Configuration File

Serilog

Information on Serilog settings can be found here. The Http requests are logged if there is an error. Setting the FireStart.IdentityServer.Diagnostics entry to Information instead of Error will log all requests received by the IdentityServer.

JSON
{
"Serilog": {
"MinimumLevel": {
"Default": "Debug",
"Override": {
"Microsoft": "Warning",
"System": "Warning",
"FireStart.IdentityServer.Diagnostics": "Error",
"Microsoft.AspNetCore.Authentication": "Information",
"ComponentSApace.SAML2": "Debug"
}
},
"Enrich": [ "FromLogContext" ],
"WriteTo": [
{
"Name": "Console",
"Args": {
"outputTemplate": "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message:lj}{NewLine}{Exception}{NewLine}"
}
},
{
"Name": "File",
"Args": {
"path": "",
"rollOnFileSizeLimit": true,
"fileSizeLimitBytes": "10485760",
"shared": true
}
}
]
},
...
}

 

Settings

Contains basic settings:

JSON
{
...
"Settings": {
"AllowedHosts": "*",
"BaseUrl": "",
"Name": "",
"Port": "",
"DbPath": "",
"JWTCert": ""
},
...
}

Provider

Specifies the available providers and which is enabled. The DisplayName setting is used for provider selection in case of multiple active providers, which is currently not supported for production, and only relevant for testing purposes.

JSON
{
...
"Provider": {
"Saml": {
"Enabled": false,
"DisplayName": "WKIS DEV",
"Scheme": "wkis",
"EntityId": "https://firestart.at/applications/elma/",
"SamlCert": "427a3d5b39df593b1d44b769d3000aedf00fd83f",
"PartnerIdentityProviderMetadataEndpoint": "https://dc01.firestart-dev.local/federationmetadata/2007-06/FederationMetadata.xml"
},
"Azure": {
"Enabled": false,
"DisplayName": "Azure AD",
"Scheme": "aad",
"TenantId": "12a3d6ad-c6df-4d6f-a88a-d262ce066e5e",
"AppId": "9e944902-f800-45b2-8054-ff7d93c53b1c",
"AppSecret": "kbsrjRF194>+XXAAZMR10=*"
},
"Windows": {
"Enabled": true,
"DisplayName": "Windows Authentication",
"Scheme": "Windows"
}
},
...
}

Search Provider

Specifies the available search provider and which is enabled. The Scheme of the enabled search provider needs to match the Scheme of the authentication provider.

JSON
{
...
"SearchProvider": {
"External": {
"Enabled": false,
"DisplayName": "WK Identitymanagement System",
"Scheme": "wkis",
"BaseUrl": ""
},
"ActiveDirectory": {
"Enabled": true,
"DisplayName": "Active Directory Search",
"Scheme": "Windows",
"SearchUserWithinOU": false,
"Domains": [
{
"Domain": "",
"FQDN": "",
"Username": "",
"Password": ""
}
]
},
"Graph": {
"Enabled": false,
"DisplayName": "Microsoft Graph",
"Scheme": "aad",
"TenantId": "12a3d6ad-c6df-4d6f-a88a-d262ce066e5e",
"AppId": "9e944902-f800-45b2-8054-ff7d93c53b1c",
"AppSecret": "<YourAppSecret>",
"RedirectUri": "https://demo.firestart.com/auth/signin-oidc"
}
}
}