Skip to content

Environment variables

The IAD Server's configuration is managed via environment variables. For Docker use the --env parameter when executing docker run, one for every environment variable:

docker run --env SERVER_ALLOW_CORS=true --env SERVER_SSL_ENABLED=true ...

All environment variables are optional. Click on the variable's name for more details.

Variable Default Description Variables to set before
IAD_SERVER_PIPELINE iad-capture Pipeline to use.
IAD_SERVER_REPLAY_ATTACK_CHECKER_ENABLED false Set to true to enable the replay attack checking.
IAD_SERVER_REPLAY_ATTACK_TOLERANCE_TIME 300 Allowable payload lifetime in seconds. IAD_SERVER_REPLAY_ATTACK_CHECKER_ENABLED
IAD_SERVER_ROOT_CHECKER_ENABLED true Set to false to disable ROOT checking on mobile devices.
IAD_SERVER_FACE_LIVENESS_ENABLE false Set to true to enable integration with IDLiveFace Server.
IAD_SERVER_FACE_LIVENESS_URL Full path to the face liveness check HTTP method. IAD_SERVER_FACE_LIVENESS_ENABLE
IAD_SERVER_FACE_LIVENESS_PIPELINE Pipeline to be used on IDLiveFace liveness check IAD_SERVER_FACE_LIVENESS_URL, IAD_SERVER_FACE_LIVENESS_ENABLE
IAD_SERVER_FACE_LIVENESS_CALIBRATION Calibration to be used on IDLiveFace liveness check IAD_SERVER_FACE_LIVENESS_URL, IAD_SERVER_FACE_LIVENESS_ENABLE
IAD_SERVER_FACE_LIVENESS_SSL_ENABLE false Enable interaction with IDLF Server over https IAD_SERVER_FACE_LIVENESS_URL, IAD_SERVER_FACE_LIVENESS_ENABLE
IAD_SERVER_FACE_LIVENESS_SSL_TRUST_STORE Path to a custom (not default) certificate for interaction with IDLF Server over https IAD_SERVER_FACE_LIVENESS_SSL_ENABLE
IAD_SERVER_FACE_LIVENESS_SSL_TRUST_STORE_PASSWORD Password for custom certificate IAD_SERVER_FACE_LIVENESS_SSL_ENABLE
Storage
IAD_SERVER_STORAGE_TYPE Type of the storage used to keep received payloads.
S3_BUCKET Name of S3 bucket. IAD_SERVER_STORAGE_TYPE
S3_REGION AWS region with S3 bucket. IAD_SERVER_STORAGE_TYPE
S3_TOKEN AWS Access Key ID. IAD_SERVER_STORAGE_TYPE
S3_SECRET AWS Secret Access Key. IAD_SERVER_STORAGE_TYPE
S3_PATH Optional path in S3 bucket. IAD_SERVER_STORAGE_TYPE
Security
SERVER_SSL_ENABLED false Switch HTTP to HTTPS.
SERVER_SSL_KEY_STORE Keystore file. SERVER_SSL_KEY_STORE_TYPE, SERVER_SSL_ENABLED
SERVER_SSL_KEY_STORE_TYPE PEM.MOD Type of keystore file.
SERVER_SSL_KEY_STORE_PASSWORD Keystore password SERVER_SSL_KEY_STORE
License manager
HASP_LICENSE_FILE Path to a license key file.
HASP_ENABLE_RTE true Start RTE and use admin mode license.
HASP_RTE_STARTUP_TIMEOUT 3 Seconds to wait for RTE to start.
HASP_NETWORK_LICENSE_SERVER Hostname of a licensing server.
System
SERVER_PORT 8080 HTTP port
SERVER_SSL_PORT 8443 HTTPS port SERVER_SSL_ENABLED
SERVER_ALLOW_CORS false Configure CORS to allow all cross-origin HTTP requests.