f6f1bde5f2
Sprint SPRINT_20260416_013_Authority_issuerdirectory_truthful_persistence_runtime. IssuerDirectory.WebService Postgres persistence, options, program wiring, tests. Sample config under etc/. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
29 lines
791 B
YAML
29 lines
791 B
YAML
# Standard plugin configuration (Mongo-backed identity store).
|
|
# Fresh installs seed first-party clients only. Create the first human admin
|
|
# through the setup wizard or another explicit manual bootstrap flow.
|
|
tenantId: "default"
|
|
|
|
passwordPolicy:
|
|
minimumLength: 12
|
|
requireUppercase: true
|
|
requireLowercase: true
|
|
requireDigit: true
|
|
requireSymbol: true
|
|
|
|
passwordHashing:
|
|
algorithm: "Argon2id"
|
|
memorySizeInKib: 19456
|
|
iterations: 2
|
|
parallelism: 1
|
|
|
|
lockout:
|
|
enabled: true
|
|
maxAttempts: 5
|
|
windowMinutes: 15
|
|
|
|
tokenSigning:
|
|
# Path to the directory containing signing keys (relative paths resolve
|
|
# against the location of this manifest, environment variables are expanded,
|
|
# and the final value is normalised to an absolute path during startup.
|
|
keyDirectory: "../keys"
|