Configuration & Settings Reference
For details on how to set configuration settings see the configuration internals page.
Name
Description
Type
Authorize users by matching claims attached to a user's identity token by their identity provider
map of strings lists
The authenticate callback path is the path/url from the authenticate service that will receive the response from your identity provider.
string
Authenticate Service URL is the externally accessible URL for the authenticate service.
URL
Authorize Service URL is the location of the internally accessible Authorize service.
URL
Turning on autocert allows Pomerium to automatically retrieve, manage, and renew public facing TLS certificates from Lets Encrypt.
bool
Autocert directory is the path which autocert will store x509 certificate data.
string
Autocert EAB Key ID is the key identifier when requesting a certificate from a CA with External Account Binding enabled.
string
Autocert EAB MAC Key is the base64url-encoded secret key corresponding to the Autocert EAB Key ID.
string
Autocert Email is the email address to use when requesting certificates from an ACME CA.
email
Let's Encrypt has strict usage limits. Enabling this setting allows you to use Let's Encrypt's staging environment which has much more lax usage limits.
bool
Certificate Authority is set when behind-the-ingress service communication uses self-signed certificates.
string
Rows per page:
25
1–25 of 132