config/application.yml.default
# This file is used by the IdentityConfig class
# The defaults set in this file are used as the basis for configuration in all
# production and development environments. On deployed EC2 servers, we run
# deploy/activate to generate the final application.yml using this file for
# defaults and deep merging any overrides set in the application.yml from the
# app secrets S3 bucket. Deployed EC2 servers always set RAILS_ENV=production,
# so they will use values from top-level and from the production block.
# Be sure to restart your server when you modify this file.
# Make sure the secrets in this file are kept private
# if you're sharing your code publicly.
# Make sure any new entries you add are enclosed in single quotes.
aamva_auth_request_timeout: 5.0
aamva_auth_url: 'https://example.org:12345/auth/url'
aamva_cert_enabled: true
aamva_supported_jurisdictions: '["AL","AR","AZ","CO","CT","DC","DE","FL","GA","HI","IA","ID","IL","IN","KS","KY","MA","MD","ME","MI","MO","MS","MT","NC","ND","NE","NJ","NM","NV","OH","OR","PA","RI","SC","SD","TN","TX","VA","VT","WA","WI","WV","WY"]'
aamva_verification_request_timeout: 5.0
aamva_verification_url: https://example.org:12345/verification/url
account_creation_device_profiling: disabled
account_reset_fraud_user_wait_period_days:
account_reset_token_valid_for_days: 1
account_reset_wait_period_days: 1
account_suspended_support_code: EFGHI
# These are publicly available credentials used to initialize the client-side Acuant SDK
acuant_sdk_initialization_creds: 'aWRzY2FuZ293ZWJAYWN1YW50Y29ycC5jb206NVZLcm81Z0JEc1hrdFh2NA=='
acuant_sdk_initialization_endpoint: 'https://us.acas.acuant.net'
add_email_link_valid_for_hours: 24
address_identity_proofing_supported_country_codes: '["AS", "GU", "MP", "PR", "US", "VI"]'
all_redirect_uris_cache_duration_minutes: 2
allowed_biometric_ial_providers: '[]'
allowed_ialmax_providers: '[]'
allowed_valid_authn_contexts_semantic_providers: '[]'
allowed_verified_within_providers: '[]'
asset_host: ''
async_stale_job_timeout_seconds: 300
async_wait_timeout_seconds: 60
available_locales: 'en,es,fr,zh'
aws_http_retry_limit: 2
aws_http_retry_max_delay: 1
aws_http_timeout: 5
aws_kms_client_contextless_pool_size: 5
aws_kms_client_multi_pool_size: 5
aws_kms_key_id: alias/login-dot-gov-test-keymaker
aws_kms_multi_region_key_id: alias/login-dot-gov-keymaker-multi-region
aws_kms_session_key_id: alias/login-dot-gov-test-keymaker
aws_logo_bucket: ''
aws_region: 'us-west-2'
backup_code_cost: '2000$8$1$'
backup_code_user_id_per_ip_attempt_window_exponential_factor: 1.1
backup_code_user_id_per_ip_attempt_window_in_minutes: 720
backup_code_user_id_per_ip_attempt_window_max_minutes: 43_200
backup_code_user_id_per_ip_max_attempts: 50
biometric_ial_enabled: true
broken_personal_key_window_finish: '2021-09-22T00:00:00Z'
broken_personal_key_window_start: '2021-07-29T00:00:00Z'
check_user_password_compromised_enabled: false
component_previews_embed_frame_ancestors: '[]'
component_previews_enabled: false
compromised_password_randomizer_threshold: 900
compromised_password_randomizer_value: 1000
country_phone_number_overrides: '{}'
database_advisory_locks_enabled: false
database_host: ''
database_name: ''
database_password: ''
database_pool_idp: 5
database_prepared_statements_enabled: false
database_read_replica_host: ''
database_readonly_password: ''
database_readonly_username: ''
database_socket: ''
database_sslmode: 'verify-full'
database_statement_timeout: 2_500
