Environment Variables
Basic Configuration
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value | Other |
|---|---|---|---|
| BASE_URL | This specifies the protocol (http/https), IP address, or domain name required to access the API service. For example, it might be "https://api.example.com" or "http://192.168.0.13:80". | ||
| SERVER_BASE_PATH | Server base path (e.g., /apidog), this requires LICENSE authorization. Please provide this path to Apidog staff when applying for LICENSE. | Optinal | |
| MYSQL_HOST | MySQL server address | ||
| MYSQL_PORT | MySQL server port | 3306 | |
| MYSQL_DATABASE | Database name | ||
| MYSQL_USER_NAME | MySQL username | ||
| MYSQL_PASSWORD | MySQL user password | ||
| REDIS_HOST | Redis server address | ||
| REDIS_PORT | Redis server port | 6379 | |
| REDIS_PASSWORD | Redis password, can be empty | ||
| REDIS_DB | Redis DB, generally set to 0 | 0 | |
| REDIS_TLS_ENABLED | Redis TLS connection | false | |
| JWT_SECRET | Secret key used to sign JSON Web Tokens for requests to /api/ endpoints, must be between 10-50 characters in length. On a Linux or macOS system, You can run the following command to generate one: openssl rand -base64 32 | ||
| LICENSE | Server authorization license, contact Apidog staff to obtain | ||
| ADMIN_USERNAME | Administrator account for Admin Panel | ||
| ADMIN_PASSWORD | Administrator password for Admin Panel |
System Email Configuration (Optional)
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value |
|---|---|---|
| MAILER_HOST | SMTP server address | |
| MAILER_PORT | SMTP port | |
| MAILER_SECURE | Whether to use SSL, optional values: true, false | |
| MAILER_USER | Sender's email address | |
| MAILER_PASSWORD | Sender's email password |
nc -vz $MAILER_HOST $MAILER_PORTConnection to smtp.gmail.com port 465 [tcp/urd] succeeded!nc: connectx to smtp.gmail.com port 465 (tcp) failed: Operation timed outUsing AWS SES
| Parameter | Default Value | Description |
|---|---|---|
| MAILER_USING_AWS_SES | false | Whether to use AWS SES (true/false) |
| MAILER_SES_ACCESS_KEY | AWS Access Key for SES authentication. | |
| MAILER_SES_ACCESS_SECRET | AWS Secret Key for SES authentication. |
| Parameter | Default Value | Description |
|---|---|---|
| MAILER_SES_SENDING_RATE | 14 | Maximum emails per second. |
| MAILER_SES_MAX_CONNECTIONS | 50 | Maximum concurrent connections to SES. |
| MAILER_SES_API_VERSION | '2012-10-17' | The SES API version. |
| MAILER_SES_REGION | 'us-east-1' | The AWS region. |
Feature Configuration (Optional)
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value | Other |
|---|---|---|---|
| NOT_FOUND_PAGE_URL | This configuration sets the redirection URL for backend service 404 errors. The URL must be a relative path that begins with a '/'. | /help/index.html | Optional |
Collaboration and Runner Service (Optional)
| Variable Name | Description | Default Value | Required for Real-time Sync |
|---|---|---|---|
| RTM_QUEUE_ENABLE | Enable collaboration/runner requests | false | Yes |
| RTM_REDIS_HOST | Redis server address | Yes | |
| RTM_REDIS_PORT | Redis server port | Yes | |
| RTM_REDIS_PASSWORD | Redis password (optional) | Yes | |
| RTM_REDIS_DB | Redis database | Yes | |
| RTM_REDIS_TLS_ENABLED | Redis TLS connection | false |
RTM_REDIS_(HOST|PORT|PASSWORD|DB|TLS_ENABLED) variables inherit their values from the corresponding REDIS_(HOST|PORT|PASSWORD|DB|TLS_ENABLED) variables.Docker run command:Gateway configuration
location /ws {
proxy_pass http://apidog-service.example.com/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}HTTPS Configuration (Optional)
If your server access protocol need to be updated from HTTP to HTTPS, please contact customer support to obtain a new license and update your BASE_URL environment variable.
