Configuration Details

Owned by Vinaya Mayya
Last updated: Nov 16, 2023 by Matthew Jackson
7 min read

The Ed-Fi ODS / API is configurable in a number of ways. Since the source code is available to licensees, one could argue that everything is configurable. But, what we’re discussing in this section are things like settings and options that do not require a change to the compiled code.

Key configuration points include: OAuth endpoints, Admin and Security datastore connections, Token timeouts, Enabling / disabling features. See the following sections for more details on important configuration options: 


Developers' Guide Contents

Find out more about how to develop platforms based on the Ed-Fi ODS / API v7.1:

 

Required Configuration Settings

Some configuration must be done for every Ed-Fi ODS / API platform instance. Examples of required configurations include database connection strings, SMTP server locations, and similar.

To make it easier for developers to install and run the Ed-Fi ODS / API, the default download from source control is pre-configured with values appropriate for a developer or single-server test instance of the system. 


ApplicationLocationSetting NameValueDescription
EdFi.Ods.SandboxAdminappsettings.jsonOAuthUrlExample: http://site-address:port/oauthPoints to the root of the authorization API in the Ed-Fi ODS / API.
EdFi.Ods.SwaggerUIappsettings.jsonWebApiVersionUrlExample: http://site-address:port/Points to the version endpoint in the Ed-Fi ODS / API.
EdFi.Ods.WebApiappsettings.jsonConnectionStrings:EdFi_AdminServer=(local); Database=EdFi_Admin; Trusted_Connection=True; Application Name=EdFi.Ods.WebApi;Connection to Admin database
EdFi.Ods.WebApiappsettings.jsonConnectionStrings:EdFi_SecurityServer=(local); Database=EdFi_Security; Trusted_Connection=True; Persist Security Info=True; Application Name=EdFi.Ods.WebApi;Connection to Security database
EdFi.Ods.WebApiappsettings.jsonApiSettings:OdsConnectionStringEncryptionKeyExample: JivjQAm53kz9IaBLUJIk+Rd+1YaKNZ88PkxjiSsQNRQ=AES Encryption key used to encrypt ODS connection strings configured in the Admin database. (Required everywhere other than development environment)
A deployment to a staging or production instance is usually more involved, and requires additional configuration. Required configurations for a production instance can be found in the Deployment section of this documentation.

Optional Configuration Settings

Although this list of settings is not exhaustive, other important and useful optional configuration values include:
ApplicationLocationSetting NameValueDescription
EdFi.Ods.SwaggerUIappsettings.jsonSwaggerUIOptions:OAuthConfigObject:ClientIdExample:
rcKsguTICAaBm9PxyUW4i		Optionally provides the value to prefill in the "key" field of auth.
EdFi.Ods.SwaggerUIappsettings.jsonSwaggerUIOptions:OAuthConfigObject:ClientSecretExample:
t0CklTOfMBGZNPgVQDLHh		Optionally provides the value to prefill in the "secret" field of auth.
EdFi.Ods.SwaggerUIappsettings.json

Tenants

Example:

 "Tenants": [
    {
      "Tenant": "Tenant1"
    }
  ],
Optionally provides the name of a tenant. This setting is required if using Multi Tenant Configuration. A valid tenant name is required for SwaggerUI to retrieve the API metadata.
EdFi.Ods.SandboxAdminappsettings.jsonUser
Example:
Contents on appsettings.json
 "User": {
        "Test Admin": {
            "Email": "test@ed-fi.org",
            "Admin": "true",
            "NamespacePrefixes": [
                "uri://ed-fi.org",
                "uri://gbisd.org"
            ],
            "Password": "zSKj8DdR4mQlPp3X2i1ra",
            "Sandboxes": {
                "Minimal Demonstration Sandbox": {
                    "Key": "FLqUvMPSoG4ryp7HiRBmX",
                    "Type": "Minimal",
                    "Secret": "bhJfA6qt7iNP3Xd5as9O0",
                    "Refresh": "false"
                },
                "Populated Demonstration Sandbox": {
                    "Key": "rcKsguTICAaBm9PxyUW4i",
                    "Type": "Sample",
                    "Secret": "t0CklTOfMBGZNPgVQDLHh",
                    "Refresh": "false"
                }
            }
        }
    }
Defines automatically created user accounts and sandboxes. Also configures automatic refreshes of sandboxes to a clean state. Each user entry will be created with the given email/password, and the sandboxes defined underneath it will also be created for the type and key/secret values.
New: Must include the NamespacePrefixes elements, to deploy what namespaces for the associated vendor. This collection is required, and at least one namespace prefix is required. 