database_timeout: 5_000
database_username: ''
database_worker_jobs_host: ''
database_worker_jobs_name: ''
database_worker_jobs_password: ''
database_worker_jobs_sslmode: 'verify-full'
database_worker_jobs_username: ''
deleted_user_accounts_report_configs: '[]'
deliver_mail_async: false
development_mailer_deliver_method: letter_opener
disable_email_sending: true
disable_logout_get_request: true
disposable_email_services: '[]'
doc_auth_attempt_window_in_minutes: 360
doc_auth_check_failed_image_resubmission_enabled: true
doc_auth_client_glare_threshold: 50
doc_auth_client_sharpness_threshold: 50
doc_auth_error_dpi_threshold: 290
doc_auth_error_glare_threshold: 40
doc_auth_error_sharpness_threshold: 40
doc_auth_max_attempts: 5
doc_auth_max_capture_attempts_before_native_camera: 3
doc_auth_max_submission_attempts_before_native_camera: 3
doc_auth_selfie_desktop_test_mode: false
doc_auth_separate_pages_enabled: false
doc_auth_supported_country_codes: '["US", "GU", "VI", "AS", "MP", "PR", "USA" ,"GUM", "VIR", "ASM", "MNP", "PRI"]'
doc_auth_vendor: 'mock'
doc_auth_vendor_default: 'mock'
doc_auth_vendor_lexis_nexis_percent: 100 # note, LN is currently the default vendor
doc_auth_vendor_socure_percent: 0
doc_auth_vendor_switching_enabled: false
doc_capture_polling_enabled: true
doc_capture_request_valid_for_minutes: 15
drop_off_report_config: '[{"emails":["ursula@example.com"],"issuers": ["urn:gov:gsa:openidconnect.profiles:sp:sso:agency_name:app_name"]}]'
email_from: no-reply@login.gov
email_from_display_name: Login.gov
email_registrations_per_ip_limit: 20
email_registrations_per_ip_period: 20
email_registrations_per_ip_track_only_mode: false
enable_add_mfa_redirect_for_personal_key: false
enable_load_testing_mode: false
enable_rate_limiting: true
enable_test_routes: true
enable_usps_verification: true
event_disavowal_expiration_hours: 240
feature_idv_force_gpo_verification_enabled: false
feature_idv_hybrid_flow_enabled: true
feature_select_email_to_share_enabled: true
feature_valid_authn_contexts_semantic_enabled: true
geo_data_file_path: 'geo_data/GeoLite2-City.mmdb'
get_usps_proofing_results_job_cron: '0/30 * * * *'
get_usps_proofing_results_job_reprocess_delay_minutes: 5
get_usps_proofing_results_job_request_delay_milliseconds: 1000
get_usps_ready_proofing_results_job_cron: '0/10 * * * *'
get_usps_waiting_proofing_results_job_cron: '0/30 * * * *'
good_job_max_threads: 5
good_job_queue_select_limit: 5_000
good_job_queues: 'default:5;low:1;*'
gpo_designated_receiver_pii: '{}'
gpo_max_profile_age_to_send_letter_in_days: 30
hide_phone_mfa_signup: false
identity_pki_disabled: false
identity_pki_local_dev: false
idv_acuant_sdk_upgrade_a_b_testing_enabled: false
idv_acuant_sdk_upgrade_a_b_testing_percent: 50
idv_acuant_sdk_version_alternate: '11.9.2'
idv_acuant_sdk_version_default: '11.9.3'
idv_attempt_window_in_hours: 6
idv_available: true
idv_contact_phone_number: (844) 555-5555
idv_max_attempts: 5
idv_min_age_years: 13
idv_send_link_attempt_window_in_minutes: 10
idv_send_link_max_attempts: 5
idv_socure_shadow_mode_enabled: false
idv_sp_required: false
in_person_completion_survey_url: 'https://login.gov'
in_person_doc_auth_button_enabled: true
in_person_eipp_enrollment_validity_in_days: 7
in_person_email_reminder_early_benchmark_in_days: 11
in_person_email_reminder_final_benchmark_in_days: 1
in_person_email_reminder_late_benchmark_in_days: 4
in_person_enrollment_validity_in_days: 30
in_person_enrollments_ready_job_cron: '0/10 * * * *'
