mimoto-default.properties

mosip.service.end-points=/**/*

# Inji default properties
mosip.inji.allowedAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face
mosip.inji.allowedEkycAuthType=demo,otp,bio-Finger,bio-Iris,bio-Face
mosip.inji.allowedInternalAuthType=otp,bio-Finger,bio-Iris,bio-Face
mosip.inji.faceSdkModelUrl=https://api.collab.mosip.net/inji
# maximum number of retry for downloading vc
mosip.inji.vcDownloadMaxRetry=10
# pool interval in milliseconds
mosip.inji.vcDownloadPoolInterval=6000
# validate binding audience url to be sent in token
mosip.inji.audience=ida-binding
# issuer to be sent in token
mosip.inji.issuer=residentapp
# warning screen domain name
mosip.inji.warningDomainName=${mosip.api.public.url}
#timeout for vc download api via OpenId4VCI flow in milliseconds
mosip.inji.openId4VCIDownloadVCTimeout=30000
# inji documentation url
mosip.inji.aboutInjiUrl=https://docs.inji.io/inji-wallet/inji-mobile
# minimum storage space required for making audit entry in MB
mosip.inji.minStorageRequiredForAuditEntry=2
# minimum storage space required for downloading / receiving vc in MB
mosip.inji.minStorageRequired=2

# MOSIP
# Defines the base URLs for various MOSIP services and Keycloak for internal and external communication
mosip.api.public.url=http://localhost:${server.port}
mosipbox.public.url=http://localhost:${server.port}
keycloak.internal.url=http://keycloak.keycloak
keycloak.external.url=https://iam.collab.mosip.net/
mosip.kernel.authmanager.url=http://authmanager.kernel/
mosip.kernel.masterdata.url=http://masterdata.kernel

# Resident service Configurations used in downloading the Verifiable Credential of MosipOtp issuer
# Base URL for Resident service
mosip.resident.base.url=https://api.collab.mosip.net/resident/v1
# This URL used for fetching the OTP from resident service prior to initiating the download flow on the Mobile Wallet
RESIDENT_OTP=${mosip.resident.base.url}/req/otp
# This URL used for fetching the OTP while getting the UIN/VID from AID(Application ID)
RESIDENT_INDIVIDUALID_OTP=${mosip.resident.base.url}/individualId/otp
# This URL is used to get the status about whether the UIN/VID is generated from AID or not
RESIDENT_AID_GET_INDIVIDUALID=${mosip.resident.base.url}/aid/status
# URL to request the Verifiable Credential download from the Resident service
RESIDENT_CREDENTIAL_REQUEST=${mosip.resident.base.url}/req/credential
# URL to check if the Verifiable Credential is downloaded yet or not
RESIDENT_CREDENTIAL_REQUEST_STATUS=${RESIDENT_CREDENTIAL_REQUEST}/status
# URL used to get the VID for the respective UIN
RESIDENT_VID=${mosip.resident.base.url}/vid
RESIDENT_AUTH_LOCK=${mosip.resident.base.url}/req/auth-lock
RESIDENT_AUTH_UNLOCK=${mosip.resident.base.url}/req/auth-unlock

#Esignet service
# Base URL for e-Signet service
mosip.esignet.host=https://esignet.collab.mosip.net
# Endpoint for fetching the OTP in Wallet binding flow
BINDING_OTP=${mosip.esignet.host}/v1/esignet/binding/binding-otp
# Endpoint for binding the credentials to the Wallet
WALLET_BINDING=${mosip.esignet.host}/v1/esignet/binding/wallet-binding

# Websub service configurations
# Dev sandbox
# Base URL for WebSub service
mosip.websub.url=http://websub.websub/
# Hub URL for WebSub service
mosip.event.hubUrl=${mosip.websub.url}/hub/
# WebSub hub URL used to subscribe to a specific topic
mosip.event.hub.subUrl=${mosip.event.hubUrl}
# WebSub hub URL used to publish the data to a specific topic
mosip.event.hub.pubUrl=${mosip.event.hubUrl}

# Delayed WebSub subscription. Default is 5 seconds in ms.
mosip.event.delay-millisecs=5000
# WebSub re-subscription workaround for losing subscribed topic when MOSIP WebSub update or restart. Default is 5 minutes in ms.
websub-resubscription-delay-millisecs=300000

