Enhanced Security Properties

this page outlines options and recommendations on settings that can be used within the servicely application to customise the security configuration to meet individual company requirements application properties property key description default value system auth remember me enabled allows the ‘remember me’ functionality to be enabled/disabled when enabled (default), the ‘remember me’ function allows the user to stay logged in past the session timeout limit this is achieved by storing an encrypted token in a cookie that allows the user to authenticate to the system without providing login credentials does not apply to users using single sign on or for api access true system auth remember me expiry sets the expiry period for the ‘remember me’ function if enabled value is number of seconds 2592000 system auth remember me challenge token adds a challenge token to the encrypted ‘remember me' token provides a simple mechanism to invalidate all currently issued 'remember me’ tokens null system security concurrent sessions enabled specifies whether users are permitted to login into multiple concurrent sessions if set to false, users will be logged out of other sessions if they successfully log in to another session note currently does not apply to users with the admin role true system auth basic enable enables or disables basic authentication for api access true system auth bearer enable enables or disables bearer authentication for api access true system auth bearer token url enable enables or disables bearer authentication via url for api access to use this functionality, you need to be on version 1 10 or later false system auth ldap enable enables or disables ldap authentication for application access false system auth login multiple provider form enables or disables the ‘multiple provider’ functionality of the login form when true, the user will be required to enter their username first, and then the users configured login mechanism (password/ldap/saml) will be invoked false system http session timeout sets the http session timeout for the users session value is in minutes 600 (10 hours) system password reset expiry hours the amount of hours a password reset request is value value is in hours 24 system password reset locations (client side) the locations where the password reset option shows up note that it has to be enabled to show up at all values can include menu menu,login login menu,login system password reset enabled (client side) determines whether or not the password reset option appears or not value is boolean true system upload limit largest file that can be uploaded as an attachment 10mb system upload accept mime types and suffixes that will be accepted by servicely if blank then every mime type will be accepted you can find this in your servicely instance’s application property, otherwise please contact us if you need this information system upload reject mime types and suffixes that will be rejected by servicely if blank then no mime type will be rejected you can find this in your servicely instance’s application property, otherwise please contact us if you need this information system upload spoofing check if true then the mime type sent by the browser will be compared with the server determined mime type and the file will be rejected if they are different true system upload spoofing equivalent types lists of mime types that are considered equivalent when a spoofing check is made equivalent types do not cause a rejection \[\[ "application/zip", "application/x zip compressed" ],\[ "application/xml", "text/xml", "text/html" ]] system http client disable ssl validation allowed allows you to disable ssl validation for integration calls value is a boolean to use this functionality, you need to be on version 1 10 or later false system upload role required this allows you to define a specific role that is required to allow you to upload attachments through journal, html and attachment fields value is a role name to use this functionality, you need to be on version 1 10 or later administrator system upload permitted allows uploading through areas other than through the ui (such as emails) value is a boolean to use this functionality, you need to be on version 1 10 or later true