forked from mosip/mosip-config
-
Notifications
You must be signed in to change notification settings - Fork 0
/
syncdata-default.properties
435 lines (366 loc) · 20.8 KB
/
syncdata-default.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
# Follow properites have their values assigned via 'overrides' environment variables of config server docker.
# DO NOT define these in any of the property files. They must be passed as env variables. Refer to config-server
# helm chart:
# db.dbuser.password
# keycloak.internal.host
# keycloak.internal.url
# keycloak.admin.password
# mosip.auth.client.secret (convention: <realm>.<keycloak client name>)
# mosip.ida.client.secret
# mosip.admin.client.secret
# mosip.reg.client.secret
# mosip.prereg.client.secret
# mosip.syncdata.client.secret
# softhsm.kernel.security.pin
## Sync data
mosip.kernel.syncdata.auth-manager-base-uri=${mosip.kernel.authmanager.url}/v1/authmanager
mosip.kernel.syncdata.auth-manager-roles=/roles
mosip.kernel.syncdata.auth-user-details=/userdetails
mosip.kernel.syncdata.syncdata-request-id=SYNCDATA.REQUEST
mosip.kernel.syncdata.syncdata-version-id=v1.0
# Name of the file that is present in the config server which has registration specific config.
mosip.kernel.syncdata.registration-center-config-file=registration-${spring.profiles.active}.properties
# Name of the file that is present in the config server which has global config.
mosip.kernel.syncdata.global-config-file=application-${spring.profiles.active}.properties
mosip.kernel.syncdata.syncjob-base-url=${mosip.kernel.syncdata.syncjob.url}/v1/syncjob/syncjobdef
mosip.kernel.syncdata-service-idschema-url=${mosip.kernel.masterdata.url}/v1/masterdata/idschema/latest
## SMS notification
mosip.kernel.sms.enabled=false
mosip.kernel.sms.country.code=91
mosip.kernel.sms.number.length=10
#mosip.kernel.sms.gateway : "infobip" or "msg91"
mosip.kernel.sms.gateway=gateway
## --msg91 gateway--
mosip.kernel.sms.api=smsapi
mosip.kernel.sms.authkey=authkey
mosip.kernel.sms.route=route
mosip.kernel.sms.sender=sender
mosip.kernel.sms.unicode=unicode
## Email notification
mosip.kernel.notification.email.from=mosipuser@gmail.com
spring.mail.host=smtphost
spring.mail.username=username
spring.mail.password=password
spring.mail.port=587
spring.mail.properties.mail.transport.protocol=smtp
spring.mail.properties.mail.smtp.starttls.required=true
spring.mail.properties.mail.smtp.starttls.enable=true
spring.mail.properties.mail.smtp.auth=true
spring.mail.debug=false
spring.servlet.multipart.enabled=true
spring.servlet.multipart.max-file-size=5MB
## Keymanager service
#Type of keystore, Supported Types: PKCS11, PKCS12, Offline, JCE
mosip.kernel.keymanager.hsm.keystore-type=OFFLINE
# For PKCS11 provide Path of config file.
# For PKCS12 keystore type provide the p12/pfx file path. P12 file will be created internally so provide only file path & file name.