in_person_enrollments_ready_job_email_body_pattern: '\A\s*(?<enrollment_code>\d{16})\s*\Z'
in_person_enrollments_ready_job_enabled: false
in_person_enrollments_ready_job_max_number_of_messages: 10
in_person_enrollments_ready_job_queue_url: ''
in_person_enrollments_ready_job_visibility_timeout_seconds: 30
in_person_enrollments_ready_job_wait_time_seconds: 20
in_person_full_address_entry_enabled: true
in_person_opt_in_available_completion_survey_url: 'https://handbook.login.gov'
in_person_outage_emailed_by_date: 'November 1, 2024'
# in_person_outage_expected_update_date and in_person_outage_emailed_by_date below
# are strings in the format 'Month day, year'
in_person_outage_expected_update_date: 'October 31, 2024'
in_person_outage_message_enabled: false
in_person_proofing_enabled: false
in_person_proofing_enforce_tmx: false
in_person_proofing_opt_in_enabled: false
in_person_public_address_search_enabled: false
in_person_results_delay_in_hours: 1
in_person_send_proofing_notifications_enabled: false
in_person_state_id_controller_enabled: false
in_person_stop_expiring_enrollments: false
invalid_gpo_confirmation_zipcode: '00001'
# LexisNexis #####################################################
# Instant Verify and Phone Finder Integrations
lexisnexis_account_id: test_account
lexisnexis_base_url: https://www.example.com
lexisnexis_hmac_auth_enabled: false
lexisnexis_hmac_key_id: pf_iv_hmac_key_id
lexisnexis_hmac_secret_key: pf_iv_hmac_secret_key
lexisnexis_instant_verify_timeout: 1.0
lexisnexis_instant_verify_workflow: gsa2.chk32.test.wf
lexisnexis_password: test_password
lexisnexis_phone_finder_timeout: 1.0
lexisnexis_phone_finder_workflow: customers.gsa2.phonefinder.workflow
lexisnexis_request_mode: testing
###################################################################
# LexisNexis DDP/ThreatMetrix #####################################
lexisnexis_threatmetrix_js_signing_cert: ''
lexisnexis_threatmetrix_mock_enabled: true
lexisnexis_threatmetrix_support_code: ABCD
lexisnexis_threatmetrix_timeout: 1.0
# TrueID DocAuth Integration
lexisnexis_trueid_account_id: '12345'
lexisnexis_trueid_hmac_key_id: trueid_hmac_key_id
lexisnexis_trueid_hmac_secret_key: trueid_hmac_secret_key
lexisnexis_trueid_liveness_cropping_workflow: customers.gsa2.trueid.workflow
lexisnexis_trueid_liveness_nocropping_workflow: customers.gsa2.trueid.workflow
lexisnexis_trueid_noliveness_cropping_workflow: customers.gsa2.trueid.workflow
lexisnexis_trueid_noliveness_nocropping_workflow: customers.gsa2.trueid.workflow
lexisnexis_trueid_password: test_password
lexisnexis_trueid_timeout: 60.0
lexisnexis_trueid_username: test_username
lexisnexis_username: test_username
###################################################################
lockout_period_in_minutes: 10
log_to_stdout: false
login_otp_confirmation_max_attempts: 10
logins_per_email_and_ip_bantime: 60
logins_per_email_and_ip_limit: 5
logins_per_email_and_ip_period: 60
logins_per_ip_period: 60
logins_per_ip_track_only_mode: false
logo_upload_enabled: false
mailer_domain_name: http://localhost:3000
max_auth_apps_per_account: 2
max_bad_passwords: 5
max_bad_passwords_window_in_seconds: 60
max_emails_per_account: 12
max_mail_events: 4
max_mail_events_window_in_days: 30
max_phone_numbers_per_account: 5
max_piv_cac_per_account: 2
mfa_report_config: '[]'
min_password_score: 3
minimum_wait_before_another_usps_letter_in_hours: 24
mx_timeout: 3
new_device_alert_delay_in_minutes: 5
newrelic_license_key: ''
openid_connect_content_security_form_action_enabled: false
