T6vd637uvHb0KenghNmlb1Tv9LMj2b9ZwNc9C6oeCnbN2YAfxSDrb8Ik+yq4hRewOvIK7f0CcpZYDXK25aHXnHm306Uu53KIwMGf1mha5T5LWTNaYy5XFoMWHJ9E+AnU/MUJSrwCAITH/S0JFcna5Oatn70aTE9pISATsqB5Iz1c46MvdrxD8hPoDjT7x6/EO316DZrxQfJhjbWsCB+R0QxYLkXPHczhB2Z0HPna9xB6RbJHzph7ifDizhZoMCAwEAAQ==
kantara_2fa_phone_restricted: false
kantara_2fa_phone_existing_user_restriction: false
lexisnexis_trueid_account_id: 'test_account'
lockout_period_in_minutes: 5
logins_per_email_and_ip_limit: 2
logins_per_ip_limit: 3
max_bad_passwords: 5
max_mail_events: 2
newrelic_browser_app_id: ''
newrelic_browser_key: ''
newrelic_license_key: ''
nonessential_email_banlist: '["banned_email@gmail.com"]'
otp_delivery_blocklist_findtime: 1
otp_delivery_blocklist_maxretry: 2
otps_per_ip_limit: 3
otps_per_ip_period: 10
otps_per_ip_track_only_mode: false
password_pepper: f22d4b2cafac9066fe2f4416f5b7a32c
phone_confirmation_max_attempts: 5
phone_confirmation_max_attempt_window_in_minutes: 10
phone_setups_per_ip_limit: 3
phone_setups_per_ip_period: 10
phone_setups_per_ip_track_only_mode: false
piv_cac_verify_token_secret: 3ac13bfa23e22adae321194c083e783faf89469f6f85dcc0802b27475c94b5c3891b5657bd87d0c1ad65de459166440512f2311018db90d57b15d8ab6660748f
poll_rate_for_verify_in_seconds: 0
recurring_jobs_disabled_names: '["disabled job"]'
reg_confirmed_email_max_attempts: 3
reg_unconfirmed_email_max_attempts: 4
reg_unconfirmed_email_window_in_minutes: 70
requests_per_ip_cidr_allowlist: '172.16.0.0/12'
requests_per_ip_limit: 4
requests_per_ip_period: 60
reset_password_email_max_attempts: 5
reset_password_email_window_in_minutes: 80
s3_report_bucket_prefix: ''
s3_report_public_bucket_prefix: ''
saml_endpoint_configs: '[{"suffix":"2022","secret_key_passphrase":"trust-but-verify"}]'
scrypt_cost: 800$8$1$
select_multiple_mfa_options: false
secret_key_base: test_secret_key_base
session_encryption_key: 27bad3c25711099429c1afdfd1890910f3b59f5a4faec1c85e945cb8b02b02f261ba501d99cfbb4fab394e0102de6fecf8ffe260f322f610db3e96b2a775c120
skip_encryption_allowed_list: '[]'
sps_over_quota_limit_notify_email_list: '["test1@test.com"]'
state_tracking_enabled: true
telephony_adapter: test
test_ssn_allowed_list: '999999999'
totp_code_interval: 3
verify_gpo_key_attempt_window_in_minutes: 3
verify_gpo_key_max_attempts: 2
verify_personal_key_attempt_window_in_minutes: 3
verify_personal_key_max_attempts: 1
usps_upload_sftp_directory: "/directory"
usps_upload_sftp_host: example.com
usps_upload_sftp_password: pass
usps_upload_sftp_username: user