systemBehaviorConfigurations:
antiPhishingCodeEnabled: true
referralSystemEnabled: true
referralProperty:
referralCodeLength: 8
referralStartBonus: 0
registrationBonus: 50
multifactorAuthentication:
multifactorAuthSystemEnabled: true
passwordRestrictions:
passwordValidationStrategy:
uppercaseRequired: true
specialSymbolsRequired: true
passwordSimilarity:
enabled: true
minPasswordSimilarityValue: 0.15
passwordsForSimilarityCount: 5
limitForInputInvalidPassword: 5
registration:
emailRegistrationEnabled: true
phoneRegistrationEnabled: true
registrationViaInviteLinkEnabled: true
registrationWithVerificationEnabled: true
oauth2:
facebook: true
google: true
accountManagement:
defaultLanguageISOCode: "en"
defaultCountryISOCode: "UA"
limitForInputInvalidOneTimeToken: 5
limitForPasswordHistory:
enabled: false
maxPasswordHistoryCount: 5
userAvatarProperty:
widthSize: 400
heightSize: 400
antiPhishingCodeEnabled -> Add anti phishing code to profile api to user who have email. User can add anti phishing code for his account.endpoint that work from this config:
POST endpoint for add or change anti phishing code → /api/v1/account/antiPhishingCode
POST endpoint for send token for add or change anti phishing code → /api/v1/token/antiPhishingCode/changing
referralSystemEnabled -> Referral system in ProfileApi that awards bonuses to users if someone used their referral code during registration.Used when registering a user
multifactorAuthSystemEnabled -> Multi factor authentication during login flow. this configuration enables multi factor authentication.
multi factor authentication is presented for:
- email
- phone number
- google authenticator.
The user can enable the selection of the option for multi factor authentication during authorization(login). In this case, user must request a token from our system for authentication.
endpoint that work from this config:
POST endpoint for send tokens for MFA authorization → /api/v1/token/login
POST endpoint for complete MFA authorization → /api/v1/login/verification
GET endpoint for get enabled MFA steps for user → /api/v1/account/details/mfa
POST endpoint for adding google authenticator to user account → /api/v1/account/googleAuthenticator
POST endpoint for removing google authenticator from user account → /api/v1/account/googleAuthenticator/removing
POST endpoint for enabling email MFA → /api/v1/account/email/mfa/enabling
POST endpoint for enabling phone number MFA → /api/v1/account/mobile/mfa/enabling
POST endpoint for disabling email MFA → /api/v1/account/email/mfa/disabling
POST endpoint for disabling phone number MFA → /api/v1/account/mobile/mfa/disabling
POST endpoint for sending a token to disabling MFA step (EMAIL, PHONE, GOOGLE) → /api/v1/token/mfa/disabling
POST endpoint for sending a token to a new key during user key recovery → /api/v1/token/userKeys/recovery/newKey
POST endpoint for user key recovery verification → /api/v1/token/userKeys/recovery/verification
passwordValidationStrategy Configuration for password validation.
uppercaseRequired: Upper case for password validation. Password must Contains at least 1 Upper case
specialSymbolsRequired: Special symbols for password validation. Password must Contains at least 1 Special symbols (!@ # $ % ^ & * ( ) _ - + = )