# Aidbox Settings Reference This document contains the full list of settings available in Aidbox. ## General General settings ### Aidbox name ```yaml BOX_ID: "devbox" ``` Aidbox instance unique ID. Can be used to separate telemetry data (logs, metrics, traces) in observability systems for multiple deployments.
Details
IDbox-id
TypeString
Default valuedevbox
Environment variableBOX_ID
Deprecated environment variablesAIDBOX_BOX_ID
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Instance name ```yaml BOX_INSTANCE_NAME: "Aidbox" ``` Provided instance name will be attached to metric labels. It is required for monitoring multiple Aidbox instances.
Details
IDinstance-name
TypeString
Default valueAidbox
Environment variableBOX_INSTANCE_NAME
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Aidbox license ```yaml BOX_LICENSE: "" ``` License key obtained from the Aidbox user portal.
Details
IDlicense
TypeString
Default value(no default)
Environment variableBOX_LICENSE
Deprecated environment variablesAIDBOX_LICENSE
Available from2401
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
### JAVA options ```yaml JAVA_OPTS: "" ``` Configure general JAVA options. For example - request and max heap size configuration `-Xms1024m -Xmx2048m`
Details
IDjava-opts
TypeString
Default value(no default)
Environment variableJAVA_OPTS
Available from2401
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Root FHIR package ```yaml BOX_ROOT_FHIR_PACKAGE: "app.aidbox.main#0.0.1" ``` Identifier for the main Aidbox FHIR package that stores dependencies and canonical resources provided by the user.
Details
IDroot-fhir-package
TypeString
Default valueapp.aidbox.main#0.0.1
Environment variableBOX_ROOT_FHIR_PACKAGE
Deprecated environment variablesAIDBOX_AR_PACKAGE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Bootstrap FHIR package list ```yaml BOX_BOOTSTRAP_FHIR_PACKAGES: "hl7.fhir.r4.core#4.0.1" ``` During the first startup Aidbox loads these packages. This setting has no effect on any consecutive starts. Format: `#:#...`
Details
IDbootstrap-fhir-packages
TypeString
Recommended valuehl7.fhir.r4.core#4.0.1
Default value(no default)
Environment variableBOX_BOOTSTRAP_FHIR_PACKAGES
Deprecated environment variablesAIDBOX_FHIR_PACKAGES
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### FHIR NPM Package registry ```yaml BOX_FHIR_NPM_PACKAGE_REGISTRY: "https://fs.get-ig.org/pkgs" ``` Aidbox will use the provided NPM registry URL to download or update FHIR NPM packages.
Details
IDfhir-npm-package-registry
TypeString
Default valuehttps://fs.get-ig.org/pkgs
Environment variableBOX_FHIR_NPM_PACKAGE_REGISTRY
Available from2511
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Init bundle ```yaml BOX_INIT_BUNDLE: "" ``` URL of the Bundle resource in JSON format executed on Aidbox startup. Not available to edit because if file is not reachable, Aidbox will not start.
Details
IDinit-bundle
TypeString
Default value(no default)
Environment variableBOX_INIT_BUNDLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Share usage statistics with Aidbox developers ```yaml BOX_USAGE_STATS: true ``` Allows Aidbox to collect and send high-level API usage statistics to help improve the product.
Details
IDusage-stats
TypeBool
Default valuetrue
Environment variableBOX_USAGE_STATS
Deprecated environment variablesBOX_TELEMETRY_USAGE_STATS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Settings mode ```yaml BOX_SETTINGS_MODE: "read-write" ``` Settings mode defines the source of settings values and possibility to change them at runtime.
Details
IDsettings-mode
TypeEnum
Valueslegacy — Reads configuration values from the legacy Aidbox configuration project (zen) in read-only mode. This mode exists for backward compatibility. It will be obsolete in July 2025. <a href='https://www.health-samurai.io/news/aidbox-transitions-to-the-fhir-schema-engine'>Read more</a>
read-only — Reads settings values from environment variables and Aidbox settings in read-only mode. Loading configuration from the Aidbox configuration project (Zen) is disabled.
read-write — Enables editing Aidbox settings using the UI. Loading configuration from the Aidbox configuration project (Zen) is disabled.
Recommended valueread-write
Default valuelegacy
Environment variableBOX_SETTINGS_MODE
Available from2502
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Enable export settings endpoint ```yaml BOX_EXPORT_SETTINGS_ENDPOINT: false ``` Allow user to request current Aidbox settings as a set of environment variables on `/api/v1/settings/export`. **Be aware, that endpoint may expose your sensitive settings.**
Details
IDexport-settings-endpoint
TypeBool
Default valuefalse
Environment variableBOX_EXPORT_SETTINGS_ENDPOINT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Enable cache replication ```yaml BOX_CACHE_REPLICATION_DISABLE: false ``` Aidbox automatically syncs runtime cache (SearchParameters, FHIR Schemas, OperationDefinitions, etc) across multiple instances for high availability. If you configure everything at startup and don't modify metadata at runtime, you can disable cache replication to improve performance.
Details
IDcache-replication-disable
TypeBool
Default valuefalse
Environment variableBOX_CACHE_REPLICATION_DISABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Aidbox modules load list ```yaml BOX_MODULE_LOAD: "" ``` During startup Aidbox loads these modules. Format: `,,...`
Details
IDmodule-load
TypeString
Default value(no default)
Environment variableBOX_MODULE_LOAD
Available from2505
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Aidbox module jar ```yaml BOX_MODULE_JAR: "" ``` Path to an Aidbox module jar files separated by ":" Format: `::...`
Details
IDmodule-jar
TypeString
Default value(no default)
Environment variableBOX_MODULE_JAR
Available from2505
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
## FHIR FHIR settings ### General General FHIR settings #### Enable FHIR compliant mode ```yaml BOX_FHIR_COMPLIANT_MODE: true ``` Enforces FHIR compatibility when enabled: - Adds various attributes and endpoints info to CapabilityStatement - Sanitises CapabilityStatement (i.e. removes attributes containing null values and empty arrays) - Adds `/fhir` to base URL for FHIR search parameters definitions in CapabilityStatement - Adds `BOX_WEB_BASE_URL` in `Bundle.link.url` - Adds FHIR date search parameter validation on lastUpdated search parameter - Adds `alg: RS256` entry for JWKS - Changes validation error status to 422 (instead of 400) - Changes cache-control header to no-store on authorization code auth flow (instead of `no-cache`, `no-store`, `max-age=0`, `must-revalidate`) - Removes `Bundle.entry` if empty Becomes required if FHIRSchema is enabled.
Details
IDfhir.compliant-mode
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_COMPLIANT_MODE
Deprecated environment variablesAIDBOX_FHIR_COMPLIANT_MODE ,
BOX_COMPLIANT__MODE__ENABLED? ,
AIDBOX_COMPLIANCE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Return 404 on deleting non-existent resources ```yaml BOX_FHIR_RETURN_404_ON_EMPTY_DELETE: false ``` Controls server response when deleting non-existing resources. When enabled, returns 404 (Not Found) status code instead of the default 204 (No Content). Follows FHIR REST implementation where DELETE operations on missing resources can signal resource absence rather than successful deletion.
Details
IDfhir.return-404-on-empty-delete
TypeBool
Default valuefalse
Environment variableBOX_FHIR_RETURN_404_ON_EMPTY_DELETE
Deprecated environment variablesBOX_FEATURES_HTTP_RETURN__404__ON__EMPTY__DELETE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Transaction max isolation level ```yaml BOX_FHIR_TRANSACTION_MAX_ISOLATION_LEVEL: "none" ``` Sets the maximum (inclusive) isolation level for transactions. Can be overridden by the `x-max-isolation-level` header.
Details
IDfhir.transaction-max-isolation-level
TypeEnum
Valuesnone
read-committed
repeatable-read
serializable
Default valuenone
Environment variableBOX_FHIR_TRANSACTION_MAX_ISOLATION_LEVEL
Deprecated environment variablesBOX_FEATURES_FHIR_TRANSACTION_MAX__ISOLATION__LEVEL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Validation Validation settings #### Enable FHIR Schema validation mode ```yaml BOX_FHIR_SCHEMA_VALIDATION: true ``` Activates the FHIR Schema validation engine which replaces legacy ZEN and Entity/Attribute validation systems. Provides more comprehensive structure validation against the FHIR resource schemas, ensuring stronger conformance to FHIR specifications and more precise error reporting.
Details
IDfhir.validation.fhir-schema-validation
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_SCHEMA_VALIDATION
Deprecated environment variablesAIDBOX_FHIR_SCHEMA_VALIDATION
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Enforce strict profile resolution ```yaml BOX_FHIR_VALIDATOR_STRICT_PROFILE_RESOLUTION: false ``` Requires all referenced profiles to be pre-loaded in Aidbox before validation. When enabled, validation fails if profiles referenced in resources are unknown to the server. Ensures complete validation integrity by preventing partial validation against unknown profiles.
Details
IDfhir.validation.strict-profile-resolution
TypeBool
Default valuefalse
Environment variableBOX_FHIR_VALIDATOR_STRICT_PROFILE_RESOLUTION
Deprecated environment variablesAIDBOX_VALIDATOR_STRICT_PROFILE_RESOLUTION_ENABLED
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Enforce strict FHIR extension resolution ```yaml BOX_FHIR_VALIDATOR_STRICT_EXTENSION_RESOLUTION: false ``` Requires all referenced extensions to be formally defined in profiles loaded to the server.
Details
IDfhir.validation.strict-extension-resolution
TypeBool
Default valuefalse
Environment variableBOX_FHIR_VALIDATOR_STRICT_EXTENSION_RESOLUTION
Deprecated environment variablesAIDBOX_VALIDATOR_STRICT_EXTENSION_RESOLUTION_ENABLED
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Bundle execution validation mode ```yaml BOX_FHIR_BUNDLE_EXECUTION_VALIDATION_MODE: "limited" ``` Define validation mode for FHIR Bundle execution (after POST on `/fhir` endpoint). Doesn't effect CRUD on Bundle resources. Doesn't effect if `fhir.validation.fhir-schema-validation` is disabled.
Details
IDfhir.bundle-execution-validation-mode
TypeEnum
Valueslegacy — Check only essential to execute bundle structure (default)
limited — Separated validation of the bundle structure (before execution) and resources in it (during execution)
full — Full bundle validation before execution (may cause performance issues due to double validation of resources
Recommended valuelimited
Default valuelegacy
Environment variableBOX_FHIR_BUNDLE_EXECUTION_VALIDATION_MODE
Available from2509
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Skip FHIR reference validation ```yaml BOX_FHIR_VALIDATION_SKIP_REFERENCE: false ``` Bypasses validation of resource references during FHIR operations. When enabled, allows creating and updating resources containing references to non-existent target resources. Useful for staged data loading or systems with eventual consistency but may compromise referential integrity.
Details
IDfhir.validation.skip-reference
TypeBool
Default valuefalse
Environment variableBOX_FHIR_VALIDATION_SKIP_REFERENCE
Deprecated environment variablesAIDBOX_FEATURES_VALIDATION_SKIP__REFERENCE ,
BOX_FEATURES_VALIDATION_SKIP__REFERENCE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Correct Aidbox format ```yaml BOX_FHIR_CORRECT_AIDBOX_FORMAT: true ``` Transforms polymorphic extensions from FHIR format to Aidbox's internal format. When enabled, extensions like `extension.*.valueString` are stored as `extension.0.value.string` instead. Improves query performance and consistency in Aidbox-specific operations while maintaining FHIR compatibility in API responses.
Details
IDfhir.validation.correct-aidbox-format
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_CORRECT_AIDBOX_FORMAT
Deprecated environment variablesAIDBOX_CORRECT_AIDBOX_FORMAT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### createdAt extension URL ```yaml BOX_FHIR_CREATEDAT_URL: "https://aidbox.app/ex/createdAt" ``` Specifies the URL for the `createdAt` extension.