| Environment Variable | Description | Default Value | Required |
|---|---|---|---|
SERVER_SSL_CERTIFICATE | HTTPS certificate content (use this method if not mounting the certificate file). | Optional | |
SERVER_SSL_CERTIFICATE_KEY | HTTPS certificate key content (use this method if not mounting the key file). | Optional | |
SERVER_SSL_CERTIFICATE_FILE | Path to the HTTPS certificate file within the container (required when mounting the certificate file). | Optional | |
SERVER_SSL_CERTIFICATE_KEY_FILE | Path to the HTTPS certificate key file within the container (required when mounting the key file). | Optional |
Using LDAP for authentication
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value | Other |
|---|---|---|---|
| LDAP_ENABLE | Whether to enable LDAP login service | Set to true to enable | |
| LDAP_URL | The address of the LDAP service in the format ldap://ip:port. For example, ldap://127.0.0.1:389 | Required when LDAP is enabled | |
| LDAP_BIND_USER | The account used to connect to LDAP. For example, cn=admin,dc=example,dc=org | Required when LDAP is enabled | |
| LDAP_BIND_PASSWORD | The password used to connect to LDAP. When anonymous access is disabled in LDAP, the administrator account and password must be configured | Required when LDAP is enabled | |
| LDAP_BASE_DN | LDAP Base DN, the Base Dn used for LDAP username retrieval. For example, dc=example,dc=org | Required when LDAP is enabled | |
| LDAP_USER_ID_ATTR | Default is dn, based on the standard openldap LDAP service, which has a unique dn field used as the unique id for ldap user attributes; if there is a username or email, you can also configure the username (name) or email (mail) | dn | Required when LDAP is enabled, if there is an email field, it is recommended to use mail first |
| LDAP_LOGIN_TITLE | Default is LDAP Login, the form name on the login page | LDAP Login | Optional |
| LDAP_USERNAME_ATTR | Used for username login, search, and display. It is recommended to keep it unique. If it appears duplicated, a random number will be added after the username. By default, it will take the uid field of openldap's standard LDAP service | uid | Optional |
| LDAP_USER_EMAIL_ATTR | Email field used for login and search. By default, it will take the mail attribute of openldap's standard LDAP service. Private users can choose not to configure mail, and using username login will not be affected | Optional | |
| LDAP_EMPLOYEE_NUMBER_ATTR | Mapping field for employee number, can be used for search | Optional | |
| LDAP_SEARCH_FILTER | Search filter for ldap service | Optional |
Using OKTA for authentication
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value | Other |
|---|---|---|---|
| OKTA_ENABLE | Whether to enable Okta login service | Supported from version v2.1.24. Set to "true" to enable, or leave blank or unset to disable | |
| OKTA_CLIENT_ID | Okta application ID | Must be filled in when Okta service is enabled | |
| OKTA_CLIENT_SECRET | Okta application access secret | Must be filled in when Okta service is enabled | |
| OKTA_DOMAIN | Okta API access domain | Must be filled in when Okta service is enabled | |
| OKTA_LOGIN_USER_ID_ATTR | Default value is "id", used as the unique ID for Okta user attributes | id | Optional |
Using Amazon S3 or other S3-compatible storage services
Please be aware that environment variable values are case-sensitive.
| Environment Variable | Description | Default Value | Other |
|---|---|---|---|
| STORAGE_DRIVER | File storage option. AWS S3 storage service can be configured as 's3'. | file | If not set, it will default to local file storage. |
| STORAGE_ACCESS_KEY | Access Key for cloud storage service. | Required if STORAGE_DRIVER is set to a cloud service. | |
| STORAGE_ACCESS_SECRET | Access Secret for cloud storage service. | Required if STORAGE_DRIVER is set to a cloud service. | |
| STORAGE_BASE_PATH | Root path of cloud storage. | /apidog | Should start with '/'. Optional. |
| STORAGE_REGION | Storage region set for cloud storage service. | Optional if STORAGE_DRIVER is set to a cloud service. | |
| STORAGE_BUCKET | Bucket (container) name set for cloud storage service. Image access will require permissions by default. | Required if STORAGE_DRIVER is set to a cloud service. | |
| STORAGE_URL_EXPIRES | Expiration time (in seconds) for authorized image access. | 1800 | Optional. |
| STORAGE_BASE_URL | Access domain name of the Bucket (container) set for cloud storage service, or the access path for local storage. | Required. | |
| STORAGE_CUSTOM_ENDPOINT | Custom storage endpoint for cloud storage (e.g., S3 custom CNAME). | Optional. | |
| STORAGE_BUCKET_PATH_STYLE | Cloud storage address concatenation mode (e.g., S3 path style). | Optional. | |
| PUBLIC_STORAGE_ENABLE | Indicates whether the cloud storage service has a public Bucket (container) name for storing public images, where image access does not require permissions. | Only effective when set to "true". | |
| PUBLIC_STORAGE_BUCKET | Public Bucket (container) name set for the cloud storage service for storing public images. | If not set, STORAGE_BUCKET will be used. | |
| PUBLIC_STORAGE_BASE_URL | Access domain name of the public Bucket (container) set for the cloud storage service, or the access path for local storage. | If not set, STORAGE_BASE_URL will be used. | |
| Here's the optimized English version of the text, suitable for a SaaS product's technical support documentation: |
Login security options
| Environment Variable Name | Description | Default Value | Notes |
|---|---|---|---|
| DISABLE_USER_REGISTRATION | Disable user registration. | true when SSO is configured, otherwise false. | Optional: true or false. true disables registration. If unset, the default value is used. |
| FORCE_SSO_LOGIN | Enforce SSO login only (when SSO is configured). | true | Optional: true or false. |
| DISABLE_SSO_ACCOUNT_CREATION | Prevent automatic account creation via SSO login; only allow manual account creation in the Apidog admin panel. | false | Optional: true or false. |
| DISABLE_REGISTER | Disable the registration feature. | Deprecated. Not recommended. Optional: true or false. true disables registration. If unset, registration is allowed. When enabled, only manual account creation in the admin panel is permitted (SSO login will also be prevented from creating new accounts). | |
| PASSWORD_ERROR_RATE_LIMIT_DURATION | Login error rate limit (time interval), in seconds. | 1800 | |
| PASSWORD_ERROR_RATE_LIMIT_MAX | Maximum allowed login errors within the time interval. | 15 | 0 means no limit. |
| PASSWORD_TRANSFER_EXTRA_ENCRYPTION | Enable password encryption during transmission. | Optional. Set to true to enable. | |
| SECRET_KEY_FOR_COMMON_CASE | RSA encryption key pair. | Example: [{"public":"Base64 encoded public key","private":"Base64 encoded private key"}] | |
| APP_DOMAIN_WHITE_LIST | CORS (Cross-Origin Resource Sharing) related. Set domains allowed for cross-origin access to the backend service. | Supported from server version 2.3.12 onwards. Example: http://apidog.com,https://apidog.com,http://app.apidog.com |
Admin Panel
Please be aware that environment variable values are case-sensitive.
ADMIN_USERNAMEADMIN_PASSWORD{BASE_URL}/admin (e.g., http://192.168.1.9/admin)In this context, {BASE_URL} represents the address configured in the BASE_URL variable.