EdFi.Ods.SandboxAdminappsettings.jsonMaximumSandboxesPerUserExample: 5The maximum number of sandboxes a sandbox admin user can create. 
EdFi.Ods.SandboxAdminappsettings.jsonDefaultClaimSetNameExample: SIS VendorThe claim set name for the default application for sandbox application clients.
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:UserNameExample: User.NameThe username of the credentials that are used to create an SMTP client for sending email messages from the Sandbox Admin application for new user creation and password resets
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:PasswordExample: abcd1234The password of the credentials that are used to create an SMTP client for sending email messages from the Sandbox Admin application for new user creation and password resets
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:FromExample: no-reply@ed-fi.orgThe email address that will show up in the FROM field of any email messages sent from the Sandbox Admin application
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:HostExample: smtp.example.comThe SMTP server that is used for sending email messages from the Sandbox Admin application. This value is necessary when the DeliveryMethod of Network is specified
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:PortExample: 25The port number used by the SMTP server for email messages. If no value is specified, then the default of 25 is used.
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:DeliveryMethodExample: NetworkSpecifies how email messages are delivered. The valid choices for this are:
  • Network - Email is sent through the network to an existing SMTP server
  • PickupDirectoryFromIis - Email is copied to the pickup directory used by IIS for delivery via its SMTP service
  • SpecifiedPickupDirectory - Email is copied to the specified directory for processing by an external mail application
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:SpecifiedPickupDirectory:PickupDirectoryLocationExample: C:\\temp\\location\\emailsWhen a Delivery Method of SpecifiedPickupDirectory is used, this is the folder where email messages will be saved to, to be picked up by an external mail application for processing and sending
EdFi.Ods.SandboxAdminappsettings.jsonMailSettings:Smtp:EnableSslExample: trueIndicates whether SSL encryption is used when establishing a connection with the SMTP server. This value is only applicable when the DeliveryMethod of Network is specified
EdFi.Ods.WebApiappsettings.jsonQueueAutoCreateExample: 1Whether or not a message queue should be created if it is not found. For Azure or Active Directory queues, this should be 0.
EdFi.Ods.WebApiappsettings.jsonCommitUploadCommandMessageEndPointExample: localhostThe server hosting the message queues.
EdFi.Ods.WebApiappsettings.jsonApiSettings:BearerTokenTimeoutMinutesExample: 30The amount of time that an OAuth token remains valid.
EdFi.Ods.WebApiappsettings.json

