TOML file format for HAS

HAS continues to support configuration using the .env file shown at The example.env and .env files. However, for configuring Multiple Helix Core servers, it is easier to use a config.toml file.

Compare config.toml to .env

Consider using a config.toml file instead of an .env file. Here is another example that compares the two approaches side-by-side. The TOML file format simplifies and centralizes the configuration. For example, the [logging] table replaces the LOGGING setting and its separate file, and the [[auth_providers]] table replaces the AUTH_PROVIDERS_FILE setting and its separate file.

config.toml	.env file and associated files
ca_cert_file = "certs/respect-my-ca.crt" svc_base_uri = "https://has.example.com" port = 3000 protocol = 'https' trust_proxy = true [logging] level = 'info' transport = 'file' [logging.file] filename = 'auth-svc.log' maxsize = 1048576 maxfiles = 4 [[auth_providers]] metadata_url = "https://app.onelogin.com/saml/metadata/a4987734-9edc-4103-a60b-53junkb8dc95" sp_entity_id = "urn:example:sp" want_assertion_signed = false [[auth_providers]] issuer_uri = 'https://dev-531210.okta.com' client_id = '0oa84g5ccjhTcLiPr357' client_secret = 'SCh80xb_VodZCmangledWirSdIGrrlmLGYVhr1C'	SVC_BASE_URI="https://has.example.com" PORT=3000 PROTOCOL='https' TRUST_PROXY=true LOGGING=logging.config.cjs AUTH_PROVIDERS_FILE=providers.json
module.exports = { level: 'info', transport: 'file', file: { filename: 'auth-svc.log', maxsize: 1048576, maxfiles: 4 } }
{ "providers": [ { "metadataUrl": "https://app.onelogin.com/saml/metadata/a4987734-9edc-4103-a60b-53junkb8dc95", "spEntityId": "urn:example:sp", "wantAssertionSigned": false }, { "issuerUri": "https://dev-531210.okta.com", "clientId": "0oa84g5ccjhTcLiPr357", "clientSecret": "SCh80xb_VodZCmangledWirSdIGrrlmLGYVhr1C", } ] }

config.toml

.env file and associated files

ca_cert_file = "certs/respect-my-ca.crt"
svc_base_uri = "https://has.example.com"
port = 3000
protocol = 'https'
trust_proxy = true

[logging]
level = 'info'
transport = 'file'

[logging.file]
filename = 'auth-svc.log'
maxsize = 1048576
maxfiles = 4

[[auth_providers]]
metadata_url = "https://app.onelogin.com/saml/metadata/a4987734-9edc-4103-a60b-53junkb8dc95"
sp_entity_id = "urn:example:sp"
want_assertion_signed = false

[[auth_providers]]
issuer_uri = 'https://dev-531210.okta.com'
client_id = '0oa84g5ccjhTcLiPr357'
client_secret = 'SCh80xb_VodZCmangledWirSdIGrrlmLGYVhr1C'

SVC_BASE_URI="https://has.example.com"
PORT=3000
PROTOCOL='https'
TRUST_PROXY=true
LOGGING=logging.config.cjs
AUTH_PROVIDERS_FILE=providers.json

module.exports = {
  level: 'info',
  transport: 'file',
  file: {
    filename: 'auth-svc.log',
    maxsize: 1048576,
    maxfiles: 4
  }
}

{
  "providers": [
    {
      "metadataUrl": "https://app.onelogin.com/saml/metadata/a4987734-9edc-4103-a60b-53junkb8dc95",
      "spEntityId": "urn:example:sp",
      "wantAssertionSigned": false
    },
    {
      "issuerUri": "https://dev-531210.okta.com",
      "clientId": "0oa84g5ccjhTcLiPr357",
      "clientSecret": "SCh80xb_VodZCmangledWirSdIGrrlmLGYVhr1C",
    }
  ]
}

TOML conventions

String values are quoted, either with double quotes (") or single quotes (').

Nested settings are prefaced with a name in square brackets, as seen in the [logging] table.

Nesting can have multiple levels, as seen in the [[auth_providers]] table.

If you choose to use the TOML file format

If you want to take advantage of the simplicity of the TOML file format, create a config.toml file in your installation directory, which is the same directory where the .env file is located.

When the service starts up, if it finds a config.toml file, it will use that instead of the .env file.

For complete details about this format, see the offical page on the TOML file format.