Variable SecurityConfigSchemaConst
SecurityConfigSchema: ZodObject<
{
authentication_portals: ZodOptional<
ZodArray<
ZodObject<
{
cookie_config: ZodOptional<
ZodObject<
{
domains: ZodOptional<ZodRecord<(...), (...)>>;
insecure: ZodOptional<ZodBoolean>;
lifetime: ZodOptional<ZodNumber>;
path: ZodOptional<ZodString>;
same_site: ZodOptional<ZodString>;
},
"strip",
ZodTypeAny,
{
domains?: Record<(...), (...)>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
},
{
domains?: Record<(...), (...)>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
},
>,
>;
identity_providers: ZodOptional<ZodArray<ZodString, "many">>;
identity_stores: ZodOptional<ZodArray<ZodString, "many">>;
name: ZodString;
ui: ZodOptional<
ZodObject<
{
custom_css: ZodOptional<ZodString>;
logo_url: ZodOptional<ZodString>;
theme: ZodOptional<ZodString>;
},
"strip",
ZodTypeAny,
{ custom_css?: string; logo_url?: string; theme?: string },
{ custom_css?: string; logo_url?: string; theme?: string },
>,
>;
user_transformer_configs: ZodOptional<
ZodArray<ZodRecord<ZodString, ZodUnknown>, "many">,
>;
},
"strip",
ZodTypeAny,
{
cookie_config?: {
domains?: Record<
string,
{ insecure?: ...; lifetime?: ...; same_site?: ... },
>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
};
identity_providers?: string[];
identity_stores?: string[];
name: string;
ui?: { custom_css?: string; logo_url?: string; theme?: string };
user_transformer_configs?: Record<string, unknown>[];
},
{
cookie_config?: {
domains?: Record<
string,
{ insecure?: ...; lifetime?: ...; same_site?: ... },
>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
};
identity_providers?: string[];
identity_stores?: string[];
name: string;
ui?: { custom_css?: string; logo_url?: string; theme?: string };
user_transformer_configs?: Record<string, unknown>[];
},
>,
"many",
>,
>;
authorization_policies: ZodOptional<
ZodArray<
ZodObject<
{
access_list_rules: ZodOptional<
ZodArray<
ZodObject<
{
action: ZodOptional<(...)>;
comment: ZodOptional<(...)>;
conditions: ZodOptional<(...)>;
},
"strip",
ZodTypeAny,
{
action?: (...)
| (...)
| (...);
comment?: (...) | (...);
conditions?: (...) | (...);
},
{
action?: (...)
| (...)
| (...);
comment?: (...) | (...);
conditions?: (...) | (...);
},
>,
"many",
>,
>;
bypass_configs: ZodOptional<
ZodArray<
ZodObject<
{ match_type: ZodString; uri: ZodOptional<(...)> },
"strip",
ZodTypeAny,
{ match_type: string; uri?: (...) | (...) },
{ match_type: string; uri?: (...) | (...) },
>,
"many",
>,
>;
crypto_key_configs: ZodOptional<
ZodArray<
ZodObject<
{ source: ZodOptional<(...)>; token_name: ZodOptional<(...)> },
"strip",
ZodTypeAny,
{ source?: (...) | (...); token_name?: (...) | (...) },
{ source?: (...) | (...); token_name?: (...) | (...) },
>,
"many",
>,
>;
name: ZodString;
},
"strip",
ZodTypeAny,
{
access_list_rules?: {
action?: "allow"
| "deny";
comment?: string;
conditions?: (...)[];
}[];
bypass_configs?: { match_type: string; uri?: string }[];
crypto_key_configs?: { source?: string; token_name?: string }[];
name: string;
},
{
access_list_rules?: {
action?: "allow"
| "deny";
comment?: string;
conditions?: (...)[];
}[];
bypass_configs?: { match_type: string; uri?: string }[];
crypto_key_configs?: { source?: string; token_name?: string }[];
name: string;
},
>,
"many",
>,
>;
credentials: ZodOptional<
ZodObject<
{ generic: ZodOptional<ZodRecord<ZodString, ZodUnknown>> },
"strip",
ZodTypeAny,
{ generic?: Record<string, unknown> },
{ generic?: Record<string, unknown> },
>,
>;
identity_providers: ZodOptional<
ZodArray<
ZodObject<
{
kind: ZodLiteral<"oauth">;
name: ZodString;
params: ZodUnion<
[
ZodObject<
{
authorization_url: ZodOptional<(...)>;
client_id: ZodOptional<(...)>;
client_secret: ZodOptional<(...)>;
driver: ZodOptional<(...)>;
realm: ZodOptional<(...)>;
scopes: ZodOptional<(...)>;
token_url: ZodOptional<(...)>;
},
"passthrough",
ZodTypeAny,
objectOutputType<
{
authorization_url: ...;
client_id: ...;
client_secret: ...;
driver: ...;
realm: ...;
scopes: ...;
token_url: ...;
},
ZodTypeAny,
"passthrough",
>,
objectInputType<
{
authorization_url: ...;
client_id: ...;
client_secret: ...;
driver: ...;
realm: ...;
scopes: ...;
token_url: ...;
},
ZodTypeAny,
"passthrough",
>,
>,
ZodObject<
{
client_id: ZodOptional<(...)>;
client_secret: ZodOptional<(...)>;
driver: ZodOptional<(...)>;
metadata_url: ZodOptional<(...)>;
realm: ZodOptional<(...)>;
scopes: ZodOptional<(...)>;
},
"passthrough",
ZodTypeAny,
objectOutputType<
{
client_id: ...;
client_secret: ...;
driver: ...;
metadata_url: ...;
realm: ...;
scopes: ...;
},
ZodTypeAny,
"passthrough",
>,
objectInputType<
{
client_id: ...;
client_secret: ...;
driver: ...;
metadata_url: ...;
realm: ...;
scopes: ...;
},
ZodTypeAny,
"passthrough",
>,
>,
],
>;
},
"strip",
ZodTypeAny,
{
kind: "oauth";
name: string;
params: | objectOutputType<
{
authorization_url: ZodOptional<ZodString>;
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<(...), (...)>>;
token_url: ZodOptional<ZodString>;
},
ZodTypeAny,
"passthrough",
>
| objectOutputType<
{
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
metadata_url: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<(...), (...)>>;
},
ZodTypeAny,
"passthrough",
>;
},
{
kind: "oauth";
name: string;
params: | objectInputType<
{
authorization_url: ZodOptional<ZodString>;
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<(...), (...)>>;
token_url: ZodOptional<ZodString>;
},
ZodTypeAny,
"passthrough",
>
| objectInputType<
{
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
metadata_url: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<(...), (...)>>;
},
ZodTypeAny,
"passthrough",
>;
},
>,
"many",
>,
>;
identity_stores: ZodOptional<
ZodArray<
ZodDiscriminatedUnion<
"kind",
[
ZodObject<
{
kind: ZodLiteral<"local">;
name: ZodString;
params: ZodObject<
{ path: ZodString; realm: ZodOptional<(...)> },
"strip",
ZodTypeAny,
{ path: string; realm?: (...) | (...) },
{ path: string; realm?: (...) | (...) },
>;
},
"strip",
ZodTypeAny,
{
kind: "local";
name: string;
params: { path: string; realm?: string };
},
{
kind: "local";
name: string;
params: { path: string; realm?: string };
},
>,
ZodObject<
{
kind: ZodLiteral<"ldap">;
name: ZodString;
params: ZodObject<
{
bind_password: ZodOptional<(...)>;
bind_username: ZodOptional<(...)>;
groups: ZodOptional<(...)>;
realm: ZodOptional<(...)>;
search_base_dn: ZodOptional<(...)>;
search_user_filter: ZodOptional<(...)>;
servers: ZodOptional<(...)>;
},
"passthrough",
ZodTypeAny,
objectOutputType<
{
bind_password: ...;
bind_username: ...;
groups: ...;
realm: ...;
search_base_dn: ...;
search_user_filter: ...;
servers: ...;
},
ZodTypeAny,
"passthrough",
>,
objectInputType<
{
bind_password: ...;
bind_username: ...;
groups: ...;
realm: ...;
search_base_dn: ...;
search_user_filter: ...;
servers: ...;
},
ZodTypeAny,
"passthrough",
>,
>;
},
"strip",
ZodTypeAny,
{
kind: "ldap";
name: string;
params: {
bind_password?: (...)
| (...);
bind_username?: (...) | (...);
groups?: (...) | (...);
realm?: (...) | (...);
search_base_dn?: (...) | (...);
search_user_filter?: (...) | (...);
servers?: (...) | (...);
} & { [k: string]: unknown };
},
{
kind: "ldap";
name: string;
params: {
bind_password?: (...)
| (...);
bind_username?: (...) | (...);
groups?: (...) | (...);
realm?: (...) | (...);
search_base_dn?: (...) | (...);
search_user_filter?: (...) | (...);
servers?: (...) | (...);
} & { [k: string]: unknown };
},
>,
],
>,
"many",
>,
>;
},
"strip",
ZodTypeAny,
{
authentication_portals?: {
cookie_config?: {
domains?: Record<
string,
{
insecure?: (...)
| (...)
| (...);
lifetime?: (...) | (...);
same_site?: (...) | (...);
},
>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
};
identity_providers?: string[];
identity_stores?: string[];
name: string;
ui?: { custom_css?: string; logo_url?: string; theme?: string };
user_transformer_configs?: Record<string, unknown>[];
}[];
authorization_policies?: {
access_list_rules?: {
action?: "allow"
| "deny";
comment?: string;
conditions?: string[];
}[];
bypass_configs?: { match_type: string; uri?: string }[];
crypto_key_configs?: { source?: string; token_name?: string }[];
name: string;
}[];
credentials?: { generic?: Record<string, unknown> };
identity_providers?: {
kind: "oauth";
name: string;
params:
| objectOutputType<
{
authorization_url: ZodOptional<ZodString>;
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
token_url: ZodOptional<ZodString>;
},
ZodTypeAny,
"passthrough",
>
| objectOutputType<
{
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
metadata_url: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
},
ZodTypeAny,
"passthrough",
>;
}[];
identity_stores?: (
| {
kind: "local";
name: string;
params: { path: string; realm?: string };
}
| {
kind: "ldap";
name: string;
params: {
bind_password?: string;
bind_username?: string;
groups?: { dn: ...; roles?: ... }[];
realm?: string;
search_base_dn?: string;
search_user_filter?: string;
servers?: { address: ...; port?: ... }[];
} & { [k: string]: unknown };
}
)[];
},
{
authentication_portals?: {
cookie_config?: {
domains?: Record<
string,
{
insecure?: (...)
| (...)
| (...);
lifetime?: (...) | (...);
same_site?: (...) | (...);
},
>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
};
identity_providers?: string[];
identity_stores?: string[];
name: string;
ui?: { custom_css?: string; logo_url?: string; theme?: string };
user_transformer_configs?: Record<string, unknown>[];
}[];
authorization_policies?: {
access_list_rules?: {
action?: "allow"
| "deny";
comment?: string;
conditions?: string[];
}[];
bypass_configs?: { match_type: string; uri?: string }[];
crypto_key_configs?: { source?: string; token_name?: string }[];
name: string;
}[];
credentials?: { generic?: Record<string, unknown> };
identity_providers?: {
kind: "oauth";
name: string;
params:
| objectInputType<
{
authorization_url: ZodOptional<ZodString>;
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
token_url: ZodOptional<ZodString>;
},
ZodTypeAny,
"passthrough",
>
| objectInputType<
{
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
metadata_url: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
},
ZodTypeAny,
"passthrough",
>;
}[];
identity_stores?: (
| {
kind: "local";
name: string;
params: { path: string; realm?: string };
}
| {
kind: "ldap";
name: string;
params: {
bind_password?: string;
bind_username?: string;
groups?: { dn: ...; roles?: ... }[];
realm?: string;
search_base_dn?: string;
search_user_filter?: string;
servers?: { address: ...; port?: ... }[];
} & { [k: string]: unknown };
}
)[];
},
> = ...
Security configuration schema
Validates the config object at
/config/apps/security/config