Skip to content

Configuration

All configuration is done via environment variables.

VariableRequiredDefaultDescription
BASE_URLPublic URL of the AUMS instance (e.g. https://admin.example.com)
BETTER_AUTH_SECRET32-byte random secret for session signing. Generate with npm run auth:secret
VariableRequiredDefaultDescription
DATABASE_URLPostgreSQL connection string (e.g. postgresql://user:pass@host:5432/aums)
DATABASE_DIALECTpostgresqlDatabase dialect. Only postgresql is supported
DATABASE_CLIENTpostgresqlDatabase client. Only postgresql is supported
DATABASE_AUTO_MIGRATEtrueRun migrations automatically on startup
VariableRequiredDefaultDescription
EMAIL_FROMSender address (e.g. AUMS <noreply@example.com>)
EMAIL_SERVERSMTP connection string (e.g. smtps://user:pass@smtp.example.com)

Protect the AUMS dashboard behind your own OpenID Connect provider.

VariableRequiredDefaultDescription
AUTH_CLIENT_OPENID_CONFIGURATION_URLOIDC discovery URL (e.g. https://oauth.example.com)
AUTH_CLIENT_IDOIDC client ID
AUTH_CLIENT_SECRETOIDC client secret
AUTH_CLIENT_SCOPEopenid profile emailSpace-separated OIDC scopes
VariableRequiredDescription
AUTH0_DOMAINAuth0 tenant domain (e.g. your-tenant.auth0.com)
AUTH0_CLIENT_IDManagement API M2M application client ID
AUTH0_CLIENT_SECRETManagement API M2M application client secret
VariableRequiredDescription
FIREBASE_PROJECT_IDGCP / Firebase project ID
FIREBASE_PRIVATE_KEYService account private key (PEM, include newlines as \n)
FIREBASE_CLIENT_EMAILService account email address
VariableRequiredDescription
COGNITO_REGIONAWS region (e.g. us-east-1)
COGNITO_USER_POOL_IDUser pool ID (e.g. us-east-1_xxxxxxxxx)
AWS_ACCESS_KEY_IDAWS access key ID
AWS_SECRET_ACCESS_KEYAWS secret access key