Versions Compared

Version Old Version 19 New Version 20
Changes made by

Oleksii Solodukhin

Oleksii Solodukhin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Variable

Description

Default Value

Required

Notes

JWT_SECRET

A secret string for encrypting access tokens. Ensure it is unique and secure.

None

Yes

There is no default value, set the arbitrary string or generate some random string.

SERVICE_USER_PASSWORD

Password for default system user which could be used on first install. After the backend service first starts, you will be able to login into the app via:

username: service-admin
password: SERVICE_USER_PASSWORD

None

Yes

Password for service user stores as a hashed string by bcryptjs. After user creation in Mongodb, you may remove this password from .env.

DB_HOST

MongoDB server's domain name or IP address.

apliqo-mongo

Yes

Inside the docker network, container names could be used as domain names to access the resource. If you are not using Docker for the MongoDB database, set the IP address or domain name as the value for this variable.

DB_USER

Username of a root user from which account would be created a connection to the MongoDB.

None

Yes

DB_PASSWORD

Password of a root user from which account would be created a connection to the MongoDB.

None

Yes

If you are using the default Apliqo UX setup. On first install DB_USER and DB_PASSWORD would be used to create a MongoDB user to access the database. This user would be stored in the admin database by default.

DB_CONNECTION_SCHEME

Description: MongoDB uses a connection variant.
There are 2 options:

mongodb - Standard Connection String Format. The standard format of the MongoDB connection URI is used to connect to a MongoDB deployment: standalone, replica set, or a sharded cluster.

mongodb+srv - DNS Seed List Connection Format. The +srv indicates to the client that the hostname that follows corresponds to a DNS SRV record.

mongodb

Yes

If you don't have your dedicated MongoDB server - use the default value.

REDIS_HOST

Hostname for the Redis database, used for caching and queues.

apliqo-redis

Yes

Inside the docker network, container names could be used as domain names to access the resource. If you are not using Docker for the Redis database, set an IP address or domain name as the value for this variable.

MONGO_DB_PORT_EXPOSE

Port on the machine where docker is running to access the MongoDB.
Set this variable to have the ability to access MongoDB from outside the docker network and to manage the DB by GUI tools (Mongo Compass, Studio 3T)

None

No

DB_NAME

Apliqo Content Store database name in MongoDB server.

apliqo-content-store

No

DB_PORT

MongoDB server's port.

27017

No

DB_AUTHSOURCE

Database inside MongoDB server which stores users and their permission in MongoDB.

admin

No

PORT

Port on which the backend server runs inside the Docker container.

4000

No

PORT_EXPOSE

Port on which the backend server is accessible from machine IP. Docker bridges PORT and PORT_EXPOSE.

4000

No

TM1_VERIFY_SSL

Variable to control the SSL verification for all TM1 API requests. Available values: 0 or 1
Set 1 if you want to enable the TM1 API SSL verification.
Set 0 if you want to disable the TM1 API SSL verification. (Could be used for TM1 with self-signed certificate)

0

No

Anchor
APLIQO_HOSTNAME
APLIQO_HOSTNAME
APLIQO_HOSTNAME

Variable which is used to create a redirect link for CAMPassport authentication.

Please make sure that the link doesn’t have slash ('/') and the end
https://apliqo-frontend-domain.com/ - Not Valid
https://apliqo-frontend-domain.com - Valid

None

No

...

Authentication

You may want to enable multiple authentication options to work together.

Apliqo allows authentication only when at least one of the TM1 instances designated as an authentication source successfully validates the credentials.

It is possible to configure multiple instances with various authentication methods. For example, if you want a specific instance to handle authentication for Apliqo, while other instances serve only as data models, you need to enable the authentication source setting only for the designated 'authentication' instance.

However, if certain reports rely on a TM1 instance that is not configured as an authentication source, you will not have an active TM1 session for that instance after logging in.

In such cases, the 'Login to Instance' dialog will appear, allowing you to log in to that instance. Even if you close the Apliqo tab in your browser, both sessions will remain cached. When you return, you will be able to access the reports without logging in again.

CAMPassport

To enable CAMPassport authentication you need:

  1. Add instance with CAMPassport authentication enabled

  2. Turn on the auth source switch button for this instance

  3. Open instance “Edit Dialog”

  4. Go to CAMPassport tab on a right side

  5. Check the link to your CAM Server
    By default, this link Apliqo take from WWW-Authenticate header

  6. Add APLQIO_HOSTNAME into the .env file follow the guide

  7. After editting .env use
    docker compose up -d --force-recreate apliqo-api
    This command restart the server with new environment variables changes

  8. Go to login page and “Login via SSO“ but should appear

CAMNamespace

To enable CAMNamespace authentication you need:

  1. Add instance with CAMNamespace authentication enabled

  2. Open instance “Edit Dialog”

  3. Go to CAMNamespace tab on a right side

  4. Add your supported namespaces into text field “Client CAMNamespaces“
    Use coma separation for multiple namespaces.

  5. Turn on the auth source switch button for this instance

  6. Go to login page, namespaces select dropdown should appear

Info

In case, you want to have Basic and CAMNamespace authentication options available together, leave Namespace select dropdown empty (in this case, Basic authentication will be used by default)


Troubleshooting

» MacOS with M1 chip peculiarities

...