web.yaml Configuration Reference

PortalUrl

Description:

Specifies the AgilePoint Portal Instance URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

Format:

"portalurl": "[your AgilePoint Portal instance URL]"

Example:

"portalurl": "https://myagilepointnxdomain.com:13490"

Port

Description:

Specifies the port number for AgilePoint NX Portal.

Allowed Values:

The port number from the AgilePoint NX Portal machine that serves the AgilePoint NX Portal.

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

"port": 13491

defaulttenantname

Description:

Specifies the name of your AgilePoint NX tenant.

Allowed Values:

An AgilePoint NX tenant name.

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

"defaulttenantname": "AgilePoint"

agilepointserverurl

Description:

Specifies the REST URL for the AgilePoint Server instance.

This URL is used for client-server communication — for example, between the Portal client and Portal server software. If agilepointserverurls2s is not configured, this URL is used for communication between AgilePoint NX Portal and AgilePoint Server (server-to-server access).

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

Format:

"agilepointserverurl": "[your AgilePoint Portal instance URL]/agilepointserver"

Example:

"agilepointserverurl": "http://myagilepointnxdomain.com:13490/agilepointserver"

agilepointserverurls2s

Description:

Specifies the URL for server-to-server communication with AgilePoint Server.

This is the REST URL for your AgilePoint Server instance used by the AgilePoint NX Portal to communicate with the AgilePoint Server when both the Portal and AgilePoint Server are hosted on the same machine or within the same network, or in setups involving SSL offloading. By default, AgilePoint NX Portal and AgilePoint Server are installed on the same machine.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

Format:

"agilepointserverurls2s": "[your AgilePoint Portal instance URL]/agilepointserver"

Example:

"agilepointserverurls2s": "http://myagilepointnxdomain.com:5000/agilepointserver"

agilepointserverwshttpurl

Description:

Specifies the web service (wsHTTP) URL for AgilePoint Server.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

Format:

"agilepointserverwshttpurl": "[your AgilePoint Portal instance URL]/agilepointserver"

Example:

"agilepointserverwshttpurl": "http://myagilepointnxdomain.com:13487/agilepointserver"

httpsenabled

Description:

Specifies whether to enable SSL in AgilePoint NX Portal.

Allowed Values:

• true - Enables SSL in AgilePoint NX Portal.
• false - Disables SSL in AgilePoint NX Portal.

Default Value:

false

Example:

"httpsenabled": true

sslkey

Description:

Specifies the SSL private key file to use to configure SSL for AgilePoint NX Portal.

Allowed Values:

• A relative, virtual path and file name in the Portal certificates folder.

  The following is the literal default folder path for Certificates folder:

  • C:\Program Files\AgilePoint\AgilePointPortalInstance\Certificates

  The path that is configured in the web.yaml file is a virtual path that points to this folder. This virtual path uses front slashes (/), rather than backslashes (\):

  • /Certificates/
• Any absolute path and file name on the AgilePoint Server machine AgilePoint NX Portal can access. Literal file paths require two backslashes (\\) instead of one backslash (\) A single backslash (\) is treated as an escape character.

Default Value:

None

Example:

Relative Path Format:

"sslkey": "[relative path and file name for the SSL private key file]"

Example:

"sslkey": "/Certificates/drlive.key"

Absolute Path Format:

"sslkey": "[absolute path and file name for the SSL private key file]"

Example:

"sslkey": "C:\\Documents\\drlive.key"

sslcert

Description:

Specifies the path for the SSL certificate file to use to configure SSL for AgilePoint NX Portal.

Allowed Values:

• A relative, virtual path and file name in the Portal certificates folder.

  The following is the literal default folder path for Certificates folder:

  • C:\Program Files\AgilePoint\AgilePointPortalInstance\Certificates

  The path that is configured in the web.yaml file is a virtual path that points to this folder. This virtual path uses front slashes (/), rather than backslashes (\):

  • /Certificates/
• Any absolute path and file name on the AgilePoint Server machine AgilePoint NX Portal can access. Literal file paths require two backslashes (\\) instead of one backslash (\) A single backslash (\) is treated as an escape character.

Default Value:

None

Example:

Relative Path Format:

"sslcert": "[relative path and file name for the SSL certificate file]"

Example:

"sslcert": "/Certificates/drlive.crt"

Absolute Path Format:

"sslcert": "[absolute path and file name for the SSL certificate file]"

Example:

"sslcert": "C:\\Documents\\drlive.crt"

pfx

Description:

Specifies the PFX certificate to configure SSL for the AgilePoint NX Portal.