Details
IDfhir.validation.createdat-url
TypeString
Recommended valuehttps://aidbox.app/ex/createdAt
Default valueex:createdAt
Environment variableBOX_FHIR_CREATEDAT_URL
Deprecated environment variablesAIDBOX_CREATED_AT_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### JSON schema datetime ```yaml BOX_FHIR_JSON_SCHEMA_DATETIME_REGEX: "#{:fhir-datetime}" ``` Enables strict datetime validation in JSON schema validation engine.
Details
IDfhir.validation.json-schema-datetime-regex
TypeString
Recommended value#{:fhir-datetime}
Default value#{}
Environment variableBOX_FHIR_JSON_SCHEMA_DATETIME_REGEX
Deprecated environment variablesBOX_COMPATIBILITY_VALIDATION_JSON__SCHEMA_REGEX
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Legacy FCE package ```yaml BOX_FHIR_LEGACY_FCE_PACKAGE: "" ``` The name and version of the package from which Aidbox first-class extensions are generated Format: `package-name#package-version`
Details
IDfhir.validation.legacy-fce-package
TypeString
Default value(no default)
Environment variableBOX_FHIR_LEGACY_FCE_PACKAGE
Available from2508
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Search Search settings #### Use correct range arithmetic in search ```yaml BOX_FHIR_SEARCH_COMPARISONS: true ``` FHIR date search is range based. That is, dates are always converted to datetime ranges and then compared. Historically, Aidbox uses slightly different range comparison arithmetic. Turn on this setting to use FHIR comparisons.
Details
IDfhir.search.comparisons
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_SEARCH_COMPARISONS
Deprecated environment variablesBOX_SEARCH_FHIR__COMPARISONS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Enable FHIR-conformant (rev)include behavior ```yaml BOX_FHIR_SEARCH_INCLUDE_CONFORMANT: true ``` Due to historical reasons Aidbox treats the _include and _revinclude parameters slightly differently from the behavior described in the specification (without FHIR-conformant mode on). The _(rev)include search parameter without the :iterate or :recurse modifier should only be applied to the initial ("matched") result. However, in Aidbox mode, it is also applied to the previous _(rev)include. The _(rev)include parameter with the :iterate(:recurse) modifier should be repeatedly applied to the result with included resources. However, in Aidbox mode, it only resolves cyclic references. In Aidbox mode, it is possible to search without specifying source type: GET /Patient?_include=general-practitioner, but in the FHIR-conformant mode it is not possible.
Details
IDfhir.search.include.conformant
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_SEARCH_INCLUDE_CONFORMANT
Deprecated environment variablesBOX_SEARCH_INCLUDE_CONFORMANT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Authorize inline requests ```yaml BOX_FHIR_SEARCH_AUTHORIZE_INLINE_REQUESTS: true ``` Authorize inline requests (`_revinclude` and `_include`) with access policies. [Learn more](https://docs.aidbox.app/api/rest-api/fhir-search/include-and-revinclude#authorize-inline-requests-mode)
Details
IDfhir.search.authorize-inline-requests
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_SEARCH_AUTHORIZE_INLINE_REQUESTS
Deprecated environment variablesBOX_SEARCH_AUTHORIZE_INLINE_REQUESTS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Use subselects in chained searches ```yaml BOX_FHIR_SEARCH_CHAIN_SUBSELECT: true ``` Uses subselects instead of INNER JOINs + DISTINCT ON for chain searches: - Forward chain searches - Simple reverse chain searches (_has) with one level This optimization significantly improves performance, especially for queries with large result sets or many-to-one relationships. May require building additional indexes for optimal performance.
Details
IDfhir.search.chain.subselect
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_FHIR_SEARCH_CHAIN_SUBSELECT
Deprecated environment variablesBOX_SEARCH_CHAIN_SUBSELECT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Enable FHIR composite search parameters ```yaml BOX_FHIR_SEARCH_COMPOSITE_PARAMETERS: false ``` Enable support for FHIR composite search parameters.
Details
IDfhir.search.composite-parameters
TypeBool
Default valuefalse
Environment variableBOX_FHIR_SEARCH_COMPOSITE_PARAMETERS
Deprecated environment variablesBOX_SEARCH_COMPOSITE__SEARCH
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Iteration limit for (rev)include:iterate ```yaml BOX_FHIR_SEARCH_INCLUDE_ITERATE_MAX: 10 ``` Maximum number of iterations for `_include` and `_revinclude` with `:recur` or `:iterate` modifier. The default value is 10. If set to 0, queries for _(rev)include will not be performed. If set to a negative value, no limit will be applied.
Details
IDfhir.search.include.iterate-max
TypeInt
Default value10
Environment variableBOX_FHIR_SEARCH_INCLUDE_ITERATE_MAX
Deprecated environment variablesBOX_SEARCH_INCLUDE_ITERATE__MAX
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default search timeout ```yaml BOX_FHIR_SEARCH_DEFAULT_PARAMS_TIMEOUT: 60 ``` Default timeout value (seconds). Also uses as timeout for the `count` query.
Details
IDfhir.search.default-params.timeout
TypeInt
Default value60
Environment variableBOX_FHIR_SEARCH_DEFAULT_PARAMS_TIMEOUT
Deprecated environment variablesBOX_SEARCH_DEFAULT__PARAMS_TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default number of results per search page ```yaml BOX_FHIR_SEARCH_DEFAULT_PARAMS_COUNT: 100 ``` This is the default value of the _count search parameter. It limits number of results per page
Details
IDfhir.search.default-params.count
TypeInt
Default value100
Environment variableBOX_FHIR_SEARCH_DEFAULT_PARAMS_COUNT
Deprecated environment variablesBOX_SEARCH_DEFAULT__PARAMS_COUNT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default search result count estimation method ```yaml BOX_FHIR_SEARCH_DEFAULT_PARAMS_TOTAL: "accurate" ``` FHIR search response bundle may contain a result count estimation. If you use `BOX_FHIR_SEARCH_DEFAULT_PARAMS_TOTAL=none` you still get `total`when: - you don't use `_page` - the number of returned resources is less than `_count` (by default is 100).
Details
IDfhir.search.default-params.total
TypeEnum
Valuesnone — omit estimation (fastest)
estimate — use approximate value (fast)
accurate — use exact value (could be slow)
Default valueaccurate
Environment variableBOX_FHIR_SEARCH_DEFAULT_PARAMS_TOTAL
Deprecated environment variablesBOX_SEARCH_DEFAULT__PARAMS_TOTAL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SQL operator to use for token search ```yaml BOX_FHIR_SEARCH_TOKEN_OPERATOR: "@>" ``` Token and Reference search parameters use exact match. Aidbox uses Postgres @> operator for this type of searches. The @> operator is the containment operator. It checks that FHIR resource contains some subresource. The main advantage of the @> operator is that the single GIN index covers all token and reference searches. However sometimes Postgres planner can not build effecient query plan. Alternatively in some cases it is possible to extract value directly using #>> operator. This operator extracts value from the given path. There is a limitation: path must not contain any arrays. Engines options:
Details
IDfhir.search.token-operator
TypeEnum
Values@> — One GIN index per resource covers all token searches. Sometimes the Postgres planner can incorrectly estimate the index lookup cost, which leads to slow queries.
#>> — Needs an index per #>> expression. If path to the target element contains arrays, @> will be used instead.
Default value@>
Environment variableBOX_FHIR_SEARCH_TOKEN_OPERATOR
Deprecated environment variablesBOX_SEARCH_TOKEN__OPERATOR
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### JSONB query engine ```yaml BOX_FHIR_SEARCH_ENGINE: "knife" ``` Aidbox has two engines to search: jsonpath and jsonknife. The engine is responsible for SQL generation for search operations. SQL by jsonpath and jsonknife is different for search parameter types: date, number, quantity, reference, string, token, uri. _lastUpdated, _createdAt senarch parameters and :missing modifier searches also differ by engine. jsonpath-engine: jsonknife: *using indexes makes performance approximately the same
Details
IDfhir.search.engine
TypeEnum
Valuesknife — Legacy engine. Uses custom Postgres module in Aidboxdb and SQL functions fallback in other Postgres instances. Being phased out. Has better performance for dates, number and quantity search parameters. Using indexes makes performance approximately the same
jsonpath — <ul><li>JSONpath language is available starting from PostgreSQL 12.</li><li>supported by PostgreSQL without external extensions, can be used with managed PostgreSQL, e.g. Azure PostgreSQL</li><li>better performance for string search parameters and all string-related search (e.g. :text modifier)*</li><li>will be supported as main engine</li></ul>
Default valueknife
Environment variableBOX_FHIR_SEARCH_ENGINE
Deprecated environment variablesBOX_SEARCH_ENGINE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Enable support for multiple languages in search ```yaml BOX_FHIR_SEARCH_MULTILINGUAL_ENABLE: false ``` FHIR uses special extension to provide translations in resources. Enable this setting to turn on the _search-language parameter. This parameter (_search-language) specifies which language to use for search. i.e. which translation in a resource to use. This feature requires Aidbox to build more complex (so possibly slower) queries. Leave this setting disabled if you don't need to search across translations.
Details
IDfhir.search.multilingual.enable
TypeBool
Default valuefalse
Environment variableBOX_FHIR_SEARCH_MULTILINGUAL_ENABLE
Deprecated environment variablesBOX_FEATURES_MULTILINGUAL_ENABLE__SEARCH__LANGUAGE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Use Accept-Language header for search ```yaml BOX_FHIR_SEARCH_MULTILINGUAL_USE_ACCEPT_LANGUAGE_HEADER: false ``` Use the Accept-Language header to specify search language See fhir.search.multilingual.enable for details.
Details
IDfhir.search.multilingual.use-accept-language-header
TypeBool
Default valuefalse
Environment variableBOX_FHIR_SEARCH_MULTILINGUAL_USE_ACCEPT_LANGUAGE_HEADER
Deprecated environment variablesBOX_FEATURES_MULTILINGUAL_USE__ACCEPT__LANGUAGE__HEADER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Use main value if translation is not found ```yaml BOX_FHIR_SEARCH_MULTILINGUAL_FALLBACK: true ``` When the _search-language parameter is used, Aidbox uses translation in FHIR extension for search. If this setting is enabled, Aidbox additionally uses the main value (i.e. not in translation extension)
Details
IDfhir.search.multilingual.fallback
TypeBool
Default valuetrue
Environment variableBOX_FHIR_SEARCH_MULTILINGUAL_FALLBACK
Deprecated environment variablesBOX_FEATURES_MULTILINGUAL_FALLBACK
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Terminology Terminology settings #### FHIR terminology service base URL ```yaml BOX_FHIR_TERMINOLOGY_SERVICE_BASE_URL: "https://tx.health-samurai.io/fhir" ``` Specifies the base URL of the terminology server used for code validation and ValueSet expansion operations. Required for validating coded elements against their ValueSets and CodeSystems. When not configured, code validation is skipped entirely.
Details
IDfhir.terminology.service-base-url
TypeString
Recommended valuehttps://tx.health-samurai.io/fhir
Default value(no default)
Environment variableBOX_FHIR_TERMINOLOGY_SERVICE_BASE_URL
Deprecated environment variablesAIDBOX_TERMINOLOGY_SERVICE_BASE_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Terminology Engine ```yaml BOX_FHIR_TERMINOLOGY_ENGINE: "hybrid" ``` Controls how Aidbox handles terminology APIs
Details
IDfhir.terminology.engine
TypeEnum
Valueshybrid — Combines local storage with external server fallback (recommended)
legacy — Routes all requests to external terminology servers
local — Uses only resources stored in Aidbox's FAR
Recommended valuehybrid
Default valuelegacy
Environment variableBOX_FHIR_TERMINOLOGY_ENGINE
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### External Terminology Server ```yaml BOX_FHIR_TERMINOLOGY_ENGINE_HYBRID_EXTERNAL_TX_SERVER: "https://tx.health-samurai.io/fhir" ``` Specifies the base URL of an external terminology server to be used in 'hybrid' terminology engine mode. This setting is ignored for other modes.