openid_connect_redirect: client_side_js
openid_connect_redirect_issuer_override_map: '{}'
openid_connect_redirect_uuid_override_map: '{}'
otp_delivery_blocklist_maxretry: 10
otp_expiration_warning_seconds: 150
otp_min_attempts_remaining_warning_count: 3
otp_valid_for: 10
otps_per_ip_limit: 25
otps_per_ip_period: 300
otps_per_ip_track_only_mode: true
outbound_connection_check_retry_count: 2
outbound_connection_check_timeout: 5
outbound_connection_check_url: 'https://checkip.amazonaws.com'
participate_in_dap: false
password_max_attempts: 3
personal_key_retired: true
phone_carrier_registration_blocklist_array: '[]'
phone_confirmation_max_attempt_window_in_minutes: 1_440
phone_confirmation_max_attempts: 20
phone_recaptcha_country_score_overrides: '{"AS":0.0,"GU":0.0,"MP":0.0,"PR":0.0,"US":0.0,"VI":0.0,"CA":0.0,"MX":0.0}'
phone_recaptcha_score_threshold: 0.0
phone_service_check: true
phone_setups_per_ip_limit: 25
phone_setups_per_ip_period: 300
phone_setups_per_ip_track_only_mode: false
pii_lock_timeout_in_minutes: 30
pinpoint_sms_configs: '[]'
pinpoint_sms_sender_id: 'aaa'
pinpoint_voice_configs: '[]'
pinpoint_voice_pool_size: 5
piv_cac_service_timeout: 5.0
piv_cac_service_url: https://localhost:8443/
piv_cac_verify_token_url: https://localhost:8443/
poll_rate_for_verify_in_seconds: 3
prometheus_exporter: false
proof_address_max_attempt_window_in_minutes: 360
proof_address_max_attempts: 5
proof_ssn_max_attempt_window_in_minutes: 60
proof_ssn_max_attempts: 10
proofer_mock_fallback: true
proofing_device_profiling: enabled
protocols_report_config: '[]'
push_notifications_enabled: false
pwned_passwords_file_path: 'pwned_passwords/pwned_passwords.txt'
rack_mini_profiler: false
rack_timeout_service_timeout_seconds: 15
rails_mailer_previews_enabled: false
raise_on_component_validation_error: true
raise_on_missing_title: false
reauthn_window: 1200
recaptcha_enterprise_api_key: ''
recaptcha_enterprise_project_id: ''
recaptcha_mock_validator: true
recaptcha_secret_key: ''
recaptcha_site_key: ''
recovery_code_length: 4
redis_pool_size: 10
redis_throttle_pool_size: 5
redis_throttle_url: redis://localhost:6379/1
redis_url: redis://localhost:6379/0
reg_confirmed_email_max_attempts: 20
reg_confirmed_email_window_in_minutes: 60
reg_unconfirmed_email_max_attempts: 20
reg_unconfirmed_email_window_in_minutes: 60
reject_id_token_hint_in_logout: false
remember_device_expiration_hours_aal_1: 720
remember_device_expiration_minutes_aal_2: 0
report_timeout: 0
requests_per_ip_cidr_allowlist: ''
requests_per_ip_limit: 300
requests_per_ip_path_prefixes_allowlist: ''
requests_per_ip_period: 300
requests_per_ip_track_only_mode: false
reset_password_email_max_attempts: 20
reset_password_email_window_in_minutes: 60
reset_password_on_auth_fraud_event: true
risc_notifications_local_enabled: false
risc_notifications_rate_limit_interval: 60
risc_notifications_rate_limit_max_requests: 1_000
risc_notifications_rate_limit_overrides: '{"https://example.com/push":{"interval":120,"max_requests":10000}}'
risc_notifications_request_timeout: 3
ruby_workers_idv_enabled: true
rules_of_use_horizon_years: 5
rules_of_use_updated_at: '2022-01-19T00:00:00Z' # Production has a newer timestamp than this, update directly in S3
s3_public_reports_enabled: false
s3_reports_enabled: false
saml_secret_rotation_enabled: false
second_mfa_reminder_account_age_in_days: 30
second_mfa_reminder_sign_in_count: 10
seed_agreements_data: true
service_provider_request_ttl_hours: 24