# For Offline & JCE property can be left blank, specified value will be ignored.
mosip.kernel.keymanager.hsm.config-path=/config/softhsm-application.conf
# Passkey of keystore for PKCS11, PKCS12
# For Offline & JCE proer can be left blank. JCE password use other JCE specific properties.
mosip.kernel.keymanager.hsm.keystore-pass=${softhsm.kernel.security.pin}
## Auditmanager
mosip.kernel.auditmanager-service-logs-location=logs/audit.log
## Auth service
auth.jwt.secret=authjwtsecret
auth.jwt.base=Mosip-Token
auth.jwt.expiry=6000000
auth.token.header=Authorization
auth.refreshtoken.header=RefreshToken
auth.jwt.refresh.expiry=86400000
auth.primary.language=eng
otp.manager.api.generate=${mosip.kernel.otpmanager.url}/v1/otpmanager/otp/generate
otp.manager.api.verify=${mosip.kernel.otpmanager.url}/v1/otpmanager/otp/validate
otp.sender.api.email.send=${mosip.kernel.notification.url}/v1/notifier/email/send
otp.sender.api.sms.send={mosip.kernel.notification.url}/v1/notifier/sms/send
masterdata.api.template=${mosip.kernel.masterdata.url}/v1/masterdata/templates/
masterdata.api.template.otp=/otp-sms-template
idrepo.api.getuindetails=${mosip.idrepo.identity.url}/v1/identity/uin/{uin}
mosip.kernel.auth.app.id=auth
mosip.kernel.auth.client.id=mosip-auth-client
mosip.kernel.auth.secret.key=${mosip.auth.client.secret}
mosip.kernel.ida.app.id=ida
mosip.kernel.ida.client.id=mosip-ida-client
mosip.kernel.ida.secret.key=${mosip.ida.client.secret}
## Token id salts
mosip.kernel.tokenid.uin.salt=${mosip.kernel.uin.salt}
mosip.kernel.tokenid.partnercode.salt=${mosip.kernel.partnercode.salt}
## VID generator service
mosip.kernel.vid.min-unused-threshold=100000
mosip.kernel.vid.vids-to-generate=200000
mosip.kernel.vid.time-to-release-after-expiry=5
mosip.kernel.vid.pool-population-timeout=10000000
kernel.vid.revoke-scheduler-type=cron
kernel.vid.revoke-scheduler-seconds=0
kernel.vid.revoke-scheduler-minutes=0
kernel.vid.revoke-scheduler-hours=23
kernel.vid.revoke-scheduler-days_of_month=*
kernel.vid.revoke-scheduler-months=*
kernel.vid.revoke-scheduler-days_of_week=*
kernel.vid.isolator-scheduler-type=cron
kernel.vid.isolator-scheduler-seconds=0
kernel.vid.isolator-scheduler-minutes=0
kernel.vid.isolator-scheduler-hours=*
kernel.vid.isolator-scheduler-days_of_month=*
kernel.vid.isolator-scheduler-months=*
kernel.vid.isolator-scheduler-days_of_week=*
## PRID properties
mosip.kernel.prid.min-unused-threshold=1000
mosip.kernel.prid.prids-to-generate=2000
mosip.kernel.prid.pool-population-timeout=10000000
mosip.kernel.prid.sequence-limit=3
kernel.prid.revoke-scheduler-type=cron
kernel.prid.revoke-scheduler-seconds=0
kernel.prid.revoke-scheduler-minutes=0
kernel.prid.revoke-scheduler-hours=23
kernel.prid.revoke-scheduler-days_of_month=*
kernel.prid.revoke-scheduler-months=*
kernel.prid.revoke-scheduler-days_of_week=*
## Database properties
# Database hostname below is assuming postgres is running inside cluster in 'postgres' namespace
# If database is external to production, provide the DNS or ip of the host and port
mosip.kernel.database.hostname=postgres-postgresql.postgres
mosip.kernel.database.port=5432
javax.persistence.jdbc.driver=org.postgresql.Driver
hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect
hibernate.jdbc.lob.non_contextual_creation=true
hibernate.hbm2ddl.auto=none
hibernate.show_sql=false
hibernate.format_sql=false
hibernate.connection.charSet=utf8
hibernate.cache.use_second_level_cache=false
hibernate.cache.use_query_cache=false
hibernate.cache.use_structured_entries=false
hibernate.generate_statistics=false
logging.level.org.hibernate.SQL=ERROR
logging.level.org.hibernate.type=ERROR
admin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
admin_database_username=kerneluser
admin_database_password=${db.dbuser.password}
syncjob_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_master
syncjob_database_username=masteruser
syncjob_database_password=${db.dbuser.password}
audit_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_audit
audit_database_username=audituser
audit_database_password=${db.dbuser.password}
masterdata_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_master
masterdata_database_username=masteruser
masterdata_database_password=${db.dbuser.password}
uin.swagger.base-url=https://qa.mosip.io
uin_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
uin_database_username=kerneluser
uin_database_password=${db.dbuser.password}
hibernate.current_session_context_class=org.springframework.orm.hibernate5.SpringSessionContext
id_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
id_database_username=kerneluser
id_database_password=${db.dbuser.password}
vid_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
vid_database_username=kerneluser
vid_database_password=${db.dbuser.password}
prid_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
prid_database_username=kerneluser
prid_database_password=${db.dbuser.password}