# Callback URL for receiving the WebSub event notifications
mosip.event.callBackUrl=${mosip.api.public.url}/v1/mimoto/credentialshare/callback/notify
# Kafka topic to which the CREDENTIAL_ISSUED for specific partner id is published
mosip.event.topic=${mosip.partner.id}/CREDENTIAL_ISSUED
# Secret key used for validating the authenticity of the WebSub event notifications
mosip.event.secret=Kslk30SNF2AChs2

# MOSIP partner
# Unique identifier which is being used as the Issuer during MOSIP OTP issuer Verifiable Credential download requests
mosip.partner.id=mpartner-default-mobile
# Name of the PKCS#12 keystore file for cryptographic operations
mosip.partner.crypto.p12.filename=keystore.p12
# Password for accessing the PKCS#12 keystore file
mosip.partner.crypto.p12.password=abc123
# Alias used to access the secure credentials like private key of partner within the PKCS#12 keystore file
mosip.partner.crypto.p12.alias=partner
# Encryption key used for securing partner data
mosip.partner.encryption.key=123456
# Property which indicates whether the data includes its thumbprint (a unique hash for integrity verification) or not
mosip.partner.prependThumbprint=true

#-------------TOKEN GENERATION----------------
#Token generation request id
token.request.id=io.mosip.registration.processor
#Token generation app id
token.request.appid=regproc
#Token generation username
token.request.username=registrationprocessor
#Token generation password
token.request.password=abc123
#Token generation version
token.request.version=1.0
#Token generation Client Id
token.request.clientId=mosip-regproc-client
#Token generation secret key
token.request.secretKey=abc123
#Token generation issuer url
token.request.issuerUrl=${keycloak.internal.url}/auth/realms/mosip

#Audit Service
AUDIT=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits
AUDIT_URL=${mosip.kernel.auditmanager.url}/v1/auditmanager/audits
KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/clientidsecretkey

#Master Data Services
# MASTER=http://kernel-masterdata-service/v1/masterdata
MASTER=${mosip.kernel.masterdata.url}/v1/masterdata
TEMPLATES=${MASTER}/templates

#Packet receiver application version
mosip.print.application.version=1.0
#Request Date Time format
mosip.print.datetime.pattern=yyyy-MM-dd'T'HH:mm:ss.SSS'Z'


#-------------Printing Service--------------------
mosip.print.service.id=mosip.print

#Audit request id
mosip.print.audit.id=mosip.applicanttype.getApplicantType
mosip.country.code=MOR

#Kernel Crypto signature
registration.processor.signature.isEnabled=true

# Language Supported By Platform - ISO
# Defines the list of optional languages supported by the platform
mosip.optional-languages=fra,ara
# Defines the list of mandatory languages supported by the platform
mosip.mandatory-languages=eng
# mosip.primary-language=eng
# mosip.secondary-language=ara


#----------------------- CBEFF Util--------------------------------------------------
# Cbeff URL where the files will be stored in git, change it accordingly in case of change of storage location.
# mosip.kernel.xsdstorage-uri=${spring.cloud.config.uri}/${spring.application.name}/${spring.profiles.active}/${spring.cloud.config.label}/
mosip.kernel.xsdstorage-uri=https://raw.githubusercontent.com/mosip/mosip-config/develop/
# Cbeff XSD file name in config server
mosip.kernel.xsdfile=mosip-cbeff.xsd


#----------------------------- Applicant Type --------------------------------------------------
mosip.kernel.applicant.type.age.limit=5

#----------------------------- Static PIN --------------------------------------------------
mosip.kernel.pin.length=6

#-----------------------------TOKEN-ID Properties---------------------------------
#length of the token id
mosip.kernel.tokenid.length=36