Allowed Values:

• A relative, virtual path and file name in the Portal certificates folder.

  The following is the literal default folder path for Certificates folder:

  • C:\Program Files\AgilePoint\AgilePointPortalInstance\Certificates

  The path that is configured in the web.yaml file is a virtual path that points to this folder. This virtual path uses front slashes (/), rather than backslashes (\):

  • /Certificates/
• Any absolute path and file name on the AgilePoint Server machine AgilePoint NX Portal can access. Literal file paths require two backslashes (\\) instead of one backslash (\) A single backslash (\) is treated as an escape character.

Default Value:

None

Example:

Relative Path Format:

"pfx": "[relative path and file name for the PFX certificate file]"

Example:

"pfx": "/Certificates/agilityclouds-2025.pfx"

Absolute Path Format:

"pfx": "[absolute path and file name for the PFX certificate file]"

Example:

"pfx": "C:\\Documents\\agilityclouds-2025.pfx"

pfxpassword

Description:

Specifies the password for the PFX certificate.

The password is stored in encrypted format.

Allowed Values:

An encrypted string that represents the password for the .pfx certificate.

For more information, refer to Encrypt Password Utility.

Default Value:

None

Example:

"pfxpassword": "casdbfef5ab24dd47839f0d48485307abe65170c7"

sslrootcacert

Description:

Specifies the path for the root CA certificate.

This certificate is issued by a Certificate Authority (CA).

Allowed Values:

• A relative, virtual path and file name in the Portal certificates folder.

  The following is the literal default folder path for Certificates folder:

  • C:\Program Files\AgilePoint\AgilePointPortalInstance\Certificates

  The path that is configured in the web.yaml file is a virtual path that points to this folder. This virtual path uses front slashes (/), rather than backslashes (\):

  • /Certificates/
• Any absolute path and file name on the AgilePoint Server machine AgilePoint NX Portal can access. Literal file paths require two backslashes (\\) instead of one backslash (\) A single backslash (\) is treated as an escape character.

Default Value:

None

Example:

Relative Path Format:

"sslrootcacert": "[relative path and file name for the certificate authority file]"

Example:

"sslrootcacert": "/Certificates/my-root-ca.crt"

Absolute Path Format:

"sslrootcacert": "[absolute path and file name for the certificate authority file]"

Example:

"sslrootcacert": "C:\\Documents\\my-root-ca.crt"

logfilepath

Description:

Specifies the folder path for the AgilePoint NX Portal logs on the AgilePoint Server machine.

Allowed Values:

An absolute file path where the AgilePoint NX Portal log files are stored.

Default Value:

C:\\Program Files\\AgilePoint\\AgilePointPortalInstance\\log

Example:

Format:

"logfilepath": "[path for the AgilePoint NX Portal logs]"

Example:

"logfilepath": "C:\\Program Files\\AgilePoint\\AgilePointPortalInstance\\log"

enablelogstack

Description:

Specifies whether to enable the stack errors to be stored in log files, which gives additional information about the errors.

The verboselog attribute must be set to true.

Allowed Values:

• true - Stores the stack error in log files.
• false - The stack error is not saved.

Default Value:

false

Example:

"enablelogstack": true

generateErrorCodesFile

Description:

Specifies whether to create the error codes that are registered in AgilePoint NX Portal when the AgilePoint Portal Instance restarts.

The error codes are created in the file.

(NX Portal installation folder - v9.0 and higher) C:\Program Files\AgilePoint\AgilePointPortalInstance\error-codes\registered-error-codes.csv

Allowed Values:

• true - Creates the error codes when the AgilePoint Portal Instance restarts.
• false - Does not create error codes when the AgilePoint Portal Instance restarts.

Default Value:

false

Example:

"generateerrorcodesfile": true

enablerequestlogging

Description:

Specifies whether to store the log when a request is received and when the response for that request is sent.

The log information is stored in the folder:

C:\Program Files\AgilePoint\AgilePointServerInstance\log\info

Allowed Values:

• true - Stores information about the request logs.
• false - Does not store information about the request logs.

Default Value:

false

Example:

"enablerequestlogging": true

enablelogbase

Description:

Specifies whether to write the PID and hostname for all logs.

