# v3.26.0 ## Branding Configuration options for CiviForm branding. ### CIVIC\_ENTITY\_SMALL\_LOGO\_URL **Admin readable** Small logo for the civic entity used on the login page. **Required**. * Type: string ### CIVIC\_ENTITY\_FOOTER\_LOGO\_URL **Admin readable** Logo for the civic entity used in the footer. If not set, falls back to CIVIC\_ENTITY\_SMALL\_LOGO\_URL. * Type: string ### WHITELABEL\_CIVIC\_ENTITY\_SHORT\_NAME **Admin writeable** The short display name of the civic entity, will use 'TestCity' if not set. **Required**. * Type: string ### HIDE\_CIVIC\_ENTITY\_NAME\_IN\_HEADER **Admin writeable** Whether the WHITELABEL\_CIVIC\_ENTITY\_SHORT\_NAME should be hidden in the CiviForm header. This may be desired if the government name is included in the logo. The logo is hidden on smaller screens, so this will only hide the name if the logo is showing. * Type: bool ### WHITELABEL\_CIVIC\_ENTITY\_FULL\_NAME **Admin writeable** The full display name of the civic entity, will use 'City of TestCity' if not set. **Required**. * Type: string ### CIVIC\_ENTITY\_PRODUCTION\_URL **Admin writeable** The URL to the civic entity's production CiviForm site. * Type: string ### FAVICON\_URL **Admin readable** The URL of a 32x32 or 16x16 pixel [favicon](https://developer.mozilla.org/en-US/docs/Glossary/Favicon) image, in GIF, PNG, or ICO format. * Type: string ### THEME\_COLOR\_PRIMARY **Admin writeable** A primary color is the color displayed most prominently across your website. Enter the hex code for this color. * Type: string * Validation regular expression: `(^#(?:[0-9a-fA-F]{3}){1,2}$)|^$` * Regular expression examples: * `#f12345` should match. * `#c13` should match. * `cccccc` should not match. * \`\` should match. ### THEME\_COLOR\_PRIMARY\_DARK **Admin writeable** A darker version of your primary color can be applied to your website for some purposes. Enter the hex code for this color. * Type: string * Validation regular expression: `(^#(?:[0-9a-fA-F]{3}){1,2}$)|^$` * Regular expression examples: * `#f12345` should match. * `#c13` should match. * `cccccc` should not match. * \`\` should match. ## External Services Configures connections to external services the CiviForm server relies on. ### Applicant Identity Provider Configuration options for the [applicant identity provider](https://github.com/civiform/civiform/wiki/Authentication-Providers#applicant-authentication). #### CIVIFORM\_APPLICANT\_IDP **Admin readable** What identity provider to use for applicants. **Required**. * Type: string * Allowed values: * `idcs` * `login-radius` * `generic-oidc` * `login-gov` * `auth0` * `disabled` #### APPLICANT\_REGISTER\_URI **Admin readable** URI to create a new account in the applicant identity provider. * Type: string #### APPLICANT\_PORTAL\_NAME **Admin writeable** The name of the portal that applicants log into, used in sentences like 'Log into your APPLICANT\_PORTAL\_NAME account.' **Required**. * Type: string #### Oracle Identity Cloud Service Configuration options for the [idcs](https://github.com/civiform/civiform/wiki/Authentication-Providers#oracle-idcs) provider. **IDCS\_CLIENT\_ID** **Managed secret** An opaque public identifier for apps that use OIDC (OpenID Connect) to request data from authorization servers, specifically communicating with IDCS. A Civiform instance is always the client. * Type: string **IDCS\_SECRET** **Managed secret** A secret known only to the client (Civiform) and authorization server, specifically for IDCS OIDC systems. This secret essentially acts as the client’s “password” for accessing data from the auth server. * Type: string **IDCS\_DISCOVERY\_URI** **Server setting** A URL that returns a JSON listing of OIDC (OpenID Connect) data associated with the IDCS auth provider. * Type: string #### Login Radius Configuration options for the [login-radius](https://github.com/civiform/civiform/wiki/Authentication-Providers#loginradius-saml) provider **LOGIN\_RADIUS\_API\_KEY** **Server setting** The API key used to interact with LoginRadius. * Type: string **LOGIN\_RADIUS\_METADATA\_URI** **Server setting** The base URL to construct SAML endpoints, based on the SAML2 spec. * Type: string **LOGIN\_RADIUS\_SAML\_APP\_NAME** **Server setting** The name for the app, based on the SAML2 spec. * Type: string **LOGIN\_RADIUS\_KEYSTORE\_NAME** **Server setting** Name of the SAML2 keystore, used