Details
IDfhir.terminology.engine.hybrid.external-tx-server
TypeString
Recommended valuehttps://tx.health-samurai.io/fhir
Default value(no default)
Environment variableBOX_FHIR_TERMINOLOGY_ENGINE_HYBRID_EXTERNAL_TX_SERVER
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Bulk Data Export Bulk Data Export settings #### Bulk storage provider ```yaml BOX_FHIR_BULK_STORAGE_PROVIDER: "" ``` Storage provider for bulk export
Details
IDfhir.bulk-storage.provider
TypeEnum
Valuesgcp — Google Cloud Platform
aws — Amazon Web Services
azure — Microsoft Azure: Cloud Computing Services
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_PROVIDER
Deprecated environment variablesBOX_BULK__STORAGE_BACKEND
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### GCP service account ```yaml BOX_FHIR_BULK_STORAGE_GCP_SERVICE_ACCOUNT: "" ``` `GCPServiceAccount` resource ID for `$export`
Details
IDfhir.bulk-storage.gcp.service-account
TypeString
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_GCP_SERVICE_ACCOUNT
Deprecated environment variablesBOX_BULK__STORAGE_GCP_SERVICE__ACCOUNT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### GCP bucket ```yaml BOX_FHIR_BULK_STORAGE_GCP_BUCKET: "" ``` GCP bucket name for `$export`
Details
IDfhir.bulk-storage.gcp.bucket
TypeString
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_GCP_BUCKET
Deprecated environment variablesBOX_BULK__STORAGE_GCP_BUCKET
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### AWS service account ID ```yaml BOX_FHIR_BULK_STORAGE_AWS_ACCOUNT: "" ``` AWS Account resource ID for `$export`
Details
IDfhir.bulk-storage.aws.account
TypeString
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_AWS_ACCOUNT
Deprecated environment variablesBOX_BULK__STORAGE_AWS_ACCOUNT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### AWS bucket ```yaml BOX_FHIR_BULK_STORAGE_AWS_BUCKET: "" ``` AWS S3 bucket name for `$export`
Details
IDfhir.bulk-storage.aws.bucket
TypeString
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_AWS_BUCKET
Deprecated environment variablesBOX_BULK__STORAGE_AWS_BUCKET
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Azure service account ID ```yaml BOX_FHIR_BULK_STORAGE_AZURE_CONTAINER: "" ``` Azure Container resource ID for `$export`
Details
IDfhir.bulk-storage.azure.container
TypeString
Default value(no default)
Environment variableBOX_FHIR_BULK_STORAGE_AZURE_CONTAINER
Deprecated environment variablesBOX_BULK__STORAGE_AZURE_CONTAINER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
## Security and Access Control Security & Access Control settings ### Grant page URL ```yaml BOX_SECURITY_GRANT_PAGE_URL: "/auth/grant" ``` URL of consent screen. A consent screen is an interface presented to a user during the authorization code grant flow.
Details
IDsecurity.grant-page-url
TypeString
Default value/auth/grant
Environment variableBOX_SECURITY_GRANT_PAGE_URL
Deprecated environment variablesBOX_AUTH_GRANT__PAGE__URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Enable FHIR Audit Log ```yaml BOX_SECURITY_AUDIT_LOG_ENABLED: true ``` Generates structured audit logs in FHIR R4 AuditEvent format (with other FHIR versions will not be generated).
Details
IDsecurity.audit-log.enabled
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_SECURITY_AUDIT_LOG_ENABLED
Deprecated environment variablesAIDBOX_SECURITY_AUDIT__LOG_ENABLED
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Audit Log repository URL ```yaml BOX_SECURITY_AUDIT_LOG_REPOSITORY_URL: "" ``` Full URL of the external destination where Aidbox streams all audit events. Before setting the URL, you must enable the audit log in Aidbox. If audit log is enabled, repository URL not specified, Aidbox will store Audit Event in the PostgreSQL database.
Details
IDsecurity.audit-log.repository-url
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUDIT_LOG_REPOSITORY_URL
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Audit Log flush interval ```yaml BOX_SECURITY_AUDIT_LOG_FLUSH_INTERVAL: 5000 ``` Interval time in ms to flush audit events to Audit Log Repository
Details
IDsecurity.audit-log.flush-interval
TypeInt
Default value5000
Environment variableBOX_SECURITY_AUDIT_LOG_FLUSH_INTERVAL
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Audit Log maximum flush interval ```yaml BOX_SECURITY_AUDIT_LOG_MAX_FLUSH_INTERVAL: 60000 ``` If sending the audit event to the repository fails, the send interval gradually increases up to this value.
Details
IDsecurity.audit-log.max-flush-interval
TypeInt
Default value60000
Environment variableBOX_SECURITY_AUDIT_LOG_MAX_FLUSH_INTERVAL
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Audit Log batch count ```yaml BOX_SECURITY_AUDIT_LOG_BATCH_COUNT: 1000 ``` Max count of Audit Log batch (FHIR bandle entry count).
Details
IDsecurity.audit-log.batch-count
TypeInt
Default value1000
Environment variableBOX_SECURITY_AUDIT_LOG_BATCH_COUNT
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Audit Log request headers ```yaml BOX_SECURITY_AUDIT_LOG_REQUEST_HEADERS: "" ``` The headers for Audit Log external repository requests, formatted as HeaderName:HeaderValue\nHeaderName:HeaderValue.
Details
IDsecurity.audit-log.request-headers
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUDIT_LOG_REQUEST_HEADERS
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Enable access control for mapping ```yaml BOX_SECURITY_IAM_MAPPING_ENABLE_ACCESS_CONTROL: false ``` Enable access control for `/Mapping//$apply` operation. If enabled, access control will be applied to the resulting transaction. If disabled, only access to $apply endpoints are verified.
Details
IDsecurity.iam.mapping.enable-access-control
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_IAM_MAPPING_ENABLE_ACCESS_CONTROL
Deprecated environment variablesBOX_FEATURES_MAPPING_ENABLE__ACCESS__CONTROL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Encryption API secret ```yaml BOX_SECURITY_ENCRYPT_SECRET: "" ``` Secret key for encryption API. [Learn more](https://docs.aidbox.app/api/other/encryption-api)
Details
IDsecurity.encrypt-secret
TypeString
Default value(no default)
Environment variableBOX_SECURITY_ENCRYPT_SECRET
Deprecated environment variablesAIDBOX_ENCRYPT_KEY
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
### Allow CORS requests ```yaml BOX_SECURITY_CORS_ENABLED: true ``` Enable Cross-Origin Resource Sharing (CORS) request handling.
Details
IDsecurity.cors.enabled
TypeBool
Default valuetrue
Environment variableBOX_SECURITY_CORS_ENABLED
Deprecated environment variablesBOX_WEB_CORS_ENABLED
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Allow CORS requests from origins ```yaml BOX_SECURITY_CORS_ORIGINS: "*" ``` Comma separated list of origins `[schema]://[domain]:[port]` Default is wildcard value `"*"`
Details
IDsecurity.cors.origins
TypeString
Default value*
Environment variableBOX_SECURITY_CORS_ORIGINS
Deprecated environment variablesBOX_WEB_CORS_ORIGINS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Content security policy header ```yaml BOX_SECURITY_CONTENT_SECURITY_POLICY_HEADER: "" ``` Defines the Content Security Policy (CSP) header to enhance security by restricting resource loading. It specifies the policies for loading scripts, styles, media, fonts, and other resources. Refer to the [OWASP Content Security Policy Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html) Recommended value: ``` default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; frame-ancestors 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'self'; ``` Explanation: | **Directive** | **Allowed Sources** | **Description** | **Security Implications** | | ----------------- | --------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | | `default-src` | `'self'` | Sets the default policy for all resource types unless overridden by specific directives. | Restricts all resources to the same origin unless explicitly allowed elsewhere. | | `script-src` | `'report-sample'`, `'self'`, `'unsafe-inline'`, `'unsafe-eval'` | Controls JavaScript sources. | Allows same-origin scripts but also permits inline scripts and `eval()`, which are security risks. | | `style-src` | `'report-sample'`, `'self'`, `'unsafe-inline'` | Defines valid sources for stylesheets. | Allows same-origin styles but permits inline styles, which can be exploited if not carefully managed. | | `object-src` | `'none'` | Blocks `` elements entirely. | Prevents the use of potentially dangerous `` elements, mitigating XSS risks. | | `base-uri` | `'self'` | Restricts the URLs allowed in `` elements to the same origin. | Protects against base URL manipulation attacks. | | `connect-src` | `'self'` | Limits connections (e.g., AJAX, WebSocket) to the same origin. | Prevents data exfiltration to unauthorized endpoints. | | `font-src` | `'self'` | Restricts font loading to the same origin. | Reduces risks from malicious or unauthorized fonts. | | `frame-src` | `'self'` | Allows embedding content in frames only from the same origin. | Mitigates clickjacking attacks by disallowing external framing of your content. | | `frame-ancestors` | `'self'` | Ensures that only pages from the same origin can embed this page in a frame. | Further protects against clickjacking by controlling who can frame Aidbox pages . | | `img-src` | `'self'` `data:` | Limits image sources to the same origin. | Prevents data leaks via malicious or unauthorized images. | | `manifest-src` | `'self'` | Ensures that web app manifests are loaded only from the same origin. | Protects against unauthorized or malicious web app manifests being loaded into Aidbox. | | `media-src` | `'self'` | Restricts audio and video sources to the same origin. | Prevents unauthorized media files from being loaded into Aidbox | | `worker-src` | `'self'` | Limits web workers and shared workers to scripts from the same origin. | Reduces risks of malicious workers being executed within your Aidbox context. |
Details
IDsecurity.content-security-policy-header
TypeString
Default value(no default)
Environment variableBOX_SECURITY_CONTENT_SECURITY_POLICY_HEADER
Deprecated environment variablesAIDBOX_CONTENT_SECURITY_POLICY_HEADER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Skip JWT validation ```yaml BOX_SECURITY_SKIP_JWT_VALIDATION: false ``` Skip JWT token validation process.
Details
IDsecurity.skip-jwt-validation
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_SKIP_JWT_VALIDATION
Deprecated environment variablesBOX_FEATURES_AUTHENTICATION_SKIP__JWT__VALIDATION
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### JWT public key ```yaml BOX_SECURITY_AUTH_KEYS_PUBLIC: "" ``` RS256 signing algorithm expects providing private key for signing JWT and public key for verifying it.
Details
IDsecurity.auth.keys.public
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUTH_KEYS_PUBLIC
Deprecated environment variablesBOX_AUTH_KEYS_PUBLIC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### JWT private key ```yaml BOX_SECURITY_AUTH_KEYS_PRIVATE: "" ``` RS256 signing algorithm expects providing private key for signing JWT and public key for verifying it.
Details
IDsecurity.auth.keys.private
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUTH_KEYS_PRIVATE
Deprecated environment variablesBOX_AUTH_KEYS_PRIVATE
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### JWT secret ```yaml BOX_SECURITY_AUTH_KEYS_SECRET: "" ``` HS256 signing algorithm needs only having a secret for both operations.
Details
IDsecurity.auth.keys.secret
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUTH_KEYS_SECRET
Deprecated environment variablesBOX_AUTH_KEYS_SECRET
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Auto-create users from foreign tokens ```yaml BOX_SECURITY_INTROSPECTION_CREATE_USER: false ``` Creates local user accounts automatically when valid external JWT tokens are presented but no matching user exists.
Details
IDsecurity.introspection-create-user
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_INTROSPECTION_CREATE_USER
Deprecated environment variablesBOX_FEATURES_AUTHENTICATION_INTROSPECTION_CREATE__USER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Auth with non-validated JWT ```yaml BOX_SECURITY_AUTH_WITH_NOT_VALIDATED_JWT: "" ``` This configuration is used when `skip-jwt-validation` setting is enabled. It's a string that contains EDN object with `:headers` and `:user-id-paths` keys. For example: `{:headers #{"authorization" "x-client-token"}, :user-id-paths #{[:authorization :user_id] [:my-client-token :user :id]}}`
Details
IDsecurity.auth-with-not-validated-jwt
TypeString
Default value(no default)
Environment variableBOX_SECURITY_AUTH_WITH_NOT_VALIDATED_JWT
Deprecated environment variablesBOX_FEATURES_AUTHENTICATION_AUTH__WITH__NOT__VALIDATED__JWT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Enable LBAC ```yaml BOX_SECURITY_LBAC_ENABLED: false ``` Label-based Access Control engine provides a mechanism to restrict access to bundles, resources, or resource elements depending on permissions associated with a request.