The verboselog attribute must be set to true.

Allowed Values:

• true - Writes the PID and hostname for all logs.
• false - Does not write the PID and hostname for all logs.

Default Value:

false

Example:

"enablelogbase": true

enableverboselog

Description:

Specifies whether to enable verbose logging.

Allowed Values:

• true - Enables verbose logging.
• false - Disables verbose logging.

Default Value:

false

Example:

"enableverboselog": true

enablesecureroutes

Description:

Specifies whether to register routes such as, /.bzr, and /.hg, which are considered as standard vulnerable routes to restrict access to AgilePoint NX Portal and sends 404 response.

Allowed Values:

• true - Registers the routes as standard vulnerable routes to restrict access.
• false - Does not register the routes and they can be used to access to AgilePoint NX Portal.

Default Value:

false

Example:

"enablesecureroutes": true

enablecasesensitiveroutes

Description:

Specifies whether to enable case-sensitive routes for AgilePoint NX Portal.

Allowed Values:

• true - Enables case-sensitive routes for the AgilePoint NX Portal.
• false - Disables case-sensitive routes for the AgilePoint NX Portal.

Default Value:

false

Example:

"enablecasesensitiveroutes": true

httpredirectionenabled

Description:

Specifies whether to enable HTTP redirect in the Agilepoint NX Portal.

The source URL and the target URL can be configured with the httpredirect attribute. When a source URL is accessed in the Agilepoint NX Portal, the user is automatically redirected to the target URL.

Allowed Values:

• true - Enables HTTP redirect.
• false - Disables HTTP redirect.

Default Value:

true

Example:

"httpredirectionenabled": true

httpredirect

Description:

Specifies URL redirection rules used in the HTTP redirect feature.

Allowed Values:

An array of route redirection objects. Each object has the following elements:

• Source URL
• Method (GET or POST)
• Handler information for target redirection.

Format:

sourceUrl, method, handler { targetUrl, statusCode, appendQueryString }

Default Value:

None

Example:

"httpredirect": [
  {
  "sourceUrl": "/manage/index",
  "method": "GET",
  "handler": 
    {
    "targetUrl": "/manage/modern",
    "statusCode": 301,
    "appendQueryString": false
    }
  },
]

externalURLRewriteEnabled

Description:

Specifies whether to enable external URL rewriting to change a URL that points to an external resource or service.

Allowed Values:

• true - Enables external URL rewriting.
• false - Disables external URL rewriting.

Default Value:

false

Example:

"externalURLRewriteEnabled": true

externalURLRewrite

Description:

Defines rewrite rules to redirect requests from one prefix to another. This is usually used to rewrite external-facing routes to internal targets.

Allowed Values:

An array of objects with these parameters:

• prefix
• targetUrl
• enableProxyHeaders

Default Value:

None

Example:

"rewrite":[
  {
  prefix: "/test",
  targetUrl: "http://myagilepointnxdomain.com:3000/test",
  enableProxyHeaders: true
  }
]

performdoubleextensionvalidation

Description:

Enables validation for double file extensions.

Allowed Values:

• true - Enables validation for double file extensions.
• false - Disables validation for double file extensions.

Default Value:

false

Example:

"performdoubleextensionvalidation": false

addomainname

Description:

Specifies the domain name for the AgilePoint Service Account.

Allowed Values:

A valid domain.

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

"addomainname": "MYDOMAIN"

adadminusername

Description:

Specifies the user name for the AgilePoint Service Account.

Allowed Values:

An Active Directory user name that has the permissions for AgilePoint Service Account.

For more information, refer to Administrator Types.

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

"adadminusername": "administrator"

adadminpassword

Description:

Specifies the encrypted password for the user specified in the adadminusername attribute.

Allowed Values:

A valid Active Directory password.

For more information, refer to Encrypt Password Utility.

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

"adadminpassword": "c938e77e5dec9d4c4c07ff4c3e55b75bdb5c"

minPasswordLength

Description:

Specifies the minimum number of characters permitted for a password.

Allowed Values:

An integer.

Default Value:

8

Example:

"minPasswordLength": 8

maxPasswordLength

Description:

Specifies the maximum number of characters permitted for a password.

Allowed Values:

An integer.

Default Value:

15

Example:

"maxPasswordLength": 15

maxUsernameLength

Description:

Specifies the maximum number of characters permitted for a user name.