to store digital certificates and private keys for SAML auth. * Type: string **LOGIN\_RADIUS\_KEYSTORE\_PASS** **Server setting** The password used the protect the integrity of the SAML keystore file. * Type: string **LOGIN\_RADIUS\_PRIVATE\_KEY\_PASS** **Server setting** The password used to protect the private key of the SAML digital certificate. * Type: string #### OpenID Connect Configuration options for the [generic-oidc](https://github.com/civiform/civiform/wiki/Authentication-Providers#generic-oidc-oidc) provider. **APPLICANT\_OIDC\_PROVIDER\_LOGOUT** **Server setting** Enables [central logout](https://github.com/civiform/civiform/wiki/Authentication-Providers#logout-2) for both admin and applicant auth providers (despite the name). * Type: bool **APPLICANT\_OIDC\_OVERRIDE\_LOGOUT\_URL** **Server setting** By default the 'end\_session\_endpoint' from the auth provider discovery metadata file is used as the logout endpoint. However for some integrations that standard flow might not work and we need to override logout URL. * Type: string **APPLICANT\_OIDC\_POST\_LOGOUT\_REDIRECT\_PARAM** **Server setting** URL param used to pass the post logout redirect url in the logout request to the auth provider. It defaults to 'post\_logout\_redirect\_uri' if this variable is unset. If this variable is set to the empty string, the post logout redirect url is not passed at all and instead it needs to be hardcoded on the the auth provider (otherwise the user won't be redirected back to civiform after logout). * Type: string **APPLICANT\_OIDC\_PROVIDER\_NAME** **Server setting** The name of the OIDC (OpenID Connect) auth provider (server), such as “Auth0” or “LoginRadius”. * Type: string **APPLICANT\_OIDC\_CLIENT\_ID** **Server setting** An opaque public identifier for apps that use OIDC (OpenID Connect) to request data from authorization servers. A Civiform instance is always the client. * Type: string **APPLICANT\_OIDC\_CLIENT\_SECRET** **Managed secret** A secret known only to the client (Civiform) and authorization server. This secret essentially acts as the client’s “password” for accessing data from the auth server. * Type: string **APPLICANT\_OIDC\_DISCOVERY\_URI** **Server setting** A URL that returns a JSON listing of OIDC (OpenID Connect) data associated with a given auth provider. * Type: string **APPLICANT\_OIDC\_RESPONSE\_MODE** **Server setting** Informs the auth server of the desired auth processing flow, based on the OpenID Connect spec. * Type: string **APPLICANT\_OIDC\_RESPONSE\_TYPE** **Server setting** Informs the auth server of the mechanism to be used for returning response params from the auth endpoint, based on the OpenID Connect spec. * Type: string **APPLICANT\_OIDC\_ADDITIONAL\_SCOPES** **Server setting** Scopes the client (CiviForm) is requesting in addition to the standard scopes the OpenID Connect spec provides. * Type: string **APPLICANT\_OIDC\_LOCALE\_ATTRIBUTE** **Server setting** The locale of the user, such as “en-US”. * Type: string **APPLICANT\_OIDC\_EMAIL\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s email address. * Type: string **APPLICANT\_OIDC\_FIRST\_NAME\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s first name. * Type: string **APPLICANT\_OIDC\_MIDDLE\_NAME\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s middle name. * Type: string **APPLICANT\_OIDC\_LAST\_NAME\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s last name. * Type: string **APPLICANT\_OIDC\_NAME\_SUFFIX\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s name suffix. * Type: string **APPLICANT\_OIDC\_PHONE\_NUMBER\_ATTRIBUTE** **Server setting** The OIDC attribute name for the user’s phone number. * Type: string #### Login.gov Configuration options for the [login-gov](https://github.com/civiform/civiform/wiki/Authentication-Providers#logingov-oidc) provider **LOGIN\_GOV\_CLIENT\_ID** **Server setting** An opaque public identifier for apps that use OIDC (OpenID Connect) to request data from authorization servers, specifically communicating with Login.gov. A Civiform instance is always the client. * Type: string **LOGIN\_GOV\_DISCOVERY\_URI** **Server setting** A URL that returns a JSON listing of OIDC (OpenID Connect) data associated with a given auth provider, specifically for Login.gov. * Type: string **LOGIN\_GOV\_ADDITIONAL\_SCOPES** **Server setting** Scopes