ApiSettings:Caching:Security:AbsoluteExpirationMinutes

Example: 10The amount of time the security metadata from EdFi_Security database is cached. E.g., if it is set to 10 mins, the claim set changes will reflect in the API at least after 10 mins without needing to recycle API process.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Descriptors:AbsoluteExpirationSecondsExample: 1800Number of seconds after which the descriptor cache is refreshed.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Descriptors:UseExternalCacheExample: trueWhen true, the Descriptor cache will use the configured external cache provider.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:AbsoluteExpirationSecondsExample: 14400Number of seconds after which the PersonUniqueIdToUsi mapping is refreshed. This settings is applied only when SlidingExpirationSeconds is not provided or set to 0.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:SlidingExpirationSecondsExample: 14400Number of seconds after which a PersonUniqueIdToUsi mapping is refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:UseProgressiveLoadingExample: falseWhen set to true, PersonUniqueIdToUsi mapping is loaded progressively as needed to fulfill the API requests (rather than being fully initialized in the background upon first request)
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:CacheSuppression:StudentExample: falseIndicates whether student UniqueId/USI mappings should be cached, or retrieved on demand with each request. When set to true,  caching is suppressed.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:CacheSuppression:StaffExample: falseIndicates whether staff UniqueId/USI mappings should be cached, or retrieved on demand with each request. When set to true,  caching is suppressed.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:CacheSuppression:ParentExample: falseIndicates whether parent UniqueId/USI mappings should be cached, or retrieved on demand with each request. When set to true, caching is suppressed. For use with data standard 4.0 and below. This setting has no affect after data standard 4.0. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:CacheSuppression:ContactExample: trueIndicates whether contact UniqueId/USI mappings should be cached, or retrieved on demand with each request. When set to true, caching is suppressed. For use with data standard 5.0 and above. This setting has no affect before data standard 5.0. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:PersonUniqueIdToUsi:UseExternalCacheExample: trueWhen true, the Person cache will use the configured external cache provider.
EdFi.Ods.WebApiappsettings.jsonApiSettings:ApiClientDetails:UseExternalCacheExample: trueWhen true, the API Client cache will use the configured external cache provider.
EdFi.Ods.WebApiappsettings.jsonApiSettings:ApiClientDetails:AbsoluteExpirationSecondsExample: 14400Number of seconds after which API Client information is refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:ExternalCacheProviderExample: "Redis"Currently the only available option is "Redis". When left blank (default), the application will use in-memory caching rather than an external provider, if any of the "UseExternalCache" options is set to true.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Redis:ConfigurationExample: see this documentWhen ExternalCacheProvider=="Redis" , provide the connection string information here. Default: an empty string
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Security:AbsoluteExpirationMinutesExample: 10Number of minutes after which security (authorization) settings are  refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Profiles:AbsoluteExpirationSecondsExample: 1800Number of seconds after which API client profile information is refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:OdsInstances:AbsoluteExpirationSecondsExample: 300Number of seconds after which ODS Instance mapping information is refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Caching:Tenants:AbsoluteExpirationSecondsExample: 600Number of seconds after which Tenant information is refreshed if not accessed. 
EdFi.Ods.WebApiappsettings.jsonApiSettings:Features:ExtensionstrueEnables the API endpoints created for all Extensions. An installation that is not customized at all and still has the GrandBend and Sample extensions can disable this feature in production.
EdFi.Ods.WebApiappsettings.jsonApiSettings:Features:UniqueIdValidationfalseEnables Unique ID System Integration. Must implement IUniqueIdToIdValueMapper and register within the implementation within the WebApi. 
EdFi.Ods.Web.Apiappsettings.jsonApiSettings:Features:TokenInfotrueEnables the token_info introspective endpoint.
EdFi.Ods.Web.Apiappsettings.jsonPlugin:FolderExample: ../../PluginConfigures the plugin folder that API looks to deploy extensions dynamically.
EdFi.Ods.Web.Apiappsettings.jsonPlugin:ScriptsExample: [ tpdm ]Configures the script (located in plugin folder by default) responsible for downloading the extension plugins and placing them in the plugin folder.

Environment Configuration 

While appsettings.json provides the primary configuration for the ASP.NET Core applications in the ODS / API solution, appsettings.Environment.json can be used to override the settings in appsettings.json in deployment environments. In development environment, initdev creates appsettings.Development.json to override settings for development environment. Note that the settings in appsettings.Development.json are overwritten every time initdev is executed. See Configuration in ASP.NET Core for more details. 

Secret Manager 

In development environments ASP.NET Core applications in the ODS / API solution uses secret manager tool to provide a way for setting overrides away from the projects so that they aren't accidentally checked into source control. To set overrides, you can either use the .NET CLI Tool 

or Manage User Secrets gesture in Visual Studio. 

Both of the above methods will create a secret.json file in the local machine's user profile folder and will override settings in appsettings.Development.json.

Websitesecrets.json location in Windows
Ed-Fi ODS / API%APPDATA%\Microsoft\UserSecrets\f1506d66-289c-44cb-a2e2-80411cc690ec
Sandbox Administration %APPDATA%\Microsoft\UserSecrets\f1506d66-289c-44cb-a2e2-80411cc690ea
Ed-Fi ODS / API Documentation%APPDATA%\Microsoft\UserSecrets\f1506d66-289c-44cb-a2e2-80411cc690eb

e.g., Following secret.json overrides the default 'GrandBend' dataset and deploys with 'Glendale' sample dataset.

 

See Safe storage of app secrets in development in ASP.NET Core for more details.