keymanager.persistence.jdbc.driver=org.postgresql.Driver
keymanager_database_url = jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_keymgr
keymanager_database_password=${db.dbuser.password}
keymanager_database_username= keymgruser
otpmanager_database_username = kerneluser
otpmanager_database_url = jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
otpmanager_database_password=${db.dbuser.password}
syncdata_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_master
syncdata_database_username=masteruser
syncdata_database_password=${db.dbuser.password}
licensekeymanager.persistence.jdbc.driver=org.postgresql.Driver
licensekeymanager_database_url=jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_master
licensekeymanager_database_username=masteruser
licensekeymanager_database_password=${db.dbuser.password}
ridgenerator_database_username =regprcuser
ridgenerator_database_url =jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_regprc
ridgenerator_database_password=${db.dbuser.password}
## Keycloak properties
mosip.iam.base-url=${keycloak.internal.url}
mosip.iam.admin-realm-id=admin
mosip.iam.default.realm-id=mosip
mosip.iam.open-id-url =${keycloak.internal.url}/auth/realms/{realmId}/protocol/openid-connect/
mosip.iam.realm.operations.base-url=${keycloak.internal.url}/admin/realms/{realmId}
mosip.iam.admin-url=${keycloak.internal.url}/admin/
mosip.iam.roles-extn-url=realms/mosip/roles
mosip.iam.users-extn-url=realms/mosip/users
mosip.iam.role-user-mapping-url=/{userId}/role-mappings/realm
mosip.iam.role-based-user-url=realms/{realm}/roles/{role-name}/users
#Self token resttemplate related to configuration
mosip.iam.adapter.clientid=mosip-syncdata-client
mosip.iam.adapter.clientsecret=${mosip.syncdata.client.secret}
mosip.iam.adapter.appid=registrationclient
mosip.iam.adapter.issuerURL=${keycloak.internal.url}/auth/realms/mosip
mosip.authmanager.client-token-endpoint=${mosip.authmanager.base-url}/authenticate/clientidsecretkey
mosip.iam.adapter.validate-expiry-check-rate=15
mosip.iam.adapter.renewal-before-expiry-interval=15
mosip.iam.adapter.self-token-renewal-enable=true
keycloak.realm=registration-client
keycloak.resource=account
keycloak.auth-server-url=${keycloak.internal.url}/auth
keycloak.ssl-required=none
keycloak.public-client=true
keycloak.use-resource-role-mappings=true
keycloak.verify-token-audience=true
mosip.iam.authorization_endpoint=${keycloak.internal.url}/auth/realms/{realmId}/protocol/openid-connect/auth
mosip.iam.token_endpoint=${keycloak.internal.url}/auth/realms/{realmId}/protocol/openid-connect/token
mosip.admin.login_flow.name=authorization_code
mosip.admin.login_flow.response_type=code
mosip.admin.login_flow.scope=cls
mosip.admin.clientid=mosip-admin-client
mosip.admin.clientsecret={cipher}46b4a98aac7347e6a2d4f723e281cfd1e7b859100cc17494fc7ed9fb357a6cd9
mosip.admin.redirecturi=${mosip.authmanager.base-url}/login-redirect/
mosip.admin_realm_id=mosip
mosip.iam.master.realm-id=master
mosip.iam.pre-reg_user_password=mosip
## TODO: Below config is not needed anymore. Need to remove init of db_3_DS in authmanager code. For now, we just
## point to a valid db.
#db_3_DS.keycloak.ipaddress= jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/keycloak
db_3_DS.keycloak.ipaddress= jdbc:postgresql://${mosip.kernel.database.hostname}:${mosip.kernel.database.port}/mosip_kernel
db_3_DS.keycloak.port=${mosip.kernel.database.port}
db_3_DS.keycloak.username=kerneluser
db_3_DS.keycloak.password=${db.dbuser.password}
db_3_DS.keycloak.driverClassName=org.postgresql.Driver
mosip.keycloak.admin.client.id=admin-cli
mosip.keycloak.admin.user.id=admin
mosip.keycloak.admin.secret.key=${keycloak.admin.password}
mosip.iam.impl.basepackage=io.mosip.kernel.auth.defaultimpl
mosip.auth.adapter.impl.basepackage=io.mosip.kernel.auth.defaultadapter
mosip.authmanager.base-url=${mosip.kernel.authmanager.url}/v1/authmanager
master.search.maximum.rows=50
mosip.level=2
mosip.kernel.masterdata.audit-url= ${mosip.kernel.auditmanager.url}/v1/auditmanager/audits
mosip.keycloak.max-no-of-users=20000
## Register device
mosip.kernel.keymanager-service-sign-url=${mosip.kernel.keymanager.url}/v1/keymanager/jwtSign
masterdata.registerdevice.timestamp.validate=+10
## Prereg
mosip.kernel.prereg.realm-id=mosip
mosip.kernel.prereg.client.id=mosip-prereg-client
mosip.kernel.prereg.secret.key=${mosip.prereg.client.secret}
## UIN scheduler
kernel.uin.transfer-scheduler-type=cron
kernel.uin.transfer-scheduler-seconds=0
kernel.uin.transfer-scheduler-minutes=48
kernel.uin.transfer-scheduler-hours=17
kernel.uin.transfer-scheduler-days_of_month=*
kernel.uin.transfer-scheduler-months=*
kernel.uin.transfer-scheduler-days_of_week=*
## UIN Auth adapter config
auth.server.admin.validate.url=${mosip.kernel.authmanager.url}/v1/authmanager/authorize/admin/validateToken
auth.server.admin.allowed.audience=mosip-regproc-client,mosip-prereg-client,mosip-admin-client,mosip-reg-client,mosip-resident-client
