Retrieve the System Configuration

This API is used to retrieve the System Configuration.

Request#

Global API Key Authentication
Retrieve the System Configuration
GET/api/system-configuration

Response#

The response for this API contains the System Configuration.

Response Codes
CodeDescription
200The request was successful. The response will contain a JSON body.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.
503The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

Response Body#

systemConfiguration.auditLogConfiguration.delete.enabledBoolean

Whether or not FusionAuth should delete the Audit Log based upon this configuration. When true the auditLogConfiguration.delete.numberOfDaysToRetain will be used to identify audit logs that are eligible for deletion. When this value is set to false audit logs will be preserved forever.

systemConfiguration.auditLogConfiguration.delete.numberOfDaysToRetainInteger

The number of days to retain the Audit Log.

systemConfiguration.corsConfiguration.allowCredentialsBoolean

The Access-Control-Allow-Credentials response header values as described by MDN Access-Control-Allow-Credentials.

systemConfiguration.corsConfiguration.allowedHeadersArray<String>

The Access-Control-Allow-Headers response header values as described by MDN Access-Control-Allow-Headers.

systemConfiguration.corsConfiguration.allowedMethodsArray<String>

The Access-Control-Allow-Methods response header values as described by MDN Access-Control-Allow-Methods.

systemConfiguration.corsConfiguration.allowedOriginsArray<String>

The Access-Control-Allow-Origin response header values as described by MDN Access-Control-Allow-Origin. If the wildcard * is specified, no additional domains may be specified.

systemConfiguration.corsConfiguration.debugBoolean

Whether or not FusionAuth will log debug messages to the event log. This is primarily useful for identifying why the FusionAuth CORS filter is rejecting a request and returning an HTTP response status code of 403.

systemConfiguration.corsConfiguration.enabledBoolean

Whether the FusionAuth CORS filter will process requests made to FusionAuth.

systemConfiguration.corsConfiguration.exposedHeadersArray<String>

The Access-Control-Expose-Headers response header values as described by MDN Access-Control-Expose-Headers.

systemConfiguration.corsConfiguration.preflightMaxAgeInSecondsInteger

The Access-Control-Max-Age response header values as described by MDN Access-Control-Max-Age.

systemConfiguration.dataObject

An object that can hold any information about the System that should be persisted.

systemConfiguration.eventLogConfiguration.numberToRetainInteger

The number of events to retain. Once the number of event logs exceeds this configured value they will be deleted starting with the oldest event logs.

systemConfiguration.loginRecordConfiguration.delete.enabledBoolean

Whether or not FusionAuth should delete the login records based upon this configuration. When true the loginRecordConfiguration.delete.numberOfDaysToRetain will be used to identify login records that are eligible for deletion. When this value is set to false login records will be preserved forever.

systemConfiguration.loginRecordConfiguration.delete.numberOfDaysToRetainInteger

The number of days to retain login records.

systemConfiguration.reportTimezoneString

The time zone used to adjust the stored UTC time when generating reports. Since reports are usually rolled up hourly, this timezone will be used for demarcating the hours.

For example:

America/Denver or US/Mountain

systemConfiguration.trustedProxyConfiguration.trustPolicyStringAvailable since 1.49.0

This setting is used to resolve the client IP address for use in logging, webhooks, and IP-based access control when an X-Forwarded-For header is provided. Because proxies are free to rewrite the X-Forwarded-For header, an untrusted proxy could write a value that allowed it to bypass IP-based ACLs, or cause an incorrect IP address to be logged or sent to a webhook.

Valid values are:

  • All: Consider all proxies in an X-Forwarded-For header to be trusted, and use the first address in the X-Forwarded-For header as the resolved address. This is less secure, and is provided for backwards compatibility.
  • OnlyConfigured: Only trust proxies named in the systemConfiguration.trustedProxyConfiguration.trusted list. In this case, the first untrusted proxy found will be used as the client IP address.
systemConfiguration.trustedProxyConfiguration.trustedArray<String>Available since 1.49.0

An array of IP addresses, representing the set of trusted upstream proxies.

systemConfiguration.uiConfiguration.headerColorString

A hexadecimal color to override the default menu color in the user interface.

systemConfiguration.uiConfiguration.logoURLString

A URL of a logo to override the default FusionAuth logo in the user interface.

systemConfiguration.uiConfiguration.menuFontColorString

A hexadecimal color to override the default menu font color in the user interface.

systemConfiguration.usageDataConfiguration.enabledBooleanAvailable since 1.55.0

Whether or not FusionAuth collects and sends usage data to improve the product.

systemConfiguration.webhookEventLogConfiguration.enabledBooleanAvailable since 1.57.0

Whether or not FusionAuth should create Webhook Event Logs. When true FusionAuth will create an event log for each webhook event and an attempt log for each attempt at sending the event to a webhook.

systemConfiguration.webhookEventLogConfiguration.delete.enabledBooleanAvailable since 1.53.0

Whether or not FusionAuth should delete Webhook Event Logs based upon this configuration. When true the webhookEventLogConfiguration.delete.numberOfDaysToRetain will be used to identify webhook event logs that are eligible for deletion. When this value is set to false webhook event logs will be preserved forever.

systemConfiguration.webhookEventLogConfiguration.delete.numberOfDaysToRetainIntegerAvailable since 1.53.0

The number of days to retain Webhook Event Logs.

Example Response JSON

{
  "systemConfiguration": {
    "auditLogConfiguration": {
      "delete": {
        "enabled": true,
        "numberOfDaysToRetain": 90
      }
    },
    "corsConfiguration": {
      "allowCredentials": true,
      "allowedHeaders": [
        "Accept",
        "Access-Control-Request-Headers",
        "Access-Control-Request-Method",
        "Authorization",
        "Content-Type",
        "Last-Modified",
        "Origin",
        "X-FusionAuth-TenantId",
        "X-Requested-With"
      ],
      "allowedMethods": [
        "GET",
        "POST",
        "HEAD",
        "OPTIONS",
        "PUT",
        "DELETE"
      ],
      "allowedOrigins": [
        "*"
      ],
      "debug": false,
      "enabled": true,
      "exposedHeaders": [
        "Access-Control-Allow-Origin",
        "Access-Control-Allow-Credentials"
      ],
      "preflightMaxAgeInSeconds": 1800
    },
    "eventLogConfiguration": {
      "numberToRetain": 10000
    },
    "loginRecordConfiguration": {
      "delete": {
        "enabled": true,
        "numberOfDaysToRetain": 90
      }
    },
    "reportTimezone": "America/Denver",
    "trustedProxyConfiguration": {
      "trustPolicy": "OnlyConfigured",
      "trusted": [
        "123.123.123.123"
      ]
    },
    "uiConfiguration": {
      "headerColor": "303030",
      "logoURL": "https://local.fusionauth.io/images/logo.svg",
      "menuFontColor": "F0F0F0"
    },
    "webhookEventLogConfiguration": {
      "enabled": true,
      "delete": {
        "enabled": true,
        "numberOfDaysToRetain": 90
      }
    }
  }
}