ses_configuration_set_name: ''
session_check_delay: 30
session_check_frequency: 30
session_encryptor_alert_enabled: false
session_timeout_in_minutes: 15
session_timeout_warning_seconds: 150
session_total_duration_timeout_in_minutes: 720
short_term_phone_otp_max_attempt_window_in_seconds: 10
short_term_phone_otp_max_attempts: 2
show_unsupported_passkey_platform_authentication_setup: false
show_user_attribute_deprecation_warnings: false
sign_in_recaptcha_percent_tested: 0
sign_in_recaptcha_score_threshold: 0.0
sign_in_user_id_per_ip_attempt_window_exponential_factor: 1.1
sign_in_user_id_per_ip_attempt_window_in_minutes: 720
sign_in_user_id_per_ip_attempt_window_max_minutes: 43_200
sign_in_user_id_per_ip_max_attempts: 50
socure_idplus_api_key: ''
socure_idplus_base_url: ''
socure_idplus_timeout_in_seconds: 5
socure_webhook_enabled: false
socure_webhook_secret_key: ''
socure_webhook_secret_key_queue: '[]'
sp_handoff_bounce_max_seconds: 2
sp_issuer_user_counts_report_configs: '[]'
team_ada_email: ''
team_all_login_emails: '[]'
team_daily_fraud_metrics_emails: '[]'
team_daily_reports_emails: '[]'
team_monthly_fraud_metrics_emails: '[]'
team_ursula_email: ''
test_ssn_allowed_list: ''
totp_code_interval: 30
unauthorized_scope_enabled: false
use_dashboard_service_providers: false
use_fed_domain_class: false
use_kms: false
use_vot_in_sp_requests: true
usps_auth_token_refresh_job_enabled: false
usps_confirmation_max_days: 30
usps_eipp_sponsor_id: ''
usps_ipp_client_id: ''
usps_ipp_enrollment_status_update_email_address: 'no-reply@login.gov'
usps_ipp_password: ''
usps_ipp_request_timeout: 10
usps_ipp_root_url: ''
usps_ipp_sponsor_id: ''
usps_ipp_transliteration_enabled: false
usps_ipp_username: ''
usps_mock_fallback: true
usps_upload_enabled: false
usps_upload_sftp_timeout: 5
valid_authn_contexts: '["http://idmanagement.gov/ns/assurance/loa/1", "http://idmanagement.gov/ns/assurance/loa/3", "http://idmanagement.gov/ns/assurance/ial/1", "http://idmanagement.gov/ns/assurance/ial/2", "http://idmanagement.gov/ns/assurance/ial/0", "http://idmanagement.gov/ns/assurance/ial/2?strict=true", "http://idmanagement.gov/ns/assurance/ial/2?bio=preferred", "http://idmanagement.gov/ns/assurance/ial/2?bio=required", "urn:gov:gsa:ac:classes:sp:PasswordProtectedTransport:duo", "http://idmanagement.gov/ns/assurance/aal/2", "http://idmanagement.gov/ns/assurance/aal/3", "http://idmanagement.gov/ns/assurance/aal/3?hspd12=true","http://idmanagement.gov/ns/assurance/aal/2?phishing_resistant=true","http://idmanagement.gov/ns/assurance/aal/2?hspd12=true"]'
valid_authn_contexts_semantic: '["http://idmanagement.gov/ns/assurance/loa/1", "http://idmanagement.gov/ns/assurance/loa/3", "http://idmanagement.gov/ns/assurance/ial/1", "http://idmanagement.gov/ns/assurance/ial/2", "http://idmanagement.gov/ns/assurance/ial/0", "http://idmanagement.gov/ns/assurance/ial/2?strict=true", "http://idmanagement.gov/ns/assurance/ial/2?bio=preferred", "http://idmanagement.gov/ns/assurance/ial/2?bio=required", "urn:gov:gsa:ac:classes:sp:PasswordProtectedTransport:duo", "http://idmanagement.gov/ns/assurance/aal/2", "http://idmanagement.gov/ns/assurance/aal/3", "http://idmanagement.gov/ns/assurance/aal/3?hspd12=true","http://idmanagement.gov/ns/assurance/aal/2?phishing_resistant=true","http://idmanagement.gov/ns/assurance/aal/2?hspd12=true", "urn:acr.login.gov:auth-only", "urn:acr.login.gov:verified","urn:acr.login.gov:verified-facial-match-preferred","urn:acr.login.gov:verified-facial-match-required"]'
