mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
Clarify Kratos annotations
This commit is contained in:
Jason Ertel
GitHub
@@ -7,7 +7,7 @@ kratos:
|
||||
helpLink: kratos.html
|
||||
whoami:
|
||||
required_aal:
|
||||
description: Sets the Authenticator Assurance Level.
|
||||
description: Sets the Authenticator Assurance Level. Leave as default to ensure proper security protections remain in place.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
@@ -15,71 +15,71 @@ kratos:
|
||||
methods:
|
||||
password:
|
||||
enabled:
|
||||
description: The IP address to bind to.
|
||||
description: Set to True to enable traditional password authentication. Leave as default to ensure proper security protections remain in place.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
config:
|
||||
haveibeenpwned_enabled:
|
||||
description: The IP address to bind to.
|
||||
description: Set to True to check if a newly chosen password has ever been found in a published list of previously-compromised passwords. Requires outbound Internet connectivity when enabled.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
totp:
|
||||
enabled:
|
||||
description: The IP address to bind to.
|
||||
description: Set to True to enable Time-based One-Time Password (TOTP) MFA authentication. Leave as default to ensure proper security protections remain in place.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
config:
|
||||
issuer:
|
||||
description: The IP address to bind to.
|
||||
description: The name to show in the MFA authenticator app. Useful for differentiating between installations that share the same user email address.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
flows:
|
||||
settings:
|
||||
ui_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL containing the user self-service profile and security settings. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
required_aal:
|
||||
description: The IP address to bind to.
|
||||
description: Sets the Authenticator Assurance Level for accessing user self-service profile and security settings. Leave as default to ensure proper security enforcement remains in place.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
verification:
|
||||
ui_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
login:
|
||||
ui_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
error:
|
||||
ui_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
registration:
|
||||
ui_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL containing the Security Onion login page. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
default_browser_return_url:
|
||||
description: The IP address to bind to.
|
||||
description: Security Onion Console landing page URL. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
allowed_return_urls:
|
||||
description: The IP address to bind to.
|
||||
description: Internal redirect URL. Leave as default to ensure proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
@@ -94,50 +94,35 @@ kratos:
|
||||
helpLink: kratos.html
|
||||
secrets:
|
||||
default:
|
||||
description: The IP address to bind to.
|
||||
description: Secret key used for protecting session cookie data. Generated during installation.
|
||||
global: True
|
||||
sensitive: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
serve:
|
||||
public:
|
||||
base_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL for authenticating to Kratos. Leave as default for proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
admin:
|
||||
base_url:
|
||||
description: The IP address to bind to.
|
||||
description: User accessible URL for accessing Kratos administration API. Leave as default for proper operation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
hashers:
|
||||
bcrypt:
|
||||
cost:
|
||||
description: The IP address to bind to.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
identity:
|
||||
default_schema_id:
|
||||
description: The IP address to bind to.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
schemas:
|
||||
description:
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
url:
|
||||
description: The IP address to bind to.
|
||||
description: Bcrypt hashing algorithm cost. Higher values consume more CPU and take longer to complete. Actual cost is computed as 2^X where X is the value in this setting.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
courier:
|
||||
smtp:
|
||||
connection_uri:
|
||||
description: The IP address to bind to.
|
||||
description: SMTPS URL for sending outbound account-related emails. Not utilized with the standard Security Onion installation.
|
||||
global: True
|
||||
advanced: True
|
||||
helpLink: kratos.html
|
||||
|
||||
Reference in New Issue
Block a user