## Proxy otp
mosip.kernel.auth.proxy-otp-value=111111
mosip.security.provider.name=SunPKCS11-pkcs11-proxy
## identity schema backward compatability ########
mosip.ui.spec.default.domain=registration-client
#### Required for admin UI ##############
## this pattern like --> display column : configKey.
## We can provide multiple values with ";" separated
mosip.admin.ui.configs=version:${aplication.configuration.level.version};locationHierarchyLevel:${mosip.recommended.centers.locCode};mandatoryLanguages:${mosip.mandatory-languages};optionalLanguages:${mosip.optional-languages};supportedLanguages: ${mosip.mandatory-languages},${mosip.optional-languages};leftToRightOrientation:${mosip.left_to_right_orientation};rightToLeftOrientation:${mosip.right_to_left_orientation};countryCode:${mosip.country.code}
## Used to get IAM user details.
mosip.kernel.masterdata.auth-manager-base-uri=${mosip.kernel.authmanager.url}/v1/authmanager
mosip.kernel.masterdata.auth-user-details=/userdetails
## Security properties
mosip.security.csrf-enable=false
mosip.security.cors-enable=false
mosip.security.origins=localhost:8080
mosip.security.secure-cookie=false
## ROOT key identifier
mosip.root.key.applicationid=ROOT
## Certificate signing algorithm
mosip.kernel.certificate.sign.algorithm=SHA256withRSA
## Default certificate params
mosip.kernel.keymanager.certificate.default.common-name=www.mosip.io
mosip.kernel.keymanager.certificate.default.organizational-unit=MOSIP-TECH-CENTER
mosip.kernel.keymanager.certificate.default.organization=IITB
mosip.kernel.keymanager.certificate.default.location=BANGALORE
mosip.kernel.keymanager.certificate.default.state=KA
mosip.kernel.keymanager.certificate.default.country=IN
## Zero Knowledge Master & Public Key identifier.
mosip.kernel.zkcrypto.masterkey.application.id=KERNEL
mosip.kernel.zkcrypto.masterkey.reference.id=IDENTITY_CACHE
mosip.kernel.zkcrypto.publickey.application.id=IDA
mosip.kernel.zkcrypto.publickey.reference.id=PUBLIC_KEY
mosip.kernel.zkcrypto.wrap.algorithm-name=AES/ECB/NoPadding
mosip.kernel.zkcrypto.derive.encrypt.algorithm-name=AES/ECB/PKCS5Padding
## Application Id for PMS master key.
mosip.kernel.partner.sign.masterkey.application.id=PMS
datastores=ldap_1_DS,db_1_DS,db_2_DS
## Partner Management Service allowed partner domains
mosip.kernel.partner.allowed.domains=AUTH,DEVICE,FTM
## List of keys to auto generate.
mosip.kernel.keymanager.autogen.appids.list=ROOT,KERNEL:SIGN,PRE_REGISTRATION,REGISTRATION,REGISTRATION_PROCESSOR,ID_REPO,KERNEL:IDENTITY_CACHE,RESIDENT,PMS
## Random keys required for ZK encrypt.
zkcrypto.random.key.generate.count=10000
mosip.kernel.keymanager.autogen.basekeys.list=RESIDENT:mpartner-default-resident
# Keymanager service keystore cache properties
mosip.kernel.keymanager.keystore.keyreference.enable.cache=true
# API to get machine based on machine id
mosip.kernel.syncdata-service-machine-url=${mosip.kernel.masterdata.url}/v1/masterdata/machines/%s
# Flag added to choose client crypto implementation in syncdata service
# Needs to be updated to true in prod deployments
mosip.syncdata.tpm.required=false
mosip.kernel.registrationclient.app.id=registrationclient
mosip.kernel.registrationclient.client.id=mosip-reg-client
# env variable
mosip.kernel.registrationclient.secret.key=${mosip.reg.client.secret}
# API to fetch auth token and refresh token used by syncdata-service
mosip.kernel.authtoken.NEW.internal.url=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/internal/useridPwd
mosip.kernel.authtoken.OTP.internal.url=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/internal/userotp
mosip.kernel.authtoken.REFRESH.internal.url=${mosip.kernel.authmanager.url}/v1/authmanager/authorize/internal/refreshToken/registrationclient
mosip.kernel.auth.sendotp.url=${mosip.kernel.authmanager.url}/v1/authmanager/authenticate/sendotp