vendor_status_idv_scheduled_maintenance_finish: ''
vendor_status_idv_scheduled_maintenance_start: ''
vendor_status_lexisnexis_instant_verify: 'operational'
vendor_status_lexisnexis_phone_finder: 'operational'
vendor_status_lexisnexis_trueid: 'operational'
vendor_status_sms: 'operational'
vendor_status_voice: 'operational'
verification_errors_report_configs: '[]'
verify_gpo_key_attempt_window_in_minutes: 10
verify_gpo_key_max_attempts: 5
verify_personal_key_attempt_window_in_minutes: 15
verify_personal_key_max_attempts: 5
version_headers_enabled: false
voice_otp_pause_time: '0.5s'
voice_otp_speech_rate: 'slow'
vtm_url: 'https://developer.login.gov/vot-trust-framework'
weekly_auth_funnel_report_config: '[]'
development:
aamva_private_key: 123abc
aamva_public_key: 123abc
account_creation_device_profiling: collect_only
attribute_encryption_key: 2086dfbd15f5b0c584f3664422a1d3409a0d2aa6084f65b6ba57d64d4257431c124158670c7655e45cabe64194f7f7b6c7970153c285bdb8287ec0c4f7553e25
attribute_encryption_key_queue: '[{ "key": "11111111111111111111111111111111" }, { "key": "22222222222222222222222222222222" }]'
check_user_password_compromised_enabled: true
component_previews_embed_frame_ancestors: '["http://localhost:4000"]'
component_previews_enabled: true
compromised_password_randomizer_threshold: 0
compromised_password_randomizer_value: 1
dashboard_api_token: test_token
dashboard_url: http://localhost:3001/api/service_providers
doc_auth_selfie_desktop_test_mode: true
domain_name: localhost:3000
enable_rate_limiting: false
hmac_fingerprinter_key: a2c813d4dca919340866ba58063e4072adc459b767a74cf2666d5c1eef3861db26708e7437abde1755eb24f4034386b0fea1850a1cb7e56bff8fae3cc6ade96c
hmac_fingerprinter_key_queue: '["11111111111111111111111111111111", "22222222222222222222222222222222"]'
identity_pki_local_dev: true
in_person_proofing_enabled: true
in_person_proofing_enforce_tmx: true
in_person_proofing_opt_in_enabled: true
in_person_send_proofing_notifications_enabled: true
logins_per_ip_limit: 5
logo_upload_enabled: true
otp_delivery_blocklist_findtime: 5
password_pepper: f22d4b2cafac9066fe2f4416f5b7a32c
phone_recaptcha_score_threshold: 0.5
piv_cac_verify_token_secret: ee7f20f44cdc2ba0c6830f70470d1d1d059e1279cdb58134db92b35947b1528ef5525ece5910cf4f2321ab989a618feea12ef95711dbc62b9601e8520a34ee12
push_notifications_enabled: true
rack_timeout_service_timeout_seconds: 9_999_999_999
rails_mailer_previews_enabled: true
raise_on_missing_title: true
risc_notifications_local_enabled: true
s3_report_bucket_prefix: ''
s3_report_public_bucket_prefix: ''
saml_endpoint_configs: '[{"suffix":"2023","secret_key_passphrase":"trust-but-verify"},{"suffix":"2024","secret_key_passphrase":"trust-but-verify"}]'
scrypt_cost: 10000$8$1$
secret_key_base: development_secret_key_base
session_encryption_key: 27bad3c25711099429c1afdfd1890910f3b59f5a4faec1c85e945cb8b02b02f261ba501d99cfbb4fab394e0102de6fecf8ffe260f322f610db3e96b2a775c120
show_unsupported_passkey_platform_authentication_setup: true
sign_in_recaptcha_percent_tested: 100
sign_in_recaptcha_score_threshold: 0.3
skip_encryption_allowed_list: '["urn:gov:gsa:SAML:2.0.profiles:sp:sso:localhost"]'
socure_idplus_base_url: 'https://sandbox.socure.us'
state_tracking_enabled: true
telephony_adapter: test
use_dashboard_service_providers: true
use_fed_domain_class: true
usps_eipp_sponsor_id: '222222222222222'
usps_ipp_sponsor_id: '111111111111111'
usps_ipp_transliteration_enabled: true
usps_upload_sftp_directory: '/gsa_order'