Allowed Values:

An integer.

Default Value:

256

Example:

"maxUsernameLength": 256

loginbruteforceprotection

Description:

Specifies whether protection is enabled for brute-force login attempts.

This monitors the login attempts and locks the AgilePoint NX account if the failed sign-in attempts exceed the maximum.

Allowed Values:

• true - Protection against brute-force login attempt is enabled.
• false - Protection against brute-force login attempt is disabled.

Default Value:

false

Example:

"loginbruteforceprotection": true

maximumloginattempts

Description:

Specifies the maximum number of failed sign-in attempts permitted before a lockout occurs.

The loginbruteforceprotection attribute must be set to true.

Allowed Values:

An integer.

Default Value:

3

Example:

"maximumloginattempts": 5

loginlockouttimewindow

Description:

Specifies the duration in seconds to lock an account after the maximum number of sign-in attempts is exceeded.

The loginbruteforceprotection attribute must be set to true.

Allowed Values:

An integer.

Represents:

• A number of seconds

Default Value:

3600

This value equals one hour, in seconds.

Example:

"loginlockouttimewindow": 1800

resetloginattempttime

Description:

Specifies the duration in seconds to reset the maximum sign-in attempts value specified in the maximumloginattempts attribute.

When a user tries to sign in with failed attempts before reaching the maximum sign-in attempts. The count of failed sign-in attempts resets to zero after the duration specified in the resetloginattempttime attribute.

The loginbruteforceprotection attribute must be set to true.

Allowed Values:

An integer.

Represents:

• A number of seconds

Default Value:

86400

This value equals one day, in seconds.

Example:

"resetloginattempttime": 86400

showrememberme

Description:

Specifies whether to show the Remember Me field on the sign-in page to store the user name and password for the AgilePoint NX account.

Allowed Values:

• true - Shows the Remember Me field on the sign-in page to store the user name and password for the AgilePoint NX account. The credentials are stored in the user's browser cache.

  The Sign In screen shows the user name and password on the respective fields, so users do not need to enter the account credentials again to sign in.

• false - The Remember Me field does not show on the sign-in page.

  The Sign In screen shows the User Name and Password fields blank, and users must enter the account credentials each time they sign in.

Default Value:

true

Example:

"showrememberme": true

usemicrosoftauthenticatorapp

Description:

Specifies whether to enable the Microsoft Authenticator app support in the Mobile Configuration screen on the Agilepoint NX Portal UI.

Allowed Values:

• true - Enables the Microsoft Authenticator app support in the Mobile Configuration screen.
• false - Does not support the Microsoft Authenticator app in the Mobile Configuration screen.

Default Value:

false

Example:

"usemicrosoftauthenticatorapp": true

customcookies

Description:

Custom cookies enable system administrators to control how information is transferred and stored on a web browser for end users of the AgilePoint NX Portal UI.

For more information, refer to Custom Cookies for AgilePoint NX Portal.

activeauthproviders

Description:

Specifies the active authentication providers for AgilePoint NX Portal.

Allowed Values:

One or more authentication provider names, separated by commas (,).

• agilepointid - Specifies AgilePoint NX authentication.

  AgilePoint ID is not supported in AgilePoint NX OnPremises.

• activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.

  You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.

• acs - Specifies Amazon Cognito authentication.
• adfs - Specifies ADFS authentication.
• googleplus - Specifies Google Workspace authentication.
• oam - Specifies Oracle Access Management authentication.
• oidc - Specifies IdentityServer authentication.
• okta - Specifies Okta authentication.
• pingfed - Specifies PingFederate authentication.
• salesforce - Specifies Salesforce authentication.
• siteminder - Specifies SiteMinder authentication.

  To configure the SiteMinder authentication, contact AgilePoint Professional Services.

• waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365.

Default Value:

["activedirectory"]

Example:

"activeauthproviders": ["activedirectory", "waad"]

availableauthproviders

Description:

Specifies the authentication providers that can be used for AgilePoint NX Portal.

Allowed Values:

One or more authentication provider names, separated by commas (,).

• agilepointid - Specifies AgilePoint NX authentication.

  AgilePoint ID is not supported in AgilePoint NX OnPremises.

• activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.

  You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.