Details
IDsecurity.lbac.enabled
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_LBAC_ENABLED
Deprecated environment variablesBOX_FEATURES_SECURITY__LABELS_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Strip security labels ```yaml BOX_SECURITY_LBAC_STRIP_LABELS: false ``` Removes security labels from resource responses before returning them to clients. When enabled, prevents sensitive security metadata from being exposed in API responses while maintaining access control enforcement internally. Useful for hiding security implementation details from end users. Stripping is only applied during the masking.
Details
IDsecurity.lbac.strip-labels
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_LBAC_STRIP_LABELS
Deprecated environment variablesBOX_FEATURES_SECURITY__LABELS_STRIP__LABELS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Enable organization-based hierarchical access control ```yaml BOX_SECURITY_ORGBAC_ENABLED: false ``` Activates hierarchical access control based on organizational structure. Restricts user access to resources based on their organizational affiliation and hierarchy position.
Details
IDsecurity.orgbac.enabled
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_ORGBAC_ENABLED
Deprecated environment variablesBOX_FEATURES_ORGBAC_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Enable SU header ```yaml BOX_SECURITY_DEBUG_SU_ENABLE: false ``` This setting enables `SU` header functionality. `SU` header allows a user to substitute User ID for the duration of the request. Only the administrator is allowed to use the `SU` header.
Details
IDsecurity.debug-su-enable
TypeBool
Default valuefalse
Environment variableBOX_SECURITY_DEBUG_SU_ENABLE
Deprecated environment variablesBOX_DEBUG_SU_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Enable Aidbox developer mode ```yaml BOX_SECURITY_DEV_MODE: true ``` Activates debugging features for access policy development, including the `_debug=policy URL` parameter and `x-debug` header. Returns detailed policy evaluation traces showing why requests were allowed or denied. For development environments only - not recommended for production systems.
Details
IDsecurity.dev-mode
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_SECURITY_DEV_MODE
Deprecated environment variablesAIDBOX_DEV_MODE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
## Modules Modules settings ### Subscriptions Google Cloud Pub/Sub subscriptions settings #### Google Cloud Pub/Sub topic name ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_TOPIC: "" ``` Name of the Google Cloud Pub/Sub topic.
Details
IDmodule.subscriptions.pubsub.topic
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_TOPIC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub project name ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_PROJECT: "" ``` Name of the Google Cloud Project which contains Pub/Sub topics and subscriptions.
Details
IDmodule.subscriptions.pubsub.project
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_PROJECT
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_PROJECT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub resource types ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_RESOURCE_TYPES: "" ``` Specify resource types and boxes for which to publish notifications. If not set, messages for all resource types from all boxes are published. ``` :??( :??)* // Examples: // // Notify only on Patient or Encounter resources // change from any box. "Patient Encounter" // Notify on Patient changes from boxone or boxtwo // and about Encounter from any box. "Patient:boxone Patient:boxtwo Encounter" ```
Details
IDmodule.subscriptions.pubsub.resource-types
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_RESOURCE_TYPES
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_RESOURCE__TYPES
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub service account email ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_SERVICE_ACCOUNT_EMAIL: "" ``` Email of the Google Cloud Pub/Sub service account.
Details
IDmodule.subscriptions.pubsub.service-account.email
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_SERVICE_ACCOUNT_EMAIL
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_SERVICE__ACCOUNT_EMAIL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub service account private key ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_SERVICE_ACCOUNT_PRIVATE_KEY: "" ``` Private key of the Google Cloud Pub/Sub service account.
Details
IDmodule.subscriptions.pubsub.service-account.private-key
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_SERVICE_ACCOUNT_PRIVATE_KEY
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_SERVICE__ACCOUNT_PRIVATE__KEY
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub publish before save ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_BEFORE_SAVE: false ``` If true, the resource will be published to the Pub/Sub topic before saving it to the database.
Details
IDmodule.subscriptions.pubsub.before-save
TypeBool
Default valuefalse
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_BEFORE_SAVE
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_BEFORE__SAVE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Google Cloud Pub/Sub emulator URL ```yaml BOX_MODULE_SUBSCRIPTIONS_PUBSUB_EMULATOR_URL: "" ``` URL of the Google Cloud Pub/Sub emulator. If set, the emulator will be used instead of the real Pub/Sub service.
Details
IDmodule.subscriptions.pubsub.emulator-url
TypeString
Default value(no default)
Environment variableBOX_MODULE_SUBSCRIPTIONS_PUBSUB_EMULATOR_URL
Deprecated environment variablesBOX_SUBSCRIPTIONS_PUBSUB_EMULATOR__URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Notebooks Aidbox notebooks settings #### Notebook repository URL ```yaml BOX_MODULE_NOTEBOOK_REPO_URL: "https://aidbox.app" ``` Set repository to fetch published notebooks
Details
IDmodule.notebook.repo-url
TypeString
Default valuehttps://aidbox.app
Environment variableBOX_MODULE_NOTEBOOK_REPO_URL
Deprecated environment variablesAIDBOX_NOTEBOOKS_REPO_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
### Mail Provider Mail Provider settings #### Default provider type ```yaml BOX_MODULE_PROVIDER_DEFAULT_TYPE: "" ``` Specifies the email service provider used for system-generated communications.
Details
IDprovider.default.type
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_TYPE
Deprecated environment variablesBOX_PROVIDER_DEFAULT__PROVIDER_TYPE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider from address ```yaml BOX_MODULE_PROVIDER_DEFAULT_FROM: "" ``` From address for the default provider
Details
IDprovider.default.from
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_FROM
Deprecated environment variablesBOX_PROVIDER_DEFAULT__FROM
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider username ```yaml BOX_MODULE_PROVIDER_DEFAULT_USERNAME: "" ``` Username for the default provider
Details
IDprovider.default.username
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_USERNAME
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider password ```yaml BOX_MODULE_PROVIDER_DEFAULT_PASSWORD: "" ``` Password for the default provider
Details
IDprovider.default.password
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_PASSWORD
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider URL ```yaml BOX_MODULE_PROVIDER_DEFAULT_URL: "" ``` URL for the default provider
Details
IDprovider.default.url
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider port ```yaml BOX_MODULE_PROVIDER_DEFAULT_PORT: "" ``` Port for the default provider
Details
IDprovider.default.port
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_PORT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider SSL ```yaml BOX_MODULE_PROVIDER_DEFAULT_SSL: false ``` Enable SSL for the default provider
Details
IDprovider.default.ssl
TypeBool
Default valuefalse
Environment variableBOX_MODULE_PROVIDER_DEFAULT_SSL
Deprecated environment variablesBOX_PROVIDER_DEFAULT__PROVIDER_SSL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider TLS ```yaml BOX_MODULE_PROVIDER_DEFAULT_TLS: false ``` Enable TLS for the default provider
Details
IDprovider.default.tls
TypeBool
Default valuefalse
Environment variableBOX_MODULE_PROVIDER_DEFAULT_TLS
Deprecated environment variablesBOX_PROVIDER_DEFAULT__PROVIDER_TLS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default provider host ```yaml BOX_MODULE_PROVIDER_DEFAULT_HOST: "" ``` Host for the default provider
Details
IDprovider.default.host
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_DEFAULT_HOST
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Mailgun provider from address ```yaml BOX_MODULE_PROVIDER_MAILGUN_FROM: "" ``` From address for the Mailgun provider
Details
IDprovider.mailgun.from
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_MAILGUN_FROM
Deprecated environment variablesBOX_PROVIDER_MAILGUN__PROVIDER_FROM
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Mailgun provider username ```yaml BOX_MODULE_PROVIDER_MAILGUN_USERNAME: "" ``` Username for the Mailgun provider
Details
IDprovider.mailgun.username
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_MAILGUN_USERNAME
Deprecated environment variablesBOX_PROVIDER_MAILGUN__PROVIDER_USERNAME
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Mailgun provider password ```yaml BOX_MODULE_PROVIDER_MAILGUN_PASSWORD: "" ``` Password for the Mailgun provider
Details
IDprovider.mailgun.password
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_MAILGUN_PASSWORD
Deprecated environment variablesBOX_PROVIDER_MAILGUN__PROVIDER_PASSWORD
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Mailgun provider URL ```yaml BOX_MODULE_PROVIDER_MAILGUN_URL: "" ``` URL for the Mailgun provider
Details
IDprovider.mailgun.url
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_MAILGUN_URL
Deprecated environment variablesBOX_PROVIDER_MAILGUN__PROVIDER_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Postmark provider from address ```yaml BOX_MODULE_PROVIDER_POSTMARK_FROM: "" ``` From address for the Postmark provider
Details
IDprovider.postmark.from
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_POSTMARK_FROM
Deprecated environment variablesBOX_PROVIDER_POSTMARK__PROVIDER_FROM
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Postmark provider API key ```yaml BOX_MODULE_PROVIDER_POSTMARK_API_KEY: "" ``` API key for the Postmark provider
Details
IDprovider.postmark.api-key
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_POSTMARK_API_KEY
Deprecated environment variablesBOX_PROVIDER_POSTMARK__PROVIDER_API__KEY
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider from address ```yaml BOX_MODULE_PROVIDER_SMTP_FROM: "" ``` From address for the SMTP provider
Details
IDprovider.smtp.from
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_SMTP_FROM
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_FROM
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider host ```yaml BOX_MODULE_PROVIDER_SMTP_HOST: "" ``` Host for the SMTP provider
Details
IDprovider.smtp.host
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_SMTP_HOST
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_HOST
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider password ```yaml BOX_MODULE_PROVIDER_SMTP_PASSWORD: "" ``` Password for the SMTP provider
Details
IDprovider.smtp.password
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_SMTP_PASSWORD
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_PASSWORD
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider port ```yaml BOX_MODULE_PROVIDER_SMTP_PORT: "" ``` Port for the SMTP provider
Details
IDprovider.smtp.port
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_SMTP_PORT
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_PORT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider SSL ```yaml BOX_MODULE_PROVIDER_SMTP_SSL: false ``` Enable SSL for the SMTP provider
Details
IDprovider.smtp.ssl
TypeBool
Default valuefalse
Environment variableBOX_MODULE_PROVIDER_SMTP_SSL
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_SSL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider TLS ```yaml BOX_MODULE_PROVIDER_SMTP_TLS: false ``` Enable TLS for the SMTP provider
Details
IDprovider.smtp.tls
TypeBool
Default valuefalse
Environment variableBOX_MODULE_PROVIDER_SMTP_TLS
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_TLS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### SMTP provider username ```yaml BOX_MODULE_PROVIDER_SMTP_USERNAME: "" ``` Username for the SMTP provider
Details
IDprovider.smtp.username
TypeString
Default value(no default)
Environment variableBOX_MODULE_PROVIDER_SMTP_USERNAME
Deprecated environment variablesBOX_PROVIDER_SMTP__PROVIDER_USERNAME
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### SMARTbox SMARTbox settings #### Sandbox URL ```yaml BOX_MODULE_SMARTBOX_SANDBOX_URL: "" ``` URL for accessing sandbox environment
Details
IDmodule.smartbox.sandbox-url
TypeString
Default value(no default)
Environment variableBOX_MODULE_SMARTBOX_SANDBOX_URL
Deprecated environment variablesBOX_SMARTBOX_SANDBOX__URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Terms of use URL ```yaml BOX_MODULE_SMARTBOX_TERMS_OF_USE_URL: "" ``` URL for accessing terms of use
Details
IDmodule.smartbox.terms-of-use-url
TypeString
Default value(no default)
Environment variableBOX_MODULE_SMARTBOX_TERMS_OF_USE_URL
Deprecated environment variablesBOX_SMARTBOX_TERMS__OF__USE__URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Sandbox basic ```yaml BOX_MODULE_SMARTBOX_SANDBOX_BASIC: "" ``` Basic authentication credentials for sandbox
Details
IDmodule.smartbox.sandbox-basic
TypeString
Default value(no default)
Environment variableBOX_MODULE_SMARTBOX_SANDBOX_BASIC
Deprecated environment variablesBOX_SMARTBOX_SANDBOX__BASIC
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Sandbox admin ```yaml BOX_MODULE_SMARTBOX_SANDBOX_ADMIN: "" ``` Admin credentials for sandbox access
Details
IDmodule.smartbox.sandbox-admin
TypeString
Default value(no default)
Environment variableBOX_MODULE_SMARTBOX_SANDBOX_ADMIN
Deprecated environment variablesBOX_SMARTBOX_SANDBOX__ADMIN
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Session logs link ```yaml BOX_MODULE_SMARTBOX_SESSION_LOGS_LINK: "" ``` Link to access session logs
Details
IDmodule.smartbox.session-logs-link
TypeString
Default value(no default)
Environment variableBOX_MODULE_SMARTBOX_SESSION_LOGS_LINK
Deprecated environment variablesBOX_SMARTBOX_SESSION__LOGS__LINK
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### MDM MDM settings #### Default MDM model ```yaml BOX_MODULE_DEFAULT_PATIENT_MODEL: "" ``` The default MDM model used for `$match` operation. Will be used if no model is specified with the `model` query parameter.
Details
IDmodule.mdm.default-patient-model
TypeString
Default value(no default)
Environment variableBOX_MODULE_DEFAULT_PATIENT_MODEL
Deprecated environment variablesBOX_MDM_DEFAULT_PATIENT_MODEL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### MCP MCP settings #### Enable MCP server ```yaml BOX_MODULE_MCP_SERVER_ENABLED: false ``` Enable MCP server working through SSE protocol
Details
IDmodule.mcp.server-enabled
TypeBool
Default valuefalse
Environment variableBOX_MODULE_MCP_SERVER_ENABLED
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Forms Forms settings #### Questionnaire.url prefix ```yaml BOX_MODULE_SDC_BUILDER_FORM_URL_PREFIX: "http://forms.aidbox.io/questionnaire/" ``` URL prefix that will be used in URL generation for new forms
Details
IDmodule.sdc.builder.form-url-prefix
TypeString
Default valuehttp://forms.aidbox.io/questionnaire/
Environment variableBOX_MODULE_SDC_BUILDER_FORM_URL_PREFIX
Deprecated environment variablesBOX_SDC_BUILDER_FORM_URL_PREFIX
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### OpenAI API key ```yaml BOX_MODULE_SDC_OPENAI_API_KEY: "" ``` API key for OpenAI service
Details
IDmodule.sdc.openai-api-key
TypeString
Default value(no default)
Environment variableBOX_MODULE_SDC_OPENAI_API_KEY
Deprecated environment variablesBOX_SDC_OPENAI_API_KEY
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Gemini API key ```yaml BOX_SDC_GEMINI_API_KEY: "" ``` API key for Gemini service
Details
IDaidbox.modules.sdc.gemini-api-key
TypeString
Default value(no default)
Environment variableBOX_SDC_GEMINI_API_KEY
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### Default language for UI ```yaml BOX_MODULE_SDC_LANGUAGE: "en" ``` Language used as default in Form Builder and Form Renderer
Details
IDmodule.sdc.language
TypeString
Default valueen
Environment variableBOX_MODULE_SDC_LANGUAGE
Deprecated environment variablesBOX_SDC_LANGUAGE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Default form theme ```yaml BOX_MODULE_SDC_THEME: "" ``` Theme that will be used in all forms
Details
IDmodule.sdc.theme
TypeString
Default value(no default)
Environment variableBOX_MODULE_SDC_THEME
Deprecated environment variablesBOX_SDC_THEME
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Hide builder's back button ```yaml BOX_MODULE_SDC_BUILDER_HIDE_BACK_BUTTON: false ``` Hide back button in UI Form Builder
Details
IDmodule.sdc.builder.hide-back-button
TypeBool
Default valuefalse
Environment variableBOX_MODULE_SDC_BUILDER_HIDE_BACK_BUTTON
Deprecated environment variablesBOX_SDC_BUILDER_HIDE_BACK_BUTTON
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Form's redirect-on-submit URL ```yaml BOX_MODULE_SDC_FORM_REDIRECT_ON_SUBMIT: "" ``` Redirect URI that will be used on form submit/amend button click
Details
IDmodule.sdc.form.redirect-on-submit
TypeString
Default value(no default)
Environment variableBOX_MODULE_SDC_FORM_REDIRECT_ON_SUBMIT
Deprecated environment variablesBOX_SDC_FORM_REDIRECT_ON_SUBMIT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Form's redirect-on-save URL ```yaml BOX_MODULE_SDC_FORM_REDIRECT_ON_SAVE: "" ``` Redirect URI that will be used on form save/close button click
Details
IDmodule.sdc.form.redirect-on-save
TypeString
Default value(no default)
Environment variableBOX_MODULE_SDC_FORM_REDIRECT_ON_SAVE
Deprecated environment variablesBOX_SDC_FORM_REDIRECT_ON_SAVE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Enable strict access control for sdc operations ```yaml BOX_MODULE_SDC_STRICT_ACCESS_CONTROL: true ``` Enable strict access control for operations(like populate/submit/reference-lookup) that can request different FHIR resources
Details
IDmodule.sdc.strict-access-control
TypeBool
Recommended valuetrue
Default valuefalse
Environment variableBOX_MODULE_SDC_STRICT_ACCESS_CONTROL
Deprecated environment variablesBOX_SDC_STRICT_ACCESS_CONTROL
Available from2506
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### GraphQL GraphQL settings #### Warmup GraphQL cache on startup ```yaml BOX_MODULE_GRAPHQL_WARMUP_ON_STARTUP: false ``` Warmup GraphQL API cache on startup. When false, cache will be warmed up on first request.
Details
IDmodule.graphql.warmup-on-startup
TypeBool
Default valuefalse
Environment variableBOX_MODULE_GRAPHQL_WARMUP_ON_STARTUP
Deprecated environment variablesBOX_FEATURES_GRAPHQL_WARMUP__ON__STARTUP
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Allow reference to any resource ```yaml BOX_MODULE_GRAPHQL_REFERENCE_ANY: false ``` Enable GraphQL API (rev)include for reference with target - any
Details
IDmodule.graphql.reference-any
TypeBool
Default valuefalse
Environment variableBOX_MODULE_GRAPHQL_REFERENCE_ANY
Deprecated environment variablesBOX_FEATURES_GRAPHQL_REFERENCE__ANY
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### GraphQL timeout ```yaml BOX_MODULE_GRAPHQL_TIMEOUT: 60 ``` GraphQL API query timeout in seconds: Set to zero to disable.
Details
IDmodule.graphql.timeout
TypeInt
Default value60
Environment variableBOX_MODULE_GRAPHQL_TIMEOUT
Deprecated environment variablesBOX_FEATURES_GRAPHQL_TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### GraphQL access control mode ```yaml BOX_MODULE_GRAPHQL_ACCESS_CONTROL: "disabled" ``` Access control in GraphQL API
Details
IDmodule.graphql.access-control
TypeEnum
Valuesrest-search — Additionally authorization checks access to corresponding search queries
disabled — Only access to GraphQL endpoint is verified
Default valuedisabled
Environment variableBOX_MODULE_GRAPHQL_ACCESS_CONTROL
Deprecated environment variablesBOX_FEATURES_GRAPHQL_ACCESS__CONTROL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Switch to old GraphQL engine (will be removed soon) ```yaml BOX_MODULE_GRAPHQL_OLD_LACINIA_ENGINE: false ``` Enable only if you have compatibility issues. The new engine should be a drop-in replacement for the old one. If you encounter any issues with it, please report us. The old engine will be removed soon.
Details
IDmodule.graphql.old-lacinia-engine
TypeBool
Default valuefalse
Environment variableBOX_MODULE_GRAPHQL_OLD_LACINIA_ENGINE
Available from2510
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Inject resource creation timestamp at meta.createdAt ```yaml BOX_MODULE_GRAPHQL_INJECT_META_CREATED_AT: false ``` Aidbox GraphQL implementation sees resources in Aidbox format. FHIR does not have a built-in property for creation datetime; ergo, in FHIR Schema mode there is no way to access creation datetime using GraphQL. This settings injects `createdAt` property to resource meta. The name is chosen to be consistent with Aidbox format and non FHIR Schema GraphQL implementation in Aidbox. This setting has no effect when FHIR Schema mode is not enabled.
Details
IDmodule.graphql.inject-meta-created-at
TypeBool
Default valuefalse
Environment variableBOX_MODULE_GRAPHQL_INJECT_META_CREATED_AT
Available from2511
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
### Webpush Webpush settings #### Public Key ```yaml BOX_MODULE_WEBPUSH_PUBLIC_KEY: "" ``` ECDH/BC/prime256v1 Public Key
Details
IDmodule.webpush.public-key
TypeString
Default value(no default)
Environment variableBOX_MODULE_WEBPUSH_PUBLIC_KEY
Deprecated environment variablesBOX_FEATURES_WEBPUSH_KEYPAIR_PUBLIC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Private Key ```yaml BOX_MODULE_WEBPUSH_PRIVATE_KEY: "" ``` ECDH/BC/prime256v1 Private Key
Details
IDmodule.webpush.private-key
TypeString
Default value(no default)
Environment variableBOX_MODULE_WEBPUSH_PRIVATE_KEY
Deprecated environment variablesBOX_FEATURES_WEBPUSH_KEYPAIR_PRIVATE
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadtrue — setting can be changed at runtime
#### JWT mail ```yaml BOX_MODULE_WEBPUSH_JWT_MAIL: "" ``` `JWT.sub` field value needs to be either a URL or a mailto email address. If a push service needs to reach out to sender, it can find contact information from the JWT.
Details
IDmodule.webpush.jwt-mail
TypeString
Default value(no default)
Environment variableBOX_MODULE_WEBPUSH_JWT_MAIL
Deprecated environment variablesBOX_FEATURES_WEBPUSH_JWT_MAIL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
## Database Database settings ### Primary Primary database settings #### Database host ```yaml BOX_DB_HOST: "postgres" ``` Database host address.
Details
IDdb.host
TypeString
Recommended valuepostgres
Default value(no default)
Environment variableBOX_DB_HOST
Deprecated environment variablesPGHOST
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database port ```yaml BOX_DB_PORT: 5432 ``` Database port.
Details
IDdb.port
TypeInt
Recommended value5432
Default value5432
Environment variableBOX_DB_PORT
Deprecated environment variablesPGPORT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database name ```yaml BOX_DB_DATABASE: "aidbox" ``` The database name. `postgres` name is not allowed.
Details
IDdb.database
TypeString
Recommended valueaidbox
Default value(no default)
Environment variableBOX_DB_DATABASE
Deprecated environment variablesPGDATABASE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database user ```yaml BOX_DB_USER: "aidbox" ``` The database username.
Details
IDdb.user
TypeString
Recommended valueaidbox
Default value(no default)
Environment variableBOX_DB_USER
Deprecated environment variablesPGUSER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database password ```yaml BOX_DB_PASSWORD: "" ``` A password of database role name.
Details
IDdb.password
TypeString
Recommended value<pg-password>
Default value(no default)
Environment variableBOX_DB_PASSWORD
Deprecated environment variablesPGPASSWORD
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Install PostgreSQL extensions at startup ```yaml BOX_DB_INSTALL_PG_EXTENSIONS: true ``` Automatically installs PostgreSQL extensions (pgcrypto, unaccent, pg_trgm, fuzzystrmatch) during server startup.
Details
IDdb.install-pg-extensions
TypeBool
Default valuetrue
Environment variableBOX_DB_INSTALL_PG_EXTENSIONS
Deprecated environment variablesAIDBOX_INSTALL_PG_EXTENSIONS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database extension schema ```yaml BOX_DB_EXTENSION_SCHEMA: "" ``` Schema for PostgreSQL extensions. Default is current schema.
Details
IDdb.extension-schema
TypeString
Default value(no default)
Environment variableBOX_DB_EXTENSION_SCHEMA
Deprecated environment variablesAIDBOX_EXTENSION_SCHEMA ,
AIDBOX_DB_PARAM_CURRENT_SCHEMA
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### ViewDefinition materialization schema ```yaml BOX_VIEW_DEFINITION_SCHEMA: "sof" ``` Schema for storing `ViewDefinition` materialization. Changing this setting does not affect already materialized views; it applies only to new ones. It is recommended to use a dedicated schema for `ViewDefinition` to avoid potential collisions.
Details
IDdb.view-definition-schema
TypeString
Default valuesof
Environment variableBOX_VIEW_DEFINITION_SCHEMA
Available from2508
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Pool connection timeout ```yaml BOX_DB_POOL_CONNECTION_TIMEOUT: 30000 ``` Maximum wait time (in milliseconds) for a database connection from the pool before timing out.
Details
IDdb.pool.connection-timeout
TypeInt
Default value30000
Environment variableBOX_DB_POOL_CONNECTION_TIMEOUT
Deprecated environment variablesBOX_DB_POOL_CONNECTION__TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool connection init SQL ```yaml BOX_DB_POOL_CONNECTION_INIT_SQL: "select 1" ``` Specifies a SQL statement that will be executed after every new connection creation before adding it to the pool.
Details
IDdb.pool.connection-init-sql
TypeString
Default valueselect 1
Environment variableBOX_DB_POOL_CONNECTION_INIT_SQL
Deprecated environment variablesBOX_DB_POOL_CONNECTION__INIT__SQL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool idle timeout ```yaml BOX_DB_POOL_IDLE_TIMEOUT: 10000 ``` Maximum timeout (in milliseconds) to close idle connection.
Details
IDdb.pool.idle-timeout
TypeInt
Default value10000
Environment variableBOX_DB_POOL_IDLE_TIMEOUT
Deprecated environment variablesBOX_DB_POOL_IDLE__TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool minimum idle ```yaml BOX_DB_POOL_MINIMUM_IDLE: 0 ``` Minimum number of connections.
Details
IDdb.pool.minimum-idle
TypeInt
Default value0
Environment variableBOX_DB_POOL_MINIMUM_IDLE
Deprecated environment variablesBOX_DB_POOL_MINIMUM__IDLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool size ```yaml BOX_DB_POOL_MAXIMUM_POOL_SIZE: 8 ``` Maximum number of simultaneous database connections.
Details
IDdb.pool.maximum-pool-size
TypeInt
Default value8
Environment variableBOX_DB_POOL_MAXIMUM_POOL_SIZE
Deprecated environment variablesBOX_DB_POOL_MAXIMUM__POOL__SIZE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Propagate DB health status to Aidbox ```yaml BOX_PROPAGATE_DB_HEALTH_STATUS_TO_BOX: false ``` If enabled, the health status of the database will be reflected in the overall health status of Aidbox. If the database is unhealthy, Aidbox will also be considered unhealthy. **NOTE**: Aidbox caches DB connections. That may cause inconsistencies when DB status is already `fail` but Aidbox instance still has valid connections.
Details
IDdb.propagate-db-health-status-to-box
TypeBool
Default valuefalse
Environment variableBOX_PROPAGATE_DB_HEALTH_STATUS_TO_BOX
Available from2509
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
### Read-only replica Read-only database replica settings #### Read-only replica enable ```yaml BOX_DB_RO_REPLICA_ENABLED: false ``` Enable options to process requests to read-only db replica. If enabled you should define: `db.ro-replica.database`, `db.ro-replica.host`, `db.ro-replica.port`, `db.ro-replica.user`, and `db.ro-replica.password`.
Details
IDdb.ro-replica.enabled
TypeBool
Default valuefalse
Environment variableBOX_DB_RO_REPLICA_ENABLED
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Database name ```yaml BOX_DB_RO_REPLICA_DATABASE: "" ``` The database name. `postgres` name is not allowed.
Details
IDdb.ro-replica.database
TypeString
Default value(no default)
Environment variableBOX_DB_RO_REPLICA_DATABASE
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Database host ```yaml BOX_DB_RO_REPLICA_HOST: "" ``` AidboxDB host address.
Details
IDdb.ro-replica.host
TypeString
Default value(no default)
Environment variableBOX_DB_RO_REPLICA_HOST
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Database port ```yaml BOX_DB_RO_REPLICA_PORT: "" ``` The database port number.
Details
IDdb.ro-replica.port
TypeInt
Default value(no default)
Environment variableBOX_DB_RO_REPLICA_PORT
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Database user ```yaml BOX_DB_RO_REPLICA_USER: "" ``` The database username.
Details
IDdb.ro-replica.user
TypeString
Default value(no default)
Environment variableBOX_DB_RO_REPLICA_USER
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Database password ```yaml BOX_DB_RO_REPLICA_PASSWORD: "" ``` The database password.
Details
IDdb.ro-replica.password
TypeString
Default value(no default)
Environment variableBOX_DB_RO_REPLICA_PASSWORD
Available from2507
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Database extension schema ```yaml AIDBOX_EXTENSION_SCHEMA: "" ``` The database extension schema.
Details
IDdb.ro-replica.extension-schema
TypeString
Default value(no default)
Environment variableAIDBOX_EXTENSION_SCHEMA
Deprecated environment variablesAIDBOX_DB_PARAM_CURRENT_SCHEMA
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Maximum wait time ```yaml BOX_DB_RO_REPLICA_POOL_CONNECTION_TIMEOUT: 30000 ``` Maximum wait time (in milliseconds) for a database connection from the pool before timing out.
Details
IDdb.ro-replica.pool.connection-timeout
TypeInt
Default value30000
Environment variableBOX_DB_RO_REPLICA_POOL_CONNECTION_TIMEOUT
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool idle timeout ```yaml BOX_DB_RO_REPLICA_POOL_IDLE_TIMEOUT: 10000 ``` Maximum timeout (in milliseconds) to close idle connection.
Details
IDdb.ro-replica.pool.idle-timeout
TypeInt
Default value10000
Environment variableBOX_DB_RO_REPLICA_POOL_IDLE_TIMEOUT
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool minimum idle ```yaml BOX_DB_RO_REPLICA_POOL_MINIMUM_IDLE: 0 ``` Minimum number of connections.
Details
IDdb.ro-replica.pool.minimum-idle
TypeInt
Default value0
Environment variableBOX_DB_RO_REPLICA_POOL_MINIMUM_IDLE
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool size ```yaml BOX_DB_RO_REPLICA_POOL_MAXIMUM_POOL_SIZE: 8 ``` Maximum number of simultaneous database connections.
Details
IDdb.ro-replica.pool.maximum-pool-size
TypeInt
Default value8
Environment variableBOX_DB_RO_REPLICA_POOL_MAXIMUM_POOL_SIZE
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pool connection init SQL ```yaml BOX_DB_RO_REPLICA_POOL_CONNECTION_INIT_SQL: "select 1" ``` The pool connection initialization SQL statement.
Details
IDdb.ro-replica.pool.connection-init-sql
TypeString
Default valueselect 1
Environment variableBOX_DB_RO_REPLICA_POOL_CONNECTION_INIT_SQL
Available from2507
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
## Web Server Web Server settings ### Base URL ```yaml BOX_WEB_BASE_URL: "" ``` Base URL is the URL Aidbox is available at. It consists of scheme (HTTP, HTTPS), domain, port (optional) and URL path (optional). Trailing slash is not allowed. Aidbox uses this value to identify its own location. The Base URL is embedded in various generated artifacts, such as: tokens ("iss" field), links in search and notification bundles, and internal references. Some components validate that tokens, links , or requests originate from the same base URL, ensuring consistency and security.
Details
IDweb.base-url
TypeString
Recommended value<base-url>
Default value(no default)
Environment variableBOX_WEB_BASE_URL
Deprecated environment variablesAIDBOX_BASE_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Web server port ```yaml BOX_WEB_PORT: 8888 ``` Web server port that Aidbox listens on.
Details
IDweb.port
TypeInt
Recommended value8888
Default value8080
Environment variableBOX_WEB_PORT
Deprecated environment variablesAIDBOX_PORT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Web thread count ```yaml BOX_WEB_THREAD: 8 ``` The number of web server workers in Aidbox. The number of workers determines how many concurrent web requests Aidbox can handle.
Details
IDweb.thread
TypeInt
Default value8
Environment variableBOX_WEB_THREAD
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### HTTP initial line max length ```yaml BOX_WEB_MAX_LINE: 8192 ``` Length limit for HTTP initial line and per header length, 414 (Request-URI Too Long) will be returned if exceeding this limit.
Details
IDweb.max-line
TypeInt
Default value8192
Environment variableBOX_WEB_MAX_LINE
Deprecated environment variablesBOX_WEB_MAX__LINE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Request max body size ```yaml BOX_WEB_MAX_BODY: 20971520 ``` Maximum size of the request body in bytes.
Details
IDweb.max-body
TypeInt
Default value20971520
Environment variableBOX_WEB_MAX_BODY
Deprecated environment variablesBOX_WEB_MAX__BODY
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
## Observability Observability settings ### Logs Logs settings #### Disable health logs ```yaml BOX_OBSERVABILITY_DISABLE_HEALTH_LOGS: false ``` Disable `/health` endpoint requests logging. Default value is `false`
Details
IDobservability.disable-health-logs
TypeBool
Default valuefalse
Environment variableBOX_OBSERVABILITY_DISABLE_HEALTH_LOGS
Deprecated environment variablesBOX_LOGGING_DISABLE__HEALTH__LOGS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadtrue — setting can be changed at runtime
#### Log file path ```yaml BOX_OBSERVABILITY_LOG_FILE_PATH: "" ``` If provided, enables mode to pipe logs as JSON into the file by specified path. If ElasticSearch URL is provided then the file is used as a fallback in case if ElasticSearch is not available.
Details
IDobservability.log-file.path
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_LOG_FILE_PATH
Deprecated environment variablesAIDBOX_LOGS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Logs max lines ```yaml BOX_OBSERVABILITY_LOG_FILE_MAX_LINES: 10000 ``` Sets the limit of log records to push into the file When the limit is reached, the current log file is renamed with `.old` postfix and a new log file is created
Details
IDobservability.log-file.max-lines
TypeInt
Default value10000
Environment variableBOX_OBSERVABILITY_LOG_FILE_MAX_LINES
Deprecated environment variablesAIDBOX_LOGS_MAX_LINES
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Logging SQL min duration ```yaml BOX_OBSERVABILITY_SQL_MIN_DURATION: -1 ``` Threshold for logging only long queries. Analogous from PostgreSQL. Log only requests whose execution time exceeds the specified number of milliseconds.
Details
IDobservability.sql.min-duration
TypeInt
Default value-1
Environment variableBOX_OBSERVABILITY_SQL_MIN_DURATION
Deprecated environment variablesBOX_LOGGING_SQL_MIN__DURATION
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Logging SQL max length ```yaml BOX_OBSERVABILITY_SQL_MAX_LENGTH: 500 ``` Max length of a query to be logged.
Details
IDobservability.sql.max-length
TypeInt
Default value500
Environment variableBOX_OBSERVABILITY_SQL_MAX_LENGTH
Deprecated environment variablesBOX_LOGGING_SQL_MAX__LENGTH
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Metrics Metrics settings #### Metrics server port ```yaml BOX_METRICS_PORT: "" ``` Port on which Aidbox will expose metrics. To disable metrics server, leave this setting empty
Details
IDobservability.metrics.server-port
TypeInt
Default value(no default)
Environment variableBOX_METRICS_PORT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Enable Postgres metrics ```yaml BOX_OBSERVABILITY_METRICS_ENABLE_POSTGRES_METRICS: true ``` Controls whether to provide metrics [related to PostgreSQL](https://www.health-samurai.io/docs/aidbox/modules/observability/metrics/monitoring/use-aidbox-metrics-server#postgres)
Details
IDobservability.metrics.enable-postgres-metrics
TypeBool
Default valuetrue
Environment variableBOX_OBSERVABILITY_METRICS_ENABLE_POSTGRES_METRICS
Deprecated environment variablesBOX_METRICS_POSTGRES_ON
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Stdout Stdout settings #### Stdout log level ```yaml BOX_OBSERVABILITY_STDOUT_LOG_LEVEL: "" ``` Controls stdout with specified logs level. Possible values: off, fatal, error, warn, info, debug, trace, all, true By setting one of these levels you would also get all the levels to the left. e.g. if you set log level to `warn` you would also get log events with `fatal` and `error` levels (off is excluded).
Details
IDobservability.stdout.log-level
TypeEnum
Valuesoff
fatal
error
warn
info
debug
trace
all
true
Default value(no default)
Environment variableBOX_OBSERVABILITY_STDOUT_LOG_LEVEL
Deprecated environment variablesAIDBOX_STDOUT_JSON
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Pretty print log level ```yaml BOX_OBSERVABILITY_STDOUT_PRETTY_LOG_LEVEL: "warn" ``` Controls pretty print of logs to stdout with specified level. Possible values: off, fatal, error, warn, info, debug, trace, all, true By setting one of these levels you would also get all the levels to the left. e.g. if you set log level to `warn` you would also get log events with `fatal` and `error` levels (off is excluded).
Details
IDobservability.stdout.pretty-log-level
TypeEnum
Valuesoff
fatal
error
warn
info
debug
trace
all
true
Default valuewarn
Environment variableBOX_OBSERVABILITY_STDOUT_PRETTY_LOG_LEVEL
Deprecated environment variablesAIDBOX_STDOUT_PRETTY
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Google log level ```yaml BOX_OBSERVABILITY_STDOUT_GOOGLE_LOG_LEVEL: "" ``` Produces in Google Logging format with specified log level. Possible values: off, fatal, error, warn, info, debug, trace, all, true By setting one of these levels you would also get all the levels to the left. e.g. if you set log level to `warn` you would also get log events with `fatal` and `error` levels (off is excluded).
Details
IDobservability.stdout.google-log-level
TypeEnum
Valuesoff
fatal
error
warn
info
debug
trace
all
true
Default value(no default)
Environment variableBOX_OBSERVABILITY_STDOUT_GOOGLE_LOG_LEVEL
Deprecated environment variablesAIDBOX_STDOUT_GOOGLE_JSON
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Loki Grafana Loki settings #### Loki URL ```yaml BOX_OBSERVABILITY_LOKI_URL: "" ``` Loki URL to enable Aidbox logs uploading into Loki
Details
IDobservability.loki-url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_LOKI_URL
Deprecated environment variablesAIDBOX_LK_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Loki batch size ```yaml BOX_OBSERVABILITY_LOKI_BATCH_SIZE: "" ``` Loki batch size for log uploading. Aidbox uploads logs when either at least specific `observability.loki.batch-size` collected or time passed from previous log uploading exceeds `observability.loki.batch-timeout`.
Details
IDobservability.loki.batch-size
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_LOKI_BATCH_SIZE
Deprecated environment variablesAIDBOX_LK_BATCH_SIZE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Loki batch timeout ```yaml BOX_OBSERVABILITY_LOKI_BATCH_TIMEOUT: "" ``` How long to wait before uploading Aidbox uploads logs when either at least `observability.loki.batch-size` entries collected or time passed from previous log uploading exceeds `observability.loki.batch-timeout`.
Details
IDobservability.loki.batch-timeout
TypeInt
Default value(no default)
Environment variableBOX_OBSERVABILITY_LOKI_BATCH_TIMEOUT
Deprecated environment variablesAIDBOX_LK_BATCH_TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Loki stream ```yaml BOX_OBSERVABILITY_LOKI_STREAM: "" ``` Stream refers to the labels or metadata associated with a log stream Is defined by a unique set of labels, which serve as the stream key. For example: `{"box": "aidbox"}`
Details
IDobservability.loki.stream
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_LOKI_STREAM
Deprecated environment variablesAIDBOX_LK_STREAM
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Datadog Datadog settings #### Datadog API Key ```yaml BOX_OBSERVABILITY_DATADOG_API_KEY: "" ``` Datadog API Key.
Details
IDobservability.datadog.api-key
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_API_KEY
Deprecated environment variablesBOX_DD_API_KEY
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Datadog regional site ```yaml BOX_OBSERVABILITY_DATADOG_SITE: "" ``` The regional site for a Datadog customer.
Details
IDobservability.datadog.site
TypeEnum
Valuesdatadoghq.com
us3.datadoghq.com
us5.datadoghq.com
datadoghq.eu
ddog-gov.com
ap1.datadoghq.com
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_SITE
Deprecated environment variablesBOX_DD_SITE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Datadog log tags ```yaml BOX_OBSERVABILITY_DATADOG_TAGS: "" ``` Tags associated with your logs. Convenient for transferring the name of the environment. For example `env:staging`.
Details
IDobservability.datadog.tags
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_TAGS
Deprecated environment variablesBOX_DD_TAGS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Datadog log file path ```yaml BOX_OBSERVABILITY_DATADOG_LOGS: "" ``` Fallback file to write logs in if uploading to Datadog fails
Details
IDobservability.datadog.logs
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_LOGS
Deprecated environment variablesAIDBOX_DD_LOGS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Datadog log batch size ```yaml BOX_OBSERVABILITY_DATADOG_BATCH_SIZE: "" ``` How many log entries to collect before uploading. Aidbox uploads logs when either at least specific `observability.datadog.batch-size` collected or time passed from previous log uploading exceeds `observability.datadog.batch-timeout`.
Details
IDobservability.datadog.batch-size
TypeInt
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_BATCH_SIZE
Deprecated environment variablesBOX_DD_BATCH_SIZE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Datadog log batch timeout ```yaml BOX_OBSERVABILITY_DATADOG_BATCH_TIMEOUT: "" ``` How long to wait before uploading Aidbox uploads logs when either at least specific `observability.datadog.batch-size` collected or time passed from previous log uploading exceeds `observability.datadog.batch-timeout`.
Details
IDobservability.datadog.batch-timeout
TypeInt
Default value(no default)
Environment variableBOX_OBSERVABILITY_DATADOG_BATCH_TIMEOUT
Deprecated environment variablesBOX_DD_BATCH_TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Elasticsearch Elasticsearch settings #### Elasticsearch auth ```yaml BOX_OBSERVABILITY_ELASTICSEARCH_AUTH: "" ``` Format: `:` Basic auth credentials for Elasticsearch. API key is not supported.
Details
IDobservability.elasticsearch.auth
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_ELASTICSEARCH_AUTH
Deprecated environment variablesBOX_OBSERVABILITY_ELASTIC_SEARCH_AUTH ,
AIDBOX_ES_AUTH
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
#### Elasticsearch URL ```yaml BOX_OBSERVABILITY_ELASTICSEARCH_URL: "" ``` If provided, enables mode to push logs to Elasticsearch
Details
IDobservability.elasticsearch.url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_ELASTICSEARCH_URL
Deprecated environment variablesBOX_OBSERVABILITY_ELASTIC_SEARCH_URL ,
AIDBOX_ES_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Elasticsearch batch size ```yaml BOX_OBSERVABILITY_ELASTICSEARCH_BATCH_SIZE: "" ``` Log batch size used to optimize log shipping performance. The default value is 200
Details
IDobservability.elasticsearch.batch-size
TypeInt
Default value(no default)
Environment variableBOX_OBSERVABILITY_ELASTICSEARCH_BATCH_SIZE
Deprecated environment variablesBOX_OBSERVABILITY_ELASTIC_BATCH_SIZE ,
AIDBOX_ES_BATCH_SIZE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Elasticsearch batch timeout ```yaml BOX_OBSERVABILITY_ELASTICSEARCH_BATCH_TIMEOUT: 60000 ``` Timeout to post a batch to Elasticsearch. If there is not enough records to reach full batch size
Details
IDobservability.elasticsearch.batch-timeout
TypeInt
Default value60000
Environment variableBOX_OBSERVABILITY_ELASTICSEARCH_BATCH_TIMEOUT
Deprecated environment variablesBOX_OBSERVABILITY_ELASTIC_BATCH_TIMEOUT ,
AIDBOX_ES_BATCH_TIMEOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Elasticsearch log format ```yaml BOX_OBSERVABILITY_ELASTICSEARCH_INDEX_PATTERN: "'aidbox-logs'-yyyy-MM-dd" ``` Custom index format string. The default value is 'aidbox-logs'-yyyy-MM-dd.
Details
IDobservability.elasticsearch.index-pattern
TypeString
Default value'aidbox-logs'-yyyy-MM-dd
Environment variableBOX_OBSERVABILITY_ELASTICSEARCH_INDEX_PATTERN
Deprecated environment variablesBOX_OBSERVABILITY_ELASTIC_INDEX_PATTERN ,
AIDBOX_ES_INDEX_PAT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Grafana Grafana settings #### Grafana URL for metrics dashboards ```yaml BOX_OBSERVABILITY_GRAFANA_URL: "" ``` Grafana URL to update the metrics dashboards.
Details
IDobservability.grafana.url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_GRAFANA_URL
Deprecated environment variablesBOX_METRICS_GRAFANA_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Grafana user for metrics dashboards ```yaml BOX_OBSERVABILITY_GRAFANA_USER: "" ``` Grafana user to update the metrics dashboards.
Details
IDobservability.grafana.user
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_GRAFANA_USER
Deprecated environment variablesBOX_METRICS_GRAFANA_USER
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### Grafana password for metrics dashboards ```yaml BOX_OBSERVABILITY_GRAFANA_PASSWORD: "" ``` Grafana password to update the metrics dashboards.
Details
IDobservability.grafana.password
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_GRAFANA_PASSWORD
Deprecated environment variablesBOX_METRICS_GRAFANA_PASSWORD
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### OTEL OpenTelemetry settings #### OTEL metrics request headers ```yaml BOX_OBSERVABILITY_OTEL_METRICS_REQUEST_HEADERS: "" ``` The headers for OTEL metrics requests, formatted as HeaderName:HeaderValue HeaderName:HeaderValue.
Details
IDobservability.otel.metrics-request-headers
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_METRICS_REQUEST_HEADERS
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL metrics URL ```yaml BOX_OBSERVABILITY_OTEL_METRICS_URL: "" ``` The metrics' consumer URL (OTEL collector, Elastic EPM etc.).
Details
IDobservability.otel.metrics-url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_METRICS_URL
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL metrics interval ```yaml BOX_OBSERVABILITY_OTEL_METRICS_INTERVAL: 5 ``` The time interval (in seconds) for sending OTEL metrics.
Details
IDobservability.otel.metrics-interval
TypeInt
Default value5
Environment variableBOX_OBSERVABILITY_OTEL_METRICS_INTERVAL
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL traces request headers ```yaml BOX_OBSERVABILITY_OTEL_TRACES_REQUEST_HEADERS: "" ``` The headers for OTEL traces requests, formatted as HeaderName:HeaderValue HeaderName:HeaderValue.
Details
IDobservability.otel.traces-request-headers
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_TRACES_REQUEST_HEADERS
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL traces URL ```yaml BOX_OBSERVABILITY_OTEL_TRACES_URL: "" ``` The traces' consumer URL (OTEL collector, Elastic EPM etc.).
Details
IDobservability.otel.traces-url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_TRACES_URL
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL traces batch max size ```yaml BOX_OBSERVABILITY_OTEL_TRACES_BATCH_MAX_SIZE: 100 ``` Max amount of traces in one send traces request
Details
IDobservability.otel.traces-batch-max-size
TypeInt
Default value100
Environment variableBOX_OBSERVABILITY_OTEL_TRACES_BATCH_MAX_SIZE
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL traces batch timeout ```yaml BOX_OBSERVABILITY_OTEL_TRACES_BATCH_TIMEOUT: 1000 ``` Timeout in milliseconds between send traces requests
Details
IDobservability.otel.traces-batch-timeout
TypeInt
Default value1000
Environment variableBOX_OBSERVABILITY_OTEL_TRACES_BATCH_TIMEOUT
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL traces history size ```yaml BOX_OBSERVABILITY_OTEL_TRACES_HISTORY_SIZE: 10 ``` Traces history size on telemetry $status endpoint
Details
IDobservability.otel.traces-history-size
TypeInt
Default value10
Environment variableBOX_OBSERVABILITY_OTEL_TRACES_HISTORY_SIZE
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL logs request headers ```yaml BOX_OBSERVABILITY_OTEL_LOGS_REQUEST_HEADERS: "" ``` The headers for OTEL logs requests, formatted as HeaderName:HeaderValue HeaderName:HeaderValue.
Details
IDobservability.otel.logs-request-headers
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_LOGS_REQUEST_HEADERS
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL logs URL ```yaml BOX_OBSERVABILITY_OTEL_LOGS_URL: "" ``` The logs' consumer URL (OTEL collector, Elastic EPM etc.).
Details
IDobservability.otel.logs-url
TypeString
Default value(no default)
Environment variableBOX_OBSERVABILITY_OTEL_LOGS_URL
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL logs batch max size ```yaml BOX_OBSERVABILITY_OTEL_LOGS_BATCH_MAX_SIZE: 100 ``` Max amount of logs in one send logs request
Details
IDobservability.otel.logs-batch-max-size
TypeInt
Default value100
Environment variableBOX_OBSERVABILITY_OTEL_LOGS_BATCH_MAX_SIZE
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL logs batch timeout ```yaml BOX_OBSERVABILITY_OTEL_LOGS_BATCH_TIMEOUT: 1000 ``` Timeout in milliseconds between send logs requests
Details
IDobservability.otel.logs-batch-timeout
TypeInt
Default value1000
Environment variableBOX_OBSERVABILITY_OTEL_LOGS_BATCH_TIMEOUT
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
#### OTEL logs history size ```yaml BOX_OBSERVABILITY_OTEL_LOGS_HISTORY_SIZE: 10 ``` Logs history size on telemetry $status endpoint
Details
IDobservability.otel.logs-history-size
TypeInt
Default value10
Environment variableBOX_OBSERVABILITY_OTEL_LOGS_HISTORY_SIZE
Available from2503
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
## Zen Project Settings related to Zen Project for backward compatibility. Read [d͟e͟t͟a͟i͟l͟s͟](https://www.health-samurai.io/news/aidbox-transitions-to-the-fhir-schema-engine). ### Zen project entrypoint ```yaml BOX_ZEN_PROJECT_ENTRYPOINT: "" ``` Entrypoint for zen project to start from.
Details
IDzen-project.entrypoint
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_ENTRYPOINT
Deprecated environment variablesAIDBOX_ZEN_ENTRYPOINT ,
BOX_PROJECT_ENTRYPOINT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project entry ```yaml BOX_ZEN_PROJECT_ENTRY: "" ``` Environment variable is used to specify zen project entry namespace
Details
IDzen-project.entry
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_ENTRY
Deprecated environment variablesAIDBOX_ZEN_ENTRY
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Load zen namespace as EDN ```yaml BOX_ZEN_PROJECT_LOAD: "" ``` Used to load a single namespace represented as EDN
Details
IDzen-project.load
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_LOAD
Deprecated environment variablesAIDBOX_ZEN_LOAD
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### URL or path to the zen project source ```yaml BOX_ZEN_PROJECT_PATHS: "" ``` Source of the zen project using the following syntax `::[,::]*`. `` is either `url`, or `path`. * `url` is used to load project from remote location * `path` is used to load project from local location `` is either `zip`, or `dir`, or `edn`. Table of sources and format compatibility: | | | | | | ------------- | ----- | ----- | ----- | | source/format | `zip` | `dir` | `edn` | | `url` | ✓ | | ✓ | | `path` | ✓ | ✓ | ✓ |
Details
IDzen-project.paths
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_PATHS
Deprecated environment variablesAIDBOX_ZEN_PATHS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project git protocol ```yaml BOX_ZEN_PROJECT_GIT_PROTOCOL: "" ``` Either `https` or `ssh`. Assumes local directory if omitted.
Details
IDzen-project.git.protocol
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_PROTOCOL
Deprecated environment variablesBOX_PROJECT_GIT_PROTOCOL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project git URL ```yaml BOX_ZEN_PROJECT_GIT_URL: "" ``` Where to clone your project from. Aidbox substitutes it to `git clone ` command.
Details
IDzen-project.git.url
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_URL
Deprecated environment variablesBOX_PROJECT_GIT_URL
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project git access token ```yaml BOX_ZEN_PROJECT_GIT_ACCESS_TOKEN: "" ``` Token to access HTTPS private repository
Details
IDzen-project.git.access-token
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_ACCESS_TOKEN
Deprecated environment variablesBOX_PROJECT_GIT_ACCESS__TOKEN
Sensitivetrue — value will be masked in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project git checkout ```yaml BOX_ZEN_PROJECT_GIT_CHECKOUT: "" ``` Git branch or commit
Details
IDzen-project.git.checkout
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_CHECKOUT
Deprecated environment variablesBOX_PROJECT_GIT_CHECKOUT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen project target path ```yaml BOX_ZEN_PROJECT_GIT_TARGET_PATH: "" ``` Clone the repository into a directory. Default value is a directory in `/tmp`
Details
IDzen-project.git.target-path
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_TARGET_PATH
Deprecated environment variablesBOX_PROJECT_GIT_TARGET__PATH
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Path to the zen project inside a git repository ```yaml BOX_ZEN_PROJECT_GIT_SUB_PATH: "" ``` The value of the setting should be set to a path starting with a repository name.
Details
IDzen-project.git.sub-path
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_GIT_SUB_PATH
Deprecated environment variablesBOX_PROJECT_GIT_SUB__PATH
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Zen dev mode ```yaml BOX_ZEN_PROJECT_DEV_MODE: false ``` Enables watcher which reloads zen namespaces when they change.
Details
IDzen-project.dev.mode
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_DEV_MODE
Deprecated environment variablesAIDBOX_ZEN_DEV_MODE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Task executor service workers ```yaml BOX_ZEN_PROJECT_DEFAULT_SERVICE_WORKERS: 3 ``` The default number of task executor service workers.
Details
IDzen-project.default-service-workers
TypeInt
Default value3
Environment variableBOX_ZEN_PROJECT_DEFAULT_SERVICE_WORKERS
Deprecated environment variablesAIDBOX_ZEN_DEFAULT_SERVICE_WORKERS
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Zen config expose ```yaml BOX_ZEN_PROJECT_CONFIG_EXPOSE: false ``` Show zen Aidbox config in zen UI and on $config endpoint
Details
IDzen-project.config.expose
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_CONFIG_EXPOSE
Deprecated environment variablesAIDBOX_ZEN_CONFIG_EXPOSE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Sync indexes on startup ```yaml BOX_ZEN_PROJECT_INDEX_SYNC_ON_START: false ``` If enabled, Aidbox synchronizes managed index on startup
Details
IDzen-project.index.sync-on-start
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_INDEX_SYNC_ON_START
Deprecated environment variablesBOX_INDEX_SYNC__ON__START
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Manifest to zen migration ```yaml BOX_ZEN_PROJECT_MANIFEST_TO_ZEN_MIGRATION: "" ```
Details
IDzen-project.manifest-to-zen-migration
TypeString
Default value(no default)
Environment variableBOX_ZEN_PROJECT_MANIFEST_TO_ZEN_MIGRATION
Deprecated environment variablesBOX_FEATURES_MANIFEST__TO__ZEN__MIGRATION
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Enable zen-FHIR search parameters ```yaml BOX_ZEN_PROJECT_SEARCH_ZEN_FHIR: "" ``` Aidbox zen packages may contain search parameters. Enable this setting to load these search parameters into Aidbox. If disabled, only the pre-bundled and user-created search parameters are available. This setting has no effect if FHIR-Schema validator is enabled.
Details
IDzen-project.search.zen-fhir
TypeEnum
Valuesenable
disable
Default value(no default)
Environment variableBOX_ZEN_PROJECT_SEARCH_ZEN_FHIR
Deprecated environment variablesBOX_SEARCH_ZEN__FHIR
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Check bindings ```yaml BOX_ZEN_PROJECT_VALIDATION_VALUE_SET_MODE: true ``` Disable validation of FHIR terminology bindings
Details
IDzen-project.validation.value-set-mode
TypeBool
Default valuetrue
Environment variableBOX_ZEN_PROJECT_VALIDATION_VALUE_SET_MODE
Deprecated environment variablesAIDBOX_FEATURES_VALIDATION_VALUE__SET_MODE ,
BOX_FEATURES_VALIDATION_VALUE__SET_MODE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaEnvironment variables
Hot reloadfalse — setting requires system restart
### Use SQL backward-compatible with old zen search ```yaml BOX_ZEN_PROJECT_SEARCH_RESOURCE_COMPAT: true ``` For some time zen-search generated slightly different SQL expressions. Turn on this feature if you use zen-search and do not wish to update indexes.
Details
IDzen-project.search.resource-compat
TypeBool
Default valuetrue
Environment variableBOX_ZEN_PROJECT_SEARCH_RESOURCE_COMPAT
Deprecated environment variablesBOX_SEARCH_RESOURCE__COMPAT
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Enable terminology import ```yaml BOX_ZEN_PROJECT_TERMINOLOGY_IMPORT_ENABLE: true ``` Enable terminology import.
Details
IDzen-project.terminology.import.enable
TypeBool
Default valuetrue
Environment variableBOX_ZEN_PROJECT_TERMINOLOGY_IMPORT_ENABLE
Deprecated environment variablesBOX_FEATURES_TERMINOLOGY_IMPORT_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Enable terminology sync ```yaml BOX_ZEN_PROJECT_TERMINOLOGY_IMPORT_SYNC: false ``` Enable terminology sync.
Details
IDzen-project.terminology.import.sync
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_TERMINOLOGY_IMPORT_SYNC
Deprecated environment variablesBOX_FEATURES_TERMINOLOGY_IMPORT_SYNC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Build FTR index on startup ```yaml BOX_ZEN_PROJECT_FTR_BUILD_INDEX_ON_STARTUP_ENABLE: true ``` Build FTR index on startup.
Details
IDzen-project.ftr.build-index-on-startup.enable
TypeBool
Default valuetrue
Environment variableBOX_ZEN_PROJECT_FTR_BUILD_INDEX_ON_STARTUP_ENABLE
Deprecated environment variablesBOX_FEATURES_FTR_BUILD__INDEX__ON__STARTUP_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Sync FTR index on Aidbox start ```yaml BOX_ZEN_PROJECT_FTR_BUILD_INDEX_ON_STARTUP_SYNC: false ``` Sync FTR index on Aidbox start.
Details
IDzen-project.ftr.build-index-on-startup.sync
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_FTR_BUILD_INDEX_ON_STARTUP_SYNC
Deprecated environment variablesBOX_FEATURES_FTR_BUILD__INDEX__ON__STARTUP_SYNC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Enable incremental updates of the FTR index ```yaml BOX_ZEN_PROJECT_FTR_INCREMENTAL_INDEX_UPDATES_ENABLE: true ``` Enable incremental updates of the FTR index
Details
IDzen-project.ftr.incremental-index-updates.enable
TypeBool
Default valuetrue
Environment variableBOX_ZEN_PROJECT_FTR_INCREMENTAL_INDEX_UPDATES_ENABLE
Deprecated environment variablesBOX_FEATURES_FTR_INCREMENTAL__INDEX__UPDATES_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Load FTR index into Aidbox DB ```yaml BOX_ZEN_PROJECT_FTR_PULL_ENABLE: false ``` Load FTR index into Aidbox DB
Details
IDzen-project.ftr.pull.enable
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_FTR_PULL_ENABLE
Deprecated environment variablesBOX_FEATURES_FTR_PULL_ENABLE
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart
### Load FTR index synchronously ```yaml BOX_ZEN_PROJECT_FTR_PULL_SYNC: false ``` Block Aidbox start until FTR index is loaded into Aidbox DB.
Details
IDzen-project.ftr.pull.sync
TypeBool
Default valuefalse
Environment variableBOX_ZEN_PROJECT_FTR_PULL_SYNC
Deprecated environment variablesBOX_FEATURES_FTR_PULL_SYNC
Sensitivefalse — value will be visible in plaintext in Admin UI
Set viaAdmin UI → Settings
Environment variables
Hot reloadfalse — setting requires system restart