usps_upload_sftp_host: localhost
usps_upload_sftp_password: test
usps_upload_sftp_username: brady
# These values serve as defaults for all production-like environments, which
# includes *.identitysandbox.gov and *.login.gov.
#
production:
aamva_auth_url: 'https://authentication-cert.aamva.org/Authentication/Authenticate.svc'
aamva_private_key: ''
aamva_public_key: ''
aamva_verification_url: 'https://verificationservices-cert.aamva.org:18449/dldv/2.1/online'
attribute_encryption_key:
attribute_encryption_key_queue: '[]'
available_locales: 'en,es,fr'
biometric_ial_enabled: false
dashboard_api_token: ''
dashboard_url: https://dashboard.demo.login.gov
disable_email_sending: false
disable_logout_get_request: false
domain_name: login.gov
email_registrations_per_ip_track_only_mode: true
enable_test_routes: false
enable_usps_verification: false
feature_select_email_to_share_enabled: false
feature_valid_authn_contexts_semantic_enabled: false
hmac_fingerprinter_key:
hmac_fingerprinter_key_queue: '[]'
idv_sp_required: true
invalid_gpo_confirmation_zipcode: ''
lexisnexis_threatmetrix_mock_enabled: false
logins_per_ip_limit: 20
logins_per_ip_period: 20
logins_per_ip_track_only_mode: true
openid_connect_content_security_form_action_enabled: true
openid_connect_redirect: server_side
otp_delivery_blocklist_findtime: 5
participate_in_dap: true
password_pepper:
piv_cac_verify_token_secret:
raise_on_component_validation_error: false
recaptcha_mock_validator: false
redis_throttle_url: redis://redis.login.gov.internal:6379/1
redis_url: redis://redis.login.gov.internal:6379
report_timeout: 1_000_000
ruby_workers_idv_enabled: false
s3_report_bucket_prefix: login-gov.reports
s3_report_public_bucket_prefix: login-gov-pubdata
s3_reports_enabled: true
saml_endpoint_configs: '[]'
scrypt_cost: 10000$8$1$
secret_key_base:
seed_agreements_data: false
session_encryption_key:
session_encryptor_alert_enabled: true
skip_encryption_allowed_list: '["urn:gov:gsa:SAML:2.0.profiles:sp:sso:dev", "urn:gov:gsa:SAML:2.0.profiles:sp:sso:int"]'
state_tracking_enabled: false
telephony_adapter: pinpoint
use_kms: true
usps_auth_token_refresh_job_enabled: true
usps_upload_sftp_directory: ''
usps_upload_sftp_host: ''
usps_upload_sftp_password: ''
usps_upload_sftp_username: ''
test:
aamva_private_key: 123abc
aamva_public_key: 123abc
account_reset_fraud_user_wait_period_days: 30
attribute_encryption_key: 2086dfbd15f5b0c584f3664422a1d3409a0d2aa6084f65b6ba57d64d4257431c124158670c7655e45cabe64194f7f7b6c7970153c285bdb8287ec0c4f7553e25
attribute_encryption_key_queue: '[{ "key": "11111111111111111111111111111111" }, { "key": "22222222222222222222222222222222" }]'
dashboard_api_token: 123ABC
dashboard_url: https://dashboard.demo.login.gov
doc_auth_max_attempts: 4
doc_auth_selfie_desktop_test_mode: true
doc_capture_polling_enabled: false
domain_name: www.example.com
email_registrations_per_ip_limit: 3