#------------------------------------ Key-manager specific properties --------------------------------------------------
# Crypto asymmetric algorithm name
mosip.kernel.crypto.asymmetric-algorithm-name=RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING
# Crypto symmetric algorithm name
mosip.kernel.crypto.symmetric-algorithm-name=AES/GCM/NoPadding
# Encrypted data and encrypted symmetric key separator
mosip.kernel.data-key-splitter=#KEY_SPLITTER#
# GCM tag length
mosip.kernel.crypto.gcm-tag-length=128
# Hash algo name
mosip.kernel.crypto.hash-algorithm-name=PBKDF2WithHmacSHA512
# Symmetric key length used in hash
mosip.kernel.crypto.hash-symmetric-key-length=256
# No of iterations in hash
mosip.kernel.crypto.hash-iteration=10000
# Keygenerator symmetric algorithm name
mosip.kernel.keygenerator.symmetric-algorithm-name=AES
# Symmetric algorithm key length
mosip.kernel.keygenerator.symmetric-key-length=256
# Asymmetric algorithm key length
mosip.kernel.keygenerator.asymmetric-key-length=2048
# Keygenerator asymmetric algorithm name
mosip.kernel.keygenerator.asymmetric-algorithm-name=RSA
# Specifies the file path to the PKCS#12 keystore containing cryptographic keys for the KeyManager service
mosip.kernel.keymanager.hsm.config-path=${SPRING_CONFIG_LOCATION}certs/oidckeystore.p12
# Defines the type of the keystore used by the Key Manager as PKCS#12
mosip.kernel.keymanager.hsm.keystore-type=PKCS12
# Password to access the KeyManager PKCS#12 keystore file
mosip.kernel.keymanager.hsm.keystore-pass=${oidc_p12_password}

# Default Certificate properties
mosip.kernel.keymanager.certificate.default.common-name=www.example.com
mosip.kernel.keymanager.certificate.default.organizational-unit=EXAMPLE-CENTER
mosip.kernel.keymanager.certificate.default.organization=IIITB
mosip.kernel.keymanager.certificate.default.location=BANGALORE
mosip.kernel.keymanager.certificate.default.state=KA
mosip.kernel.keymanager.certificate.default.country=IN

# keymanager database properties
# Specifies the driver class name for the PostgreSQL database, required for the application to interact with the database
keymanager.persistence.jdbc.driver=org.postgresql.Driver
# Specifies the JDBC URL for connecting to the PostgreSQL database, required to establish a connection to the inji_mimoto database
keymanager_database_url=${SPRING_DATASOURCE_URL}
# Defines the password for accessing the PostgreSQL database, required for authentication
keymanager_database_password=${POSTGRES_PASSWORD}
# Defines the username for accessing the PostgreSQL database, required for authentication
keymanager_database_username= mimotouser
# Specifies the schema name used by the Keymanager in the PostgreSQL database
keymanager.persistence.jdbc.schema=mimoto

# Hibernate properties
hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
hibernate.hbm2ddl.auto=none
hibernate.jdbc.lob.non_contextual_creation=true
hibernate.show_sql=false
hibernate.format_sql=false
hibernate.connection.charSet=utf8
hibernate.cache.use_second_level_cache=false
hibernate.cache.use_query_cache=false
hibernate.cache.use_structured_entries=false
hibernate.generate_statistics=false
hibernate.current_session_context_class=org.springframework.orm.hibernate5.SpringSessionContext

# log level
logging.level.root=WARN
logging.level.io.mosip=INFO
# logging.level.io.mosip.kernel.auth.defaultadapter.filter=INFO
logging.level.io.mosip.kernel.auth.defaultadapter=DEBUG
logging.level.org.springframework.http.client=DEBUG
logging.level.io.mosip.mimoto=INFO
logging.level.reactor.netty.http.client=INFO
# tomcat access logs
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.directory=/dev
server.tomcat.accesslog.prefix=stdout
server.tomcat.accesslog.buffered=false
server.tomcat.accesslog.suffix=
server.tomcat.accesslog.file-date-format=
server.tomcat.accesslog.pattern={"@timestamp":"%{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}t","level":"ACCESS","level_value":70000,"traceId":"%{X-B3-TraceId}i","statusCode":%s,"req.requestURI":"%U","bytesSent":%b,"timeTaken":%T,"appName":"${spring.application.name}"}
server.tomcat.accesslog.className=io.mosip.kernel.core.logger.config.SleuthValve
registration.processor.unMaskedUin.length=5

IDSchema.Version=1.0
registration.processor.identityjson=identity-mapping.json
registration.processor.demographic.identity=identity
CREATEDATASHARE=${mosip.injiweb.datashare.url}/v1/datashare/create
DECRYPTPINBASSED=${mosip.kernel.keymanager.url}/v1/keymanager/decryptWithPin

#Auth Adapter rest template authentication configs
mosip.iam.adapter.appid=partner
mosip.iam.adapter.clientid=mpartner-default-mobile
mosip.iam.adapter.clientsecret=1234secret
auth.server.admin.issuer.uri=${keycloak.external.url}/auth/realms/

mosip.iam.adapter.issuerURL=${keycloak.internal.url}/auth/realms/mosip
mosip.authmanager.base-url=${mosip.kernel.authmanager.url}/v1/authmanager
mosip.authmanager.client-token-endpoint=${mosip.authmanager.base-url}/authenticate/clientidsecretkey
auth.server.admin.validate.url=${mosip.kernel.authmanager.url}/v1/authmanager/authorize/admin/validateToken

# in minutes
mosip.iam.adapter.validate-expiry-check-rate=1440
# in minutes
mosip.iam.adapter.renewal-before-expiry-interval=1440

#this should be false if you don?t use this restTemplate true if you do
mosip.iam.adapter.self-token-renewal-enable=true
mosip.auth.filter_disable=true
mosip.auth.adapter.impl.basepackage=io.mosip.kernel.auth.defaultadapter
mosip.kernel.auth.appids.realm.map={prereg:'mosip',ida:'mosip',registrationclient:'mosip',regproc:'mosip',partner:'mosip',resident:'mosip',admin:'mosip',crereq:'mosip',creser:'mosip',datsha:'mosip',idrepo:'mosip'}

vercred.type.vid=VID
mosip.idp.partner.id=mpartner-default-mobile
mosip.idp.partner.encryption.key=Aci9jg28B8mO_LDfDXo3ZTp5_HKgEMun2tYyHCa1e8k
wallet.binding.partner.id=mpartner-default-mimotokeybinding
wallet.binding.partner.api.key=1234walletbindingkey
mosip.iam.adapter.disable-self-token-rest-template=true

# Mosip notification otp channel config - defines the predefined list of otp channels allowed for sending the OTP to the user
mosip.notificationtype=SMS|EMAIL|PHONE

# OpenID4VCI related configurations
# Specifies the file name which includes the list of Issuers Configurations, including their well-known endpoints and other details
mosip.openid.issuers=mimoto-issuers-config.json
# Fallback HTML template used to render the Verifiable Credential if no issuer-specific template is found
mosip.openid.htmlTemplate=credential-template.html
# Specifies the type of client assertion used for OIDC authentication with e-signet (e.g., JWT bearer)
mosip.oidc.client.assertion.type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
# PKCS#12 keystore file name containing secured credentials (e.g., private key and client alias) for each onboarded issuer, used in the authentication flow with e-Signet
mosip.oidc.p12.filename=oidckeystore.p12
# Password to access the PKCS#12 keystore file
mosip.oidc.p12.password=${oidc_p12_password}
# Relative path to the directory which contains PKCS#12 keystore file oidceystore.p12
mosip.oidc.p12.path=certs/

# Inji Web Config
# Base URL for Inji Web application
mosip.inji.web.url=http://localhost:3004
# Inji Web Redirect URL which is used to show the error message in case of failure in OpenID4VP flow
mosip.inji.web.redirect.url=${mosip.inji.web.url}/authorize
# Defines the maximum number of characters allowed to be encoded into a QR code. The value can be set to anything less than or equal to 4096.
# If the data size exceeds 4096 characters (equivalent to 4KB), the 'pixel pass' library will fail to generate the QR code.
mosip.inji.qr.data.size.limit=4096
# Defines the height (in Pixels) of the generated QR code
mosip.inji.qr.code.height=400
# Defines the width (in Pixels) of the generated QR code
mosip.inji.qr.code.width=400

# Specifies the URL to redirect the user after successful authentication using Identity Provider(e.g., Goggle), pointing to the passcode page in Inji Web
mosip.inji.web.authentication.success.redirect.url=${mosip.inji.web.url}/user/passcode
# Defines the List of Issuers that are limited to issue only single Verifiable Credential
mosip.inji.wallet.issuersWithSingleVcLimit=Mosip

#User Wallet Config
# Regular expression for validating wallet PINs, ensuring it is exactly 6 digits.
mosip.inji.user.wallet.pin.validation.regex=^\\d{6}$
# Regular expression for validating wallet names, allowing alphanumeric characters, spaces, underscores, hyphens, and periods, with a maximum length of 50 characters.
mosip.inji.user.wallet.name.validation.regex=^[A-Za-z0-9 _.-]{0,50}$