# Sample Additional configuration required for real HSM configured though JCE.
# Add the required JCE properties with prefix. - "mosip.kernel.keymanager.hsm.jce" for the property key
# mosip.kernel.keymanager.hsm.jce.className=io.mosip.keymanager.hsm.impl.AnyHSMKeyStoreImpl
# mosip.kernel.keymanager.hsm.jce.keyStoreType=HSMKeyStoreType
# mosip.kernel.keymanager.hsm.jce.keyStoreFile=AnyRequiredKeyStoreFile
# mosip.kernel.keymanager.hsm.jce.localKeyStorePwd=HSMPartitionPassword
## syncdata-service websub configuration (cacert sync)
syncdata.websub.topic.ca-cert=CA_CERTIFICATE_UPLOADED
# Secret for partner CA certificate CRUD callback
syncdata.websub.callback.secret.ca-cert=secret
# Callback url for partner CA certificate CRUD event
syncdata.websub.callback.url.path.ca-cert=/websub/callback/cacert
syncdata.websub.callback.url.ca-cert=${mosip.kernel.syncdata.url}/${server.servlet.context-path}/websub/callback/cacert
# Number of retires on subscription failure
syncdata.websub.resubscription.retry.count=3
# The time interval in seconds to schedule subscription of topics which is done as a
# work-around for the bug: MOSIP-9496. By default the
# this property value is set to 0 that disables this workaround.
# To enable the resubscrition scheduling, this property should be assigned with a positive
# number like 1 * 60 * 60 = 3600 for one hour
syncdata.websub.resubscription.delay.millis=43200000
subscriptions-delay-on-startup=120000
#Property to fetch location hierarchies during client settings sync
mosip.kernel.masterdata.locationhierarchylevels.uri=${mosip.kernel.masterdata.url}/v1/masterdata/locationHierarchyLevels
# Flag to identify the support of no thumbprint in 1.1.3 version.
# Added this for backward compatability. default is false, means support is not required.
# Make it to true if support is required.
mosip.kernel.keymanager.113nothumbprint.support=false
mosip.sync.entity.url.APPLICANTTYPE.MVEL=${mosip.api.internal.url}/v1/syncdata/scripts/applicanttype.mvel
mosip.sync.entity.auth-required.APPLICANTTYPE.MVEL=true
mosip.sync.entity.auth-token.APPLICANTTYPE.MVEL=Authorization:OAUTH
mosip.sync.entity.encrypted.APPLICANTTYPE.MVEL=false
mosip.sync.entity.headers.APPLICANTTYPE.MVEL=Content-Type:text/plain;charset=UTF-8
mosip.sync.entity.only-on-fullsync.APPLICANTTYPE.MVEL=false
spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
syncdata.cache.evict.delta-sync.cron=0 0/15 * * * *
syncdata.cache.snapshot.cron=0 0 23 * * *
mosip.kernel.keymanager-service-publickey-url=${mosip.kernel.keymanager.url}/v1/keymanager/getCertificate?applicationId={applicationId}
mosip.kernel.keymanager.unique.identifier.autoupdate=false
## Roles
mosip.role.admin.syncdata.getclientsettings=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getpublickeyapplicationid=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.gettpmpublickeyverify=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getlatestidschema=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default,PRE_REGISTRATION_ADMIN,REGISTRATION_PROCESSOR,INDIVIDUAL,RESIDENT,ID_AUTHENTICATION
mosip.role.admin.syncdata.getgetcertificate=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.gettpmpublickeymachineid=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default,REGISTRATION_PROCESSOR
mosip.role.admin.syncdata.getconfigskeyIndex=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getuserdetails=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getgetcacertificates=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getv2clientsettings=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,REGISTRATION_ADMIN,default
mosip.role.admin.syncdata.getclientsettingsentityIdentifier=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,default
mosip.role.admin.syncdata.getscriptsscriptName=REGISTRATION_SUPERVISOR,REGISTRATION_OFFICER,default