hmac_fingerprinter_key: a2c813d4dca919340866ba58063e4072adc459b767a74cf2666d5c1eef3861db26708e7437abde1755eb24f4034386b0fea1850a1cb7e56bff8fae3cc6ade96c
hmac_fingerprinter_key_queue: '["old-key-one", "old-key-two"]'
identity_pki_disabled: true
in_person_state_id_controller_enabled: true
lexisnexis_trueid_account_id: 'test_account'
lockout_period_in_minutes: 5
logins_per_email_and_ip_limit: 2
logins_per_ip_limit: 3
max_mail_events: 2
otp_delivery_blocklist_findtime: 1
otp_delivery_blocklist_maxretry: 2
otp_min_attempts_remaining_warning_count: 1
otps_per_ip_limit: 3
otps_per_ip_period: 10
otps_per_ip_track_only_mode: false
password_pepper: f22d4b2cafac9066fe2f4416f5b7a32c
phone_confirmation_max_attempt_window_in_minutes: 10
phone_confirmation_max_attempts: 5
phone_setups_per_ip_limit: 3
phone_setups_per_ip_period: 10
piv_cac_verify_token_secret: 3ac13bfa23e22adae321194c083e783faf89469f6f85dcc0802b27475c94b5c3891b5657bd87d0c1ad65de459166440512f2311018db90d57b15d8ab6660748f
poll_rate_for_verify_in_seconds: 0
raise_on_missing_title: true
reg_confirmed_email_max_attempts: 3
reg_unconfirmed_email_max_attempts: 4
reg_unconfirmed_email_window_in_minutes: 70
requests_per_ip_cidr_allowlist: '172.16.0.0/12'
requests_per_ip_limit: 4
requests_per_ip_period: 60
reset_password_email_max_attempts: 5
reset_password_email_window_in_minutes: 80
s3_report_bucket_prefix: ''
s3_report_public_bucket_prefix: ''
saml_endpoint_configs: '[{"suffix":"2024","secret_key_passphrase":"trust-but-verify"},{"suffix":"2023","secret_key_passphrase":"trust-but-verify","comment":"this extra year is needed to demonstrate how handling multiple live years works in spec/requests/saml_requests_spec.rb"}]'
scrypt_cost: 800$8$1$
secret_key_base: test_secret_key_base
session_encryption_key: 27bad3c25711099429c1afdfd1890910f3b59f5a4faec1c85e945cb8b02b02f261ba501d99cfbb4fab394e0102de6fecf8ffe260f322f610db3e96b2a775c120
short_term_phone_otp_max_attempts: 100
skip_encryption_allowed_list: '[]'
socure_webhook_secret_key: 'secret-key'
socure_webhook_secret_key_queue: '["old-key-one", "old-key-two"]'
state_tracking_enabled: true
team_ada_email: 'ada@example.com'
team_all_login_emails: '["b@example.com", "c@example.com"]'
team_daily_fraud_metrics_emails: '["g@example.com", "h@example.com"]'
team_daily_reports_emails: '["a@example.com", "d@example.com"]'
team_monthly_fraud_metrics_emails: '["e@example.com", "f@example.com"]'
telephony_adapter: test
test_ssn_allowed_list: '999999999'
totp_code_interval: 3
use_fed_domain_class: true
usps_eipp_sponsor_id: '222222222222222'
usps_ipp_root_url: 'http://localhost:1000'
usps_ipp_sponsor_id: '111111111111111'
usps_upload_sftp_directory: '/directory'
usps_upload_sftp_host: example.com
usps_upload_sftp_password: pass
usps_upload_sftp_username: user
verify_gpo_key_attempt_window_in_minutes: 3
verify_gpo_key_max_attempts: 2
verify_personal_key_attempt_window_in_minutes: 3
verify_personal_key_max_attempts: 2