Retrieve the System Configuration
This API is used to retrieve the System Configuration.
Request#
Response#
The response for this API contains the System Configuration.
Response Codes| Code | Description |
|---|---|
| 200 | The request was successful. The response will contain a JSON body. |
| 401 | You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication. |
| 500 | There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty. |
| 503 | The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body. |
Response Body#
systemConfiguration.auditLogConfiguration.delete.enabledBooleanWhether or not FusionAuth should delete the Audit Log based upon this configuration. When true the auditLogConfiguration.delete.numberOfDaysToRetain will be used to identify audit logs that are eligible for deletion. When this value is set to false audit logs will be preserved forever.
systemConfiguration.auditLogConfiguration.delete.numberOfDaysToRetainIntegerThe number of days to retain the Audit Log.
systemConfiguration.corsConfiguration.allowCredentialsBooleanThe Access-Control-Allow-Credentials response header values as described by MDN Access-Control-Allow-Credentials.
systemConfiguration.corsConfiguration.allowedHeadersArray<String>The Access-Control-Allow-Headers response header values as described by MDN Access-Control-Allow-Headers.
systemConfiguration.corsConfiguration.allowedMethodsArray<String>The Access-Control-Allow-Methods response header values as described by MDN Access-Control-Allow-Methods.
systemConfiguration.corsConfiguration.allowedOriginsArray<String>The Access-Control-Allow-Origin response header values as described by MDN Access-Control-Allow-Origin. If the wildcard * is specified, no additional domains may be specified.
systemConfiguration.corsConfiguration.debugBooleanWhether or not FusionAuth will log debug messages to the event log. This is primarily useful for identifying why the FusionAuth CORS filter is rejecting a request and returning an HTTP response status code of 403.
systemConfiguration.corsConfiguration.enabledBooleanWhether the FusionAuth CORS filter will process requests made to FusionAuth.
systemConfiguration.corsConfiguration.exposedHeadersArray<String>The Access-Control-Expose-Headers response header values as described by MDN Access-Control-Expose-Headers.
systemConfiguration.corsConfiguration.preflightMaxAgeInSecondsIntegerThe Access-Control-Max-Age response header values as described by MDN Access-Control-Max-Age.
systemConfiguration.dataObjectAn object that can hold any information about the System that should be persisted.
systemConfiguration.eventLogConfiguration.numberToRetainIntegerThe number of events to retain. Once the number of event logs exceeds this configured value they will be deleted starting with the oldest event logs.
systemConfiguration.loginRecordConfiguration.delete.enabledBooleanWhether or not FusionAuth should delete the login records based upon this configuration. When true the loginRecordConfiguration.delete.numberOfDaysToRetain will be used to identify login records that are eligible for deletion. When this value is set to false login records will be preserved forever.
systemConfiguration.loginRecordConfiguration.delete.numberOfDaysToRetainIntegerThe number of days to retain login records.
systemConfiguration.reportTimezoneStringThe time zone used to adjust the stored UTC time when generating reports. Since reports are usually rolled up hourly, this timezone will be used for demarcating the hours.
For example:
America/DenverorUS/Mountain
systemConfiguration.trustedProxyConfiguration.trustPolicyStringAvailable since 1.49.0This setting is used to resolve the client IP address for use in logging, webhooks, and IP-based access control when an X-Forwarded-For header is provided. Because proxies are free to rewrite the X-Forwarded-For header, an untrusted proxy could write a value that allowed it to bypass IP-based ACLs, or cause an incorrect IP address to be logged or sent to a webhook.
Valid values are:
All: Consider all proxies in anX-Forwarded-Forheader to be trusted, and use the first address in theX-Forwarded-Forheader as the resolved address. This is less secure, and is provided for backwards compatibility.OnlyConfigured: Only trust proxies named in thesystemConfiguration.trustedProxyConfiguration.trustedlist. In this case, the first untrusted proxy found will be used as the client IP address.
systemConfiguration.trustedProxyConfiguration.trustedArray<String>Available since 1.49.0An array of IP addresses, representing the set of trusted upstream proxies.
systemConfiguration.uiConfiguration.headerColorStringA hexadecimal color to override the default menu color in the user interface.
systemConfiguration.uiConfiguration.logoURLStringA URL of a logo to override the default FusionAuth logo in the user interface.
systemConfiguration.uiConfiguration.menuFontColorStringA hexadecimal color to override the default menu font color in the user interface.
systemConfiguration.usageDataConfiguration.enabledBooleanAvailable since 1.55.0Whether or not FusionAuth collects and sends usage data to improve the product.
systemConfiguration.webhookEventLogConfiguration.enabledBooleanAvailable since 1.57.0Whether or not FusionAuth should create Webhook Event Logs. When true FusionAuth will create an event log for each webhook event and an attempt log for each attempt at sending the event to a webhook.
systemConfiguration.webhookEventLogConfiguration.delete.enabledBooleanAvailable since 1.53.0Whether or not FusionAuth should delete Webhook Event Logs based upon this configuration. When true the webhookEventLogConfiguration.delete.numberOfDaysToRetain will be used to identify webhook event logs that are eligible for deletion. When this value is set to false webhook event logs will be preserved forever.
systemConfiguration.webhookEventLogConfiguration.delete.numberOfDaysToRetainIntegerAvailable since 1.53.0The number of days to retain Webhook Event Logs.
Example Response JSON
{
"systemConfiguration": {
"auditLogConfiguration": {
"delete": {
"enabled": true,
"numberOfDaysToRetain": 90
}
},
"corsConfiguration": {
"allowCredentials": true,
"allowedHeaders": [
"Accept",
"Access-Control-Request-Headers",
"Access-Control-Request-Method",
"Authorization",
"Content-Type",
"Last-Modified",
"Origin",
"X-FusionAuth-TenantId",
"X-Requested-With"
],
"allowedMethods": [
"GET",
"POST",
"HEAD",
"OPTIONS",
"PUT",
"DELETE"
],
"allowedOrigins": [
"*"
],
"debug": false,
"enabled": true,
"exposedHeaders": [
"Access-Control-Allow-Origin",
"Access-Control-Allow-Credentials"
],
"preflightMaxAgeInSeconds": 1800
},
"eventLogConfiguration": {
"numberToRetain": 10000
},
"loginRecordConfiguration": {
"delete": {
"enabled": true,
"numberOfDaysToRetain": 90
}
},
"reportTimezone": "America/Denver",
"trustedProxyConfiguration": {
"trustPolicy": "OnlyConfigured",
"trusted": [
"123.123.123.123"
]
},
"uiConfiguration": {
"headerColor": "303030",
"logoURL": "https://local.fusionauth.io/images/logo.svg",
"menuFontColor": "F0F0F0"
},
"webhookEventLogConfiguration": {
"enabled": true,
"delete": {
"enabled": true,
"numberOfDaysToRetain": 90
}
}
}
}