#OpenId4VP related Configuration
# Pattern for including the OpenID4VP Authorization request in the QR code data of the Verifiable Credential, with placeholders for including resource(DataShare URL) and presentation definition
mosip.inji.ovp.qrdata.pattern=INJI_OVP://http://localhost:${server.port}/v1/mimoto/authorize?response_type=vp_token&resource=%s&presentation_definition=%s
# Pattern for returning the response in redirect URL for successful Verifiable Presentation in OpenId4VP flow
mosip.inji.ovp.redirect.url.pattern=%s#vp_token=%s&presentation_submission=%s
# Pattern for returning the error in redirect URL in case of Verifiable Presentation failure in OpenId4VP flow
mosip.inji.ovp.error.redirect.url.pattern=%s?error=%s&error_description=%s
# File name containing trusted verifiers for OpenId4VP. It is used for validating the verifiers during the OpenID4VP process
mosip.openid.verifiers=mimoto-trusted-verifiers.json

#DataShare Config
# Base URL for DataShare Service
mosip.data.share.url=http://datashare-service:8097
# Endpoint for creating DataShare requests and storing downloaded Verifiable Credentials
mosip.data.share.create.url=${mosip.data.share.url}/v1/datashare/create/static-policyid/static-subscriberid
# URL pattern used to validate DataShare URL and retrieve Verifiable Credential from DataShare
mosip.data.share.get.url.pattern=${mosip.data.share.url}/v1/datashare/get/static-policyid/static-subscriberid/*
# Specifies the maximum number of retry attempts for creating a DataShare request to store Verifiable Credential, ensuring reliability in case of transient failures
mosip.data.share.create.retry.count=3

#Google OAuth2 configuration
# Specifies the client ID for Google OAuth2 authentication, required to identify the application during OAuth2 requests.
spring.security.oauth2.client.registration.google.client-id=${GOOGLE_OAUTH_CLIENT_ID}
# Specifies the client secret for Google OAuth2 authentication, used to authenticate the application securely
spring.security.oauth2.client.registration.google.client-secret=${GOOGLE_OAUTH_CLIENT_SECRET}
# Defines the scopes requested during Google OAuth2 authentication, specifying the level of access required (e.g., profile and email)
spring.security.oauth2.client.registration.google.scope=profile,email
# Specifies the redirect URI for Google OAuth2 authentication callbacks, where Google sends the authorization response
spring.security.oauth2.client.registration.google.redirect-uri={baseUrl}/oauth2/callback/{registrationId}
# Defines the authorization grant type for Google OAuth2 authentication, indicating the flow used (e.g., authorization code)
spring.security.oauth2.client.registration.google.authorization-grant-type=authorization_code
# Defines the human-readable name that will be displayed for the Google login option
# For example, if it is set to "Login with Google" it will appear as "Login with Google" on a spring security generated login page
spring.security.oauth2.client.registration.google.client-name=Google
# Specifies the authorization endpoint URI for Google OAuth2, where users are redirected to authenticate
spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/auth?prompt=select_account
# Specifies the token endpoint URI for Google OAuth2, used to exchange the authorization code for an access token
spring.security.oauth2.client.provider.google.token-uri=https://oauth2.googleapis.com/token
# Specifies the user information endpoint URI for Google OAuth2, used to fetch user details after authentication
spring.security.oauth2.client.provider.google.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo
# Specifies the URI for Google's JSON Web Key Set (JWK) used for token validation, ensuring secure communication
spring.security.oauth2.client.provider.google.jwk-set-uri=https://www.googleapis.com/oauth2/v3/certs
# Maps the 'sub' attribute from the Google UserInfo endpoint response to the Spring Security principal's name (username)
spring.security.oauth2.client.provider.google.userNameAttribute=sub
# Maps the 'name' attribute from the Google UserInfo endpoint response to the Spring Security principal's accessible name
spring.security.oauth2.client.provider.google.nameAttribute=name
# Maps the 'email' attribute from the Google UserInfo endpoint response to the Spring Security principal's email address
spring.security.oauth2.client.provider.google.emailAttribute=email
# Maps the 'picture' attribute from the Google UserInfo endpoint response to the Spring Security principal's profile picture URL
spring.security.oauth2.client.provider.google.pictureAttribute=picture
# Maps the 'phone_number' attribute from the Google UserInfo endpoint response to the Spring Security principal's phone number
spring.security.oauth2.client.provider.google.phoneNumberAttribute=phone_number