• acs - Specifies Amazon Cognito authentication.
• adfs - Specifies ADFS authentication.
• googleplus - Specifies Google Workspace authentication.
• oam - Specifies Oracle Access Management authentication.
• oidc - Specifies IdentityServer authentication.
• okta - Specifies Okta authentication.
• pingfed - Specifies PingFederate authentication.
• salesforce - Specifies Salesforce authentication.
• siteminder - Specifies SiteMinder authentication.

  To configure the SiteMinder authentication, contact AgilePoint Professional Services.

• waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365.

Default Value:

["activedirectory", "waad", "salesforce"]

Example:

"availableauthproviders": ["activedirectory", "waad"]

activeauthprovidersformobileconfiguration

Description:

Specifies the active authentication providers for the AgilePoint NX Mobile App.

Allowed Values:

One or more authentication provider names, separated by commas (,).

• agilepointid - Specifies AgilePoint NX authentication.

  AgilePoint ID is not supported in AgilePoint NX OnPremises.

• activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.

  You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.

• acs - Specifies Amazon Cognito authentication.
• googleplus - Specifies Google Workspace authentication.
• oidc - Specifies IdentityServer authentication.
• okta - Specifies Okta authentication.
• pingfed - Specifies PingFederate authentication.
• salesforce - Specifies Salesforce authentication.
• waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365.

Default Value:

None

Example:

"activeauthprovidersformobileconfiguration": ["waad"]

nativeauthprovidersformainloginpage

Description:

Specifies the native authentication providers to show on the sign-in page.

Native authentication refers to user authentication that is handled directly by AgilePoint NX.

Allowed Values:

One or more authentication provider names, separated by commas (,).

• agilepointid - Specifies AgilePoint NX authentication.

  AgilePoint ID is not supported in AgilePoint NX OnPremises.

• activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.

  You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.

• custom - Specifies custom authentication.

Default Value:

["activedirectory", "agilepointid"]

Example:

"nativeauthprovidersformainloginpage": ["activedirectory", "agilepointid"]

hideauthentications

Description:

Specifies the authentication provider to hide on the sign-in page.

This field applies only for the Microsoft Entra ID (waad) authentication type. The activeauthproviders attribute must include waad.

If waad is specified in the activeauthproviders attribute, the Sign-in page shows the sign-in options for both Microsoft Entra ID and SharePoint for Microsoft 365. You can use this attribute to hide one of them.

Allowed Values:

One of the following authentication types:

• waad - Hides the Microsoft Entra ID option.
• office365 - Hides the SharePoint for Microsoft 365 option.

Default Value:

None

Example:

"hideauthentications": ['waad']

idpurl

Description:

Specifies the base URL AgilePoint NX Portal uses as an identity provider (IdP) issuer for third-party authentication.

Client applications can use this URL to initiate the authentication flows and access the IdP endpoints

.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

This value is populated based on your environment when you install AgilePoint NX.

Example:

Format:

"idpurl": "[your AgilePoint Portal instance URL]/idp"

Example:

"idpurl": "http://myagilepointnxdomain.com:13491/idp"

persistentssosession

Description:

Specifies whether to enable the persistent Single Sign-On (SSO) sessions for the user sign-in.

Allowed Values:

• true - Enables the persistent Single Sign-On (SSO) sessions for the user sign-in.
• false - Disables the persistent Single Sign-On (SSO) sessions.

Default Value:

true

Example:

"persistentssosession": true

usernametransformationenabled

Description:

Specifies whether to change the format for the user name before authentication.

When the attribute is set to true, and the sign-in user name format differs from the one registered in AgilePoint NX. AgilePoint NX Portal requests the transformed user name from the AgilePoint server before verifying the user name during sign-in.

Allowed Values:

• true - Changes the format of the user name before authentication.
• false - Does not change the format of the user name before authentication.

Default Value:

false

Example:

"usernametransformationenabled": false

logingatewayurl

Description:

Specifies the URL for the login gateway server.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

"logingatewayurl": "https://login.example.com"

syncuserprofileforauthproviders

Description:

Specifies the authentication providers whose user profiles are synchronized in your AgilePoint NX environment at the time of sign-in.

The enableautosyncuserprofileonlogin attribute must set to true.

Allowed Values:

One or more authentication provider names, separated by commas (,).

• agilepointid - Specifies AgilePoint NX authentication.

  AgilePoint ID is not supported in AgilePoint NX OnPremises.

• activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.

  You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.

• acs - Specifies Amazon Cognito authentication.
• adfs - Specifies ADFS authentