mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Clarify Kratos annotations
This commit is contained in:
Jason Ertel
GitHub
@@ -7,7 +7,7 @@ kratos:
|
|||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
whoami:
|
whoami:
|
||||||
required_aal:
|
required_aal:
|
||||||
description: Sets the Authenticator Assurance Level.
|
description: Sets the Authenticator Assurance Level. Leave as default to ensure proper security protections remain in place.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
@@ -15,71 +15,71 @@ kratos:
|
|||||||
methods:
|
methods:
|
||||||
password:
|
password:
|
||||||
enabled:
|
enabled:
|
||||||
description: The IP address to bind to.
|
description: Set to True to enable traditional password authentication. Leave as default to ensure proper security protections remain in place.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
config:
|
config:
|
||||||
haveibeenpwned_enabled:
|
haveibeenpwned_enabled:
|
||||||
description: The IP address to bind to.
|
description: Set to True to check if a newly chosen password has ever been found in a published list of previously-compromised passwords. Requires outbound Internet connectivity when enabled.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
totp:
|
totp:
|
||||||
enabled:
|
enabled:
|
||||||
description: The IP address to bind to.
|
description: Set to True to enable Time-based One-Time Password (TOTP) MFA authentication. Leave as default to ensure proper security protections remain in place.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
config:
|
config:
|
||||||
issuer:
|
issuer:
|
||||||
description: The IP address to bind to.
|
description: The name to show in the MFA authenticator app. Useful for differentiating between installations that share the same user email address.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
flows:
|
flows:
|
||||||
settings:
|
settings:
|
||||||
ui_url:
|
ui_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL containing the user self-service profile and security settings. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
required_aal:
|
required_aal:
|
||||||
description: The IP address to bind to.
|
description: Sets the Authenticator Assurance Level for accessing user self-service profile and security settings. Leave as default to ensure proper security enforcement remains in place.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
verification:
|
verification:
|
||||||
ui_url:
|
ui_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
login:
|
login:
|
||||||
ui_url:
|
ui_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
error:
|
error:
|
||||||
ui_url:
|
ui_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
registration:
|
registration:
|
||||||
ui_url:
|
ui_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
default_browser_return_url:
|
default_browser_return_url:
|
||||||
description: The IP address to bind to.
|
description: Security Onion Console landing page URL. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
allowed_return_urls:
|
allowed_return_urls:
|
||||||
description: The IP address to bind to.
|
description: Internal redirect URL. Leave as default to ensure proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
@@ -94,50 +94,35 @@ kratos:
|
|||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
secrets:
|
secrets:
|
||||||
default:
|
default:
|
||||||
description: The IP address to bind to.
|
description: Secret key used for protecting session cookie data. Generated during installation.
|
||||||
global: True
|
global: True
|
||||||
|
sensitive: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
serve:
|
serve:
|
||||||
public:
|
public:
|
||||||
base_url:
|
base_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL for authenticating to Kratos. Leave as default for proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
admin:
|
admin:
|
||||||
base_url:
|
base_url:
|
||||||
description: The IP address to bind to.
|
description: User accessible URL for accessing Kratos administration API. Leave as default for proper operation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
hashers:
|
hashers:
|
||||||
bcrypt:
|
bcrypt:
|
||||||
cost:
|
cost:
|
||||||
description: The IP address to bind to.
|
description: Bcrypt hashing algorithm cost. Higher values consume more CPU and take longer to complete. Actual cost is computed as 2^X where X is the value in this setting.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
identity:
|
|
||||||
default_schema_id:
|
|
||||||
description: The IP address to bind to.
|
|
||||||
global: True
|
|
||||||
advanced: True
|
|
||||||
helpLink: kratos.html
|
|
||||||
schemas:
|
|
||||||
description:
|
|
||||||
global: True
|
|
||||||
advanced: True
|
|
||||||
helpLink: kratos.html
|
|
||||||
url:
|
|
||||||
description: The IP address to bind to.
|
|
||||||
global: True
|
|
||||||
advanced: True
|
|
||||||
helpLink: kratos.html
|
|
||||||
courier:
|
courier:
|
||||||
smtp:
|
smtp:
|
||||||
connection_uri:
|
connection_uri:
|
||||||
description: The IP address to bind to.
|
description: SMTPS URL for sending outbound account-related emails. Not utilized with the standard Security Onion installation.
|
||||||
global: True
|
global: True
|
||||||
advanced: True
|
advanced: True
|
||||||
helpLink: kratos.html
|
helpLink: kratos.html
|
||||||
|
|||||||
Reference in New Issue
Block a user