the client (CiviForm) is requesting in addition to the standard scopes the OpenID Connect spec provides. Scopes should be separated by a space. * Type: string **LOGIN\_GOV\_ACR\_VALUE** **Server setting** [Authentication Context Class Reference requests](https://developers.login.gov/oidc/#request-parameters). ial/1 is for open registration, email only. ial/2 is for requiring identity verification. * Type: string * Allowed values: * `http://idmanagement.gov/ns/assurance/ial/1` * `http://idmanagement.gov/ns/assurance/ial/2` ### Administrator Identity Provider Configuration options for the [administrator identity provider](https://github.com/civiform/civiform/wiki/Authentication-Providers#admin-authentication). #### CIVIFORM\_ADMIN\_IDP **Admin readable** What identity provider to use for admins. * Type: string * Allowed values: * `adfs` * `generic-oidc-admin` #### Active Directory Federation Services Configuration options for the [ADFS](https://github.com/civiform/civiform/wiki/Authentication-Providers#azure-ad-and-adfs-oidc) provider. **ADFS\_CLIENT\_ID** **Server setting** An opaque public identifier for apps that use OIDC (OpenID Connect) to request data from authorization servers, specifically communicating with ADFS. A Civiform instance is always the client. * Type: string **ADFS\_SECRET** **Managed secret** A secret known only to the client (Civiform) and authorization server. This secret essentially acts as the client’s “password” for accessing data from the auth server. * Type: string **ADFS\_DISCOVERY\_URI** **Server setting** A URL that returns a JSON listing of OIDC (OpenID Connect) data associated with the IDCS auth provider. * Type: string **ADFS\_ADMIN\_GROUP** **Server setting** The name of the admin group in Active Directory, typically used to tell if a user is a global admin. * Type: string **ADFS\_ADDITIONAL\_SCOPES** **Server setting** Scopes the client (CiviForm) is requesting in addition to the standard scopes the OpenID Connect spec provides. Scopes should be separated by a space. * Type: string **AD\_GROUPS\_ATTRIBUTE\_NAME** **Server setting** The attribute name for looking up the groups associated with a particular user. * Type: string #### OpenID Connect Configuration options for the [generic-oidc](https://github.com/civiform/civiform/wiki/Authentication-Providers#generic-oidc-oidc) provider. **ADMIN\_OIDC\_PROVIDER\_NAME** **Server setting** The name of the OIDC (OpenID Connect) auth provider (server), such as 'Auth0' or 'Okta'. * Type: string **ADMIN\_OIDC\_CLIENT\_ID** **Server setting** An opaque public identifier for apps that use OIDC (OpenID Connect) to request data from authorization servers. A Civiform instance is always the client. * Type: string **ADMIN\_OIDC\_CLIENT\_SECRET** **Server setting** A secret known only to the client (Civiform) and authorization server. This secret essentially acts as the client’s “password” for accessing data from the auth server. * Type: string **ADMIN\_OIDC\_DISCOVERY\_URI** **Server setting** A URL that returns a JSON listing of OIDC (OpenID Connect) data associated with a given auth provider. * Type: string **ADMIN\_OIDC\_RESPONSE\_MODE** **Server setting** Informs the auth server of the desired auth processing flow, based on the OpenID Connect spec. * Type: string **ADMIN\_OIDC\_RESPONSE\_TYPE** **Server setting** Informs the auth server of the mechanism to be used for returning response params from the auth endpoint, based on the OpenID Connect spec. * Type: string **ADMIN\_OIDC\_USE\_CSRF** **Server setting** OIDC client should provide CSRF protection. * Type: bool **ADMIN\_OIDC\_ID\_GROUPS\_ATTRIBUTE\_NAME** **Server setting** Name of attribute that provides the groups associated with an account. * Type: string **ADMIN\_OIDC\_ADMIN\_GROUP\_NAME** **Server setting** Name of group that indicates an account is a global admin. * Type: string **ADMIN\_OIDC\_ADDITIONAL\_SCOPES** **Server setting** Scopes the client (CiviForm) is requesting in addition to the standard scopes the OpenID Connect spec provides. * Type: string ### Database Configures the connection to the PostgreSQL database. #### DATABASE\_APPLY\_DESTRUCTIVE\_CHANGES **Server setting** If enabled, [playframework down evolutions](https://www.playframework.com/documentation/2.8.x/Evolutions#Evolutions-scripts) are automatically applied on server start if needed. * Type: bool #### DATABASE\_CONNECTION\_POOL\_SIZE **Server setting** Sets how many connections to the database are maintained. * Type: int #### DB\_JDBC\_STRING **Server setting** The database URL. * Type: string #### DB\_USERNAME **Managed secret** The username used to connect to the database. * Type: string #### DB\_PASSWORD **Managed secret** The password used to connect to the database. * Type: string ### Thread pools Configures the Play framework [thread pools](https://www.playframework.com/documentation/2.8.x/ThreadPools). #### AKKA\_DEFAULT\_EXECUTOR **Server setting** Determines which kind of ExecutorService to use for the default dispatcher. The default is 'fork-join-executor' * Type: string #### FORK\_JOIN\_PARALLELISM\_MIN **Server setting** Min number of threads to cap factor-based parallelism number to for the 'fork-join-executor' * Type: int #### FORK\_JOIN\_PARALLELISM\_MAX **Server setting** Max number of threads to cap factor-based parallelism number to for the 'fork-join-executor' * Type: int #### FORK\_JOIN\_PARALLELISM\_FACTOR **Server setting** The parallelism factor is used to determine thread pool size for the 'fork-join-executor' using the following formula: ceil(available processors \* factor). Resulting size is then bounded by the parallelism-min and parallelism-max values. * Type: int #### THREAD\_POOL\_EXECUTOR\_FIXED\_POOL\_SIZE **Server setting** The size of the thread pool for the 'thread-pool-executor' type. If not defined, this will use the [default](https://github.com/akka/akka/blob/main/akka-actor/src/main/resources/reference.conf#L492) core and max pool sizes. * Type: int #### AKKA\_THROUGHPUT **Server setting** The number of messages that are processed in a batch before the thread is returned to the pool. Set to 1 for as fair as possible. * Type: int ### AWS\_REGION **Server setting** Region where the AWS SES service exists. If STORAGE\_SERVICE\_NAME is set to 'aws', it is also the region where the AWS s3 service exists. * Type: string ### GCP\_REGION **Server setting** The GCP Region. If STORAGE\_SERVICE\_NAME is set to 'gcp', it is also the region where the GCP s3 compatible service exists. * Type: string ### SENDER\_EMAIL\_ADDRESS **Server setting** The email address used for the 'from' email header for emails sent by CiviForm. **Required**. * Type: string ### EMAIL\_PROVIDER **Server setting** The provider to use for sending emails. * Type: string * Allowed values: * `aws-ses` * `graph-api` ### GRAPH\_API\_EMAIL\_ACCOUNT **Server setting** The email or account ID that graph API should use to send the email. * Type: string ### Application File Upload Storage Configuration options for the application file upload storage provider #### STORAGE\_SERVICE\_NAME **Server setting** What static file storage provider to use. * Type: string * Allowed values: * `s3` * `aws-s3` * `azure-blob` * `gcp-s3` #### AWS\_S3\_BUCKET\_NAME **Server setting** s3 bucket to store files in. * Type: string #### AWS\_S3\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of files uploaded to s3. * Type: string #### AWS\_S3\_PUBLIC\_BUCKET\_NAME **Server setting** s3 bucket to store **publicly accessible** files in. * Type: string #### AWS\_S3\_PUBLIC\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of **publicly accessible** files uploaded to s3. * Type: string #### AZURE\_STORAGE\_ACCOUNT\_NAME **Server setting** The azure account name where the blob storage service exists. * Type: string #### AZURE\_STORAGE\_ACCOUNT\_CONTAINER\_NAME **Server setting** Azure blob storage container name to store files in. * Type: string #### AZURE\_STORAGE\_ACCOUNT\_PUBLIC\_CONTAINER\_NAME **Server setting** Azure blob storage container name to store public files in. * Type: string #### AZURE\_STORAGE\_ACCOUNT\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of files uploaded to Azure blob storage. * Type: string #### AZURE\_STORAGE\_ACCOUNT\_PUBLIC\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of **publicly accessible** files uploaded to Azure blob storage. * Type: string #### AZURE\_LOCAL\_CONNECTION\_STRING **Server setting** Allows local [Azurite emulator](https://learn.microsoft.com/en-us/azure/storage/common/storage-use-azurite) to be used for developer deployments. * Type: string #### GCP\_S3\_BUCKET\_NAME **Server setting** s3 bucket to store files in. * Type: string #### GCP\_S3\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of files uploaded to s3. * Type: string #### GCP\_S3\_PUBLIC\_BUCKET\_NAME **Server setting** s3 bucket to store **publicly accessible** files in. * Type: string #### GCP\_S3\_PUBLIC\_FILE\_LIMIT\_MB **Server setting** The max size (in Mb) of **publicly accessible** files uploaded to s3. * Type: string ### ESRI Address Validation Configuration options for the ESRI GIS client and address validation/correction feature. #### Address Correction Address Correction Settings **ESRI\_ADDRESS\_CORRECTION\_ENABLED** **Admin writeable** Enables the feature that allows address correction for address questions. * Type: bool **ESRI\_FIND\_ADDRESS\_CANDIDATES\_URL** **Admin readable** \[Deprecated: Switch to `ESRI_FIND_ADDRESS_CANDIDATES_URLS`] The URL CiviForm will use to call Esri’s [findAddressCandidates service](https://developers.arcgis.com/rest/geocode/api-reference/geocoding-find-address-candidates.htm). * Type: string **ESRI\_FIND\_ADDRESS\_CANDIDATES\_URLS** **Admin readable** The list of URLs CiviForm will use to call Esri’s [findAddressCandidates service](https://developers.arcgis.com/rest/geocode/api-reference/geocoding-find-address-candidates.htm). These are used sequentially and not all of them may need to be used for every correction. If any results have a score of 90 or higher, lower priority urls will not be called. * Type: index-list #### Service Area Validation Service Area Validation Settings **ESRI\_ADDRESS\_SERVICE\_AREA\_VALIDATION\_ENABLED** **Admin writeable** Enables the feature that allows for service area validation of a corrected address. ESRI\_ADDRESS\_CORRECTION\_ENABLED needs to be enabled. * Type: bool **ESRI\_ADDRESS\_SERVICE\_AREA\_VALIDATION\_LABELS** **Admin readable** Human readable labels used to present the service area validation options in CiviForm’s admin UI. * Type: index-list **ESRI\_ADDRESS\_SERVICE\_AREA\_VALIDATION\_IDS** **Admin readable** The value CiviForm uses to validate if an address is in a service area. * Type: index-list **ESRI\_ADDRESS\_SERVICE\_AREA\_VALIDATION\_URLS** **Admin readable** The URL CiviForm will use to call Esri’s [map query service](https://developers.arcgis.com/rest/services-reference/enterprise/query-feature-service-layer-.htm) for service area validation. * Type: index-list **ESRI\_ADDRESS\_SERVICE\_AREA\_VALIDATION\_ATTRIBUTES** **Admin readable** The attribute CiviForm checks from the service area validation response to get the service area validation ID. * Type: index-list #### General ESRI Settings **ESRI\_EXTERNAL\_CALL\_TRIES** **Admin readable** The number of tries CiviForm will attempt requests to external Esri services. * Type: int **ESRI\_WELLKNOWN\_ID\_OVERRIDE** **Admin readable** Forces calls to Esri services to use the specified spatial reference wellKnownId value for the [coordinate system](https://developers.arcgis.com/rest/services-reference/enterprise/using-spatial-references.htm). If not set the default configuration from the Esri server is used. Setting this may be needed if using the results of the findAddressCandidates service return spatial references in a format different from one or more of the map query service endpoints. * Type: int **ESRI\_ARCGIS\_API\_TOKEN** **Server setting** A secret token value from Esri's arcgis.com online service created by your arcgis.com account for accessing the API. * Type: string ## Email Addresses Configuration options for [CiviForm email usage](https://docs.civiform.us/it-manual/sre-playbook/email-configuration). ### SUPPORT\_EMAIL\_ADDRESS **Admin writeable** This email address is listed in the footer for applicants to contact support. **Required**. * Type: string ### IT\_EMAIL\_ADDRESS **Admin readable** This email address receives error notifications from CiviForm when there is an internal server error or a durable job fails. * Type: string ### STAGING\_PROGRAM\_ADMIN\_NOTIFICATION\_MAILING\_LIST **Server setting** If this is a staging deployment, the application notification email is sent to this email address instead of the program administrator's email address. **Required**. * Type: string ### STAGING\_TI\_NOTIFICATION\_MAILING\_LIST **Server setting** If this is a staging deployment, the application notification email is sent to this email address instead of the trusted intermediary's email address. **Required**. * Type: string ### STAGING\_APPLICANT\_NOTIFICATION\_MAILING\_LIST **Server setting** If this is a staging deployment, the application notification email is sent to this email address instead of the applicant's email address. **Required**. * Type: string ## Custom Text Text specific to a civic entity. ### COMMON\_INTAKE\_MORE\_RESOURCES\_LINK\_TEXT **Admin writeable** The text for a link on the Pre-Screener confirmation page that links to more resources. Shown when the applicant is not eligible for any programs in CiviForm. * Type: string ### COMMON\_INTAKE\_MORE\_RESOURCES\_LINK\_HREF **Admin writeable** The HREF for a link on the Pre-Screener confirmation page that links to more resources. Shown when the applicant is not eligible for any programs in CiviForm. * Type: string * Validation regular expression: `^(http://|https://).+` * Regular expression examples: * `http://my-civiform.org` should match. * `https://my-civiform.org` should match. * `my-civiform.org` should not match. ### IMMIGRATION\_STATUS\_INFO\_BANNER\_LEARN\_MORE\_URL **Admin writeable** The HREF for providing more information for the immigration status informational banner. * Type: string ## SECRET\_KEY **Managed secret** The [secret key](http://www.playframework.com/documentation/latest/ApplicationSecret) is used to sign Play's session cookie. This must be changed for production. * Type: string ## BASE\_URL **Admin readable** The URL of the CiviForm deployment. Must start with 'https\://' or 'http\://'. **Required**. * Type: string * Validation regular expression: `^(http://|https://).+` * Regular expression examples: * `http://my-civiform.org` should match. * `https://my-civiform.org` should match. * `my-civiform.org` should not match. ## STAGING\_HOSTNAME **Server setting** DNS name of the staging deployment. Must not start with 'https\://' or 'http\://'. * Type: string * Validation regular expression: `^(?!http://|https://).+` * Regular expression examples: * `my-civiform.org` should match. * `http://my-civiform.org` should not match. * `https://my-civiform.org` should not match. ## CIVIFORM\_SUPPORTED\_LANGUAGES **Server setting** The full list of languages available to CiviForm. These are the language that admins can choose from when adding translations for programs and applications, as well as the default list that applicants can choose from when specifying their language preference. See CIVIFORM\_APPLICANT\_ENABLED\_LANGUAGES for further control over languages available to applicants. * Type: index-list ## CIVIFORM\_APPLICANT\_ENABLED\_LANGUAGES **Server setting** If populated, this filters the languages that are visible to the applicant to just those in the list. This allows program admins to develop languages support for programs and questions, but not let the applicant use a language that is not yet ready. * Type: index-list ## CIVIFORM\_TIME\_ZONE\_ID **Admin readable** A Java [time zone ID](https://docs.oracle.com/javase/8/docs/api/java/time/ZoneId.html) indicating the time zone for this CiviForm deployment. All times in the system will be calculated in this zone. Default value is 'America/Los\_Angeles' **Required**. * Type: string ## CIVIFORM\_IMAGE\_TAG **Admin readable** The tag of the docker image this server is running inside. Is added as a HTML meta tag with name 'civiform-build-tag'. * Type: string ## CIVIFORM\_VERSION **Admin readable** The release version of CiviForm. For example: v1.18.0. * Type: string ## ALLOWED\_IP\_ADDRESSES\_FOR\_LOGOUT **Admin readable** IP addresses that are allowed to logout a user through the /logoutAllSessions endpoint. If configured, this will normally be the IP address(es) of the authentication provider. If not specified, all IP addresses are allowed. * Type: index-list ## CLIENT\_IP\_TYPE **Admin readable** Where to find the IP address for incoming requests. Default is "DIRECT" where the IP address of the request is the originating IP address. If "FORWARDED" then request has been reverse proxied and the originating IP address is stored in the X-Forwarded-For header. * Type: string * Allowed values: * `DIRECT` * `FORWARDED` ## NUM\_TRUSTED\_PROXIES **Admin readable** The count of reverse proxies between the internet and the server. In typical deployments, this value is 1. * Type: int ## FILE\_UPLOAD\_ALLOWED\_FILE\_TYPE\_SPECIFIERS **Admin readable** Specifies the allowed file types that can be uploaded. Uses any valid [file type specifiers](https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/accept#unique_file_type_specifiers). Multiple are separated by commas. Default: "image/\*,.pdf" * Type: string ## Observability Configuration options for CiviForm observability features. ### CIVIFORM\_SERVER\_METRICS\_ENABLED **Admin readable** If enabled, allows server Prometheus metrics to be retrieved via the '/metrics' URL path. If disabled, '/metrics' returns a 404. * Type: bool ### MEASUREMENT\_ID **Admin readable** The Google Analytics tracking ID. If set, Google Analytics JavaScript scripts are added to the CiviForm pages. * Type: string ## Data Export API Configuration options for the [CiviForm API](https://docs.civiform.us/it-manual/api). ### CIVIFORM\_API\_SECRET\_SALT **Managed secret** A cryptographic [secret salt](https://en.wikipedia.org/wiki/Salt_\(cryptography\)) used for salting API keys before storing their hash values in the database. This value should be kept strictly secret. If one suspects the secret has been leaked or otherwise comprised it should be changed and all active API keys should be retired and reissued. Default value is 'changeme'. * Type: string ### CIVIFORM\_API\_KEYS\_BAN\_GLOBAL\_SUBNET **Server setting** When true prevents the CiviForm admin from issuing API keys that allow callers from all IP addresses (i.e. a CIDR mask of /0). * Type: bool ### CIVIFORM\_API\_APPLICATIONS\_LIST\_MAX\_PAGE\_SIZE **Admin readable** An integer specifying the maximum number of entries returned in a page of results for the applications export API. * Type: int ## Durable Jobs Configuration options for the CiviForm Job Runner. ### DURABLE\_JOBS\_POLL\_INTERVAL\_SECONDS **Server setting** An integer specifying the polling interval in seconds for the durable job system. A smaller number here increases the polling frequency, which results in jobs running sooner when they are scheduled to be run immediately, at the cost of more pressure on the database. Default value is 5. * Type: int ### DURABLE\_JOBS\_JOB\_TIMEOUT\_MINUTES **Server setting** An integer specifying the timeout in minutes for durable jobs i.e. how long a single job is allowed to run before the system attempts to interrupt it. Default value is 30. * Type: int ### DURABLE\_JOBS\_THREAD\_POOL\_SIZE **Server setting** The number of server threads available for the durable job runner. More than a single thread will the server execute multiple jobs in parallel. Default value is 1. * Type: int ### DURABLE\_JOBS\_MAP\_REFRESH **Server setting** A boolean specifying whether or not to refresh map data for the CiviForm instance. * Type: bool ## Session Management Configuration options for session management ### MAXIMUM\_SESSION\_DURATION\_MINUTES **Admin readable** The amount of time, in minutes, that a session lasts. The default is 600 minutes, or 10 hours. Note that there isn't yet messaging on the frontend to notify a user when their session is expired. * Type: int ### SESSION\_INACTIVITY\_WARNING\_THRESHOLD\_MINUTES **Admin readable** How many minutes before the session inactivity timeout a user receives a warning that their session will expire. Default is 5. * Type: int ### SESSION\_DURATION\_WARNING\_THRESHOLD\_MINUTES **Admin readable** How many minutes before the maximum session duration timeout a user receives a warning that their session will expire. Default is 10. * Type: int ### SESSION\_INACTIVITY\_TIMEOUT\_MINUTES **Admin readable** The number of minutes of inactivity before a session times out. Default is 30. * Type: int ## Feature Flags Configuration options to enable or disable optional features. ### ALLOW\_CIVIFORM\_ADMIN\_ACCESS\_PROGRAMS **Admin writeable** If enabled, CiviForm Admins are able to see all applications for all programs. Is disabled by default. * Type: bool ### STAGING\_ADD\_NOINDEX\_META\_TAG **Server setting** If this is a staging deployment and this variable is set to true, a [robots noindex](https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag) metadata tag is added to the CiviForm pages. This causes the staging site to not be listed on search engines. * Type: bool ### STAGING\_DISABLE\_DEMO\_MODE\_LOGINS **Admin writeable** If this is a staging or demo deployment and this variable is set to true, the 'DEMO MODE. LOGIN AS:' buttons are not shown on the login page. Warning: if you turn on this flag, you will need to log in through the admin authenticator to get back to this settings page * Type: bool ### VERSION\_CACHE\_ENABLED **Server setting** Enables caching for versions and their associated data. * Type: bool ### PROGRAM\_CACHE\_ENABLED **Server setting** Enables caching for programs and their associated data. * Type: bool ### QUESTION\_CACHE\_ENABLED **Server setting** Enables caching for questions and their associated data. * Type: bool ### ADMIN\_OIDC\_ENHANCED\_LOGOUT\_ENABLED **Admin readable** Enables populating more fields in OIDC logout requests to admin identity provider. * Type: bool ### APPLICANT\_OIDC\_ENHANCED\_LOGOUT\_ENABLED **Admin readable** Enables populating more fields in OIDC logout requests to applicant identity provider. * Type: bool ### SUGGEST\_PROGRAMS\_ON\_APPLICATION\_CONFIRMATION\_PAGE **Admin writeable** Upsell: Add programs cards to the confirmation screen that an applicant sees after finishing an application. * Type: bool ### SHOW\_NOT\_PRODUCTION\_BANNER\_ENABLED **Admin writeable** Enabling this will add a banner to the site to tell applicants this is not Production and that they shouldn't submit real applications. Configure the CIVIC\_ENTITY\_PRODUCTION\_URL setting to also include a link to your production site. * Type: bool ### CUSTOMIZED\_ELIGIBILITY\_MESSAGE\_ENABLED **Admin writeable** Enables civiform admins to set up a customized eligibility message per screen. * Type: bool ### CUSTOM\_THEME\_COLORS\_ENABLED **Admin writeable** Enable using custom theme colors in the applicant UI. * Type: bool ### NAME\_SUFFIX\_DROPDOWN\_ENABLED **Admin writeable** Enables suffix dropdown field in name question. * Type: bool ### REMOVE\_DOWNLOAD\_FOR\_PROGRAM\_ADMINS\_ENABLED **Admin writeable** Remove the CSV/JSON/PDF download capability for Program Admins. * Type: bool ### YES\_NO\_QUESTION\_ENABLED **Admin readable** Enables being able to add a new yes/no question. * Type: bool ### EXTERNAL\_PROGRAM\_CARDS\_ENABLED **Admin readable** Enable showing external program cards. * Type: bool ### LOGIN\_DROPDOWN\_ENABLED **Admin writeable** Enables a dropdown for login that has both applicant and admin login. * Type: bool ### IMMIGRATION\_STATUS\_INFO\_BANNER\_ENABLED **Admin writeable** Enable showing an immigration status informational banner to applicants. * Type: bool ## Experimental These are **NOT READY FOR PRODUCTION USE**. Use these configuration options to enable or disable in-development features. ### SESSION\_TIMEOUT\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enable session timeout based on inactivity and maximum duration. * Type: bool ### PROGRAM\_SLUG\_URLS\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Use program slugs instead of program IDs in URLs. * Type: bool ### TRANSLATION\_MANAGEMENT\_IMPROVEMENT\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enables translation management improvement phase one * Type: bool ### API\_BRIDGE\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enables changes to support API Bridge * Type: bool ### EXPANDED\_FORM\_LOGIC\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enables new visibility/eligibility condition editing UI and expanded logic capabilities for admin. * Type: bool ### ENUMERATOR\_IMPROVEMENTS\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enables improvements which make it easier for admins to work with enumerators. * Type: bool ### FILE\_UPLOAD\_QUESTION\_IMPROVEMENTS\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enables improvements which allow for file upload questions on the same page as other question types. Uses a new file upload method that uploads applicant files through CiviForm servers. * Type: bool ### ADMIN\_UI\_MIGRATION\_SC\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enable the admin UI migration in Thymeleaf. * Type: bool ### ADMIN\_UI\_MIGRATION\_SC\_EXTENDED\_ENABLED **Admin writeable** (NOT FOR PRODUCTION USE) Enable extended options in the admin UI migration in Thymeleaf. * Type: bool ### NEW\_APPLICANT\_GUEST\_MERGING\_STRATEGY\_ENABLED **Admin readable** (NOT FOR PRODUCTION USE) Enable the new applicant-guest merging strategy. * Type: bool ### NEW\_APPLICANT\_GUEST\_MERGING\_STRATEGY\_DRY\_RUN\_ENABLED **Admin readable** (NOT FOR PRODUCTION USE) Enable dry run logging for the new applicant-guest merging strategy. * Type: bool