Skip to content

Lab 11 - KEEP Configuration

The Domino REST API provides extensive configuration capabilities to cater to different usage scenarios

Duration 20 min

What you will learn

  • Fine tune KEEP configuration
  • Switch on/off API endpoints

KEEP configuration

Prerequisites

  • Domino running

Steps

All configuration settings are kept in JSON files you place in keepcofig.d. Files are loaded in alphabetical order. When you have conflicting entries, the last one wins. After a change the REST API needs to be reloaded.

Update CORS settings

Starting Domino REST API v1.1.3, CORS uses Regex. For more information, see CORS is now using Regex.

{
  "CORS": {
    "^https?:\\/\\/localhost$": true,
    "^https?:\\/\\/.*\\.local$": false,
    "^https?:\\/\\/yourDomain\\.com$": true
  }
}

wherein:

  • ^ → beginning of the string
  • http → the literal string http
  • s? → optional the string s
  • \\/ → double escape the string /
  • .* → one or more characters of any type
  • \\. → double escape the string .
  • $ → end of string

Note

Inside JSON, the \ of Regex gets escaped to \\.

{
  "CORS": {
    "localhost": true,
    ".local": false,
    "yourDomain.com": true
  }
}

CORS Settings

Disable PIM access

{
  "versions": {
    "pim": {
      "active": true
    }
  },
  "verticles": {
    "PIM": {
      "active": false
    },
    "Firehose": {
      "active": false
    }
  }
}

PIM disabled

Disable Admin Endpoints and UI

{
  "versions": {
    "setup": {
      "active": false
    }
  },
  "verticles": {
    "Design": {
      "active": false
    },
    "KeepAdmin": {
      "active": false
    }
  },
  "webapps": {
    "webjars": {
      "active": false
    }
  }
}

Disable Setup

Enable OAuth

{
  "oauth": {
    "active": true,
    "database": "oauth.nsf",
    "authCodeExpiresIn": 120,
    "accessTokenExpiresIn": 3600,
    "refreshTokenExpiresIn": 525600,
    "url": "http://localhost:8880"
  }
}

Enable OAuth

How to check

  • check with swagger
  • check with curl

Things to explore