#Database configuration
# Specifies the JDBC URL for connecting to the PostgreSQL database, required to establish a connection to the database.
spring.datasource.url=${SPRING_DATASOURCE_URL}
# Defines the username for accessing the PostgreSQL database, required for authentication.
spring.datasource.username=${POSTGRES_USER}
# Defines the password for accessing the PostgreSQL database, required for authentication.
spring.datasource.password=${POSTGRES_PASSWORD}
# Configures the Hibernate behavior for database schema management, setting it to 'none' prevents Hibernate from automatically creating, updating, or dropping the database schema on startup
spring.jpa.hibernate.ddl-auto=none
# Enables or disables the display of SQL statements in the logs, useful for debugging database queries
spring.jpa.show-sql=true
# Specifies the driver class name for the PostgreSQL database, required for the application to interact with the database.
spring.datasource.driver-class-name=org.postgresql.Driver

# Http session cache configuration
# Specifies which session store type to be used for storing http sessions in User Login flow
spring.session.store-type=caffeine
# Specifies the duration of inactivity after which a user session in configured session store (Ex: redis) will expire, ensuring session cleanup.
server.servlet.session.timeout=30m

# Configures the database dialect for Hibernate (PostgreSQL in this case).
spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect

# List of URLs that can be accessed without any user authentication by Identity Provider
mosip.security.ignore-auth-urls=/safetynet/**,/actuator/**,/swagger-ui/**,/v3/api-docs/**,\
  /allProperties,/credentials/**,/credentialshare/**,/binding-otp,/wallet-binding,/get-token/**,\
  /issuers,/issuers/**,/authorize,/req/otp,/vid,/req/auth/**,/req/individualId/otp,/aid/get-individual-id,\
 /verifiers, /auth/*/token-login

# CSRF Security Configuration
# CSRF protection is always enabled by default. State-changing requests (POST, PUT, DELETE, PATCH)
# require a valid CSRF token to be sent in the X-XSRF-TOKEN header.
# List of URLs that are excluded from CSRF protection. These URLs can still require authentication.
# OAuth2 endpoints and public endpoints are typically excluded from CSRF protection.
mosip.security.csrf-ignore-urls=/oauth2/**,/logout,/safetynet/**,/credentials/**,/credentialshare/**,/binding-otp,/wallet-binding,\
  /get-token/**,/req/otp,/vid,/req/auth/**,/req/individualId/otp,/auth/*/token-login

# Inji mobile wallet configuration
# This template defines the list of the fields of the downloaded verifiable credential will be included in the event files when generating different documents
credential.template=template.json
# Specifies the base directory path where the credentials which are downloaded in the Inji mobile wallet will be stored
credential.data.path=data
safetynet.api.key=
safetynet.api.url=https://www.googleapis.com/androidcheck/v1/attestations/verify?key=${safetynet.api.key}

registration.processor.print.textfile=registration-processor-print-text-file.json

# Application ID used for identifying and managing the Mimoto service keys in Key Manager service
mosip.inji.app.id=MIMOTO

# Cache related configurations
# Specifies which cache type to use (e.g., caffeine, redis)
spring.cache.type=caffeine
# Cache expiry time in minutes for the issuer's well-known endpoint response.
cache.credential-issuer.wellknown.expiry-time-in-min=60
# Cache expiry time in minutes for issuers configurations read from a config file.
cache.issuers-config.expiry-time-in-min=60
# Cache expiry time in minutes for the authentication server's well-known endpoint response.
cache.credential-issuer.authserver-wellknown.expiry-time-in-min=60
# Cache expiry time in minutes for the pre-registered trusted verifiers list.
cache.pre-registered-trusted-verifiers.expiry-time-in-min=60
# Default cache expiry time in minutes for others cache types
cache.default.expiry-time-in-min=60

# Wallet Passcode Configuration
# Duration (in minutes) for which the wallet remains locked after exceeding failed attempts in a cycle.
# Must be a whole number; decimal/fractional values (e.g., 0.5) will throw an error during Mimoto launch
wallet.passcode.retryBlockedUntil=60
# Maximum number of failed passcode attempts allowed in a single cycle (defaults to 1 if <=0)
wallet.passcode.maxFailedAttemptsAllowedPerCycle=5
# Maximum number of lock cycles allowed before the wallet is permanently locked (defaults to 1 if <=0)
wallet.passcode.maxLockCyclesAllowed=3

# Signing Algorithms Priority Order Configuration
signing.algorithms.priority.order=ED25519,ES256K,ES256,RS256

# This config enables CORS for the application, allowing it to handle cross-origin requests
mosip.security.cors-enable=true
# Predefined list of cross origins which are allowed to access the application resources
mosip.security.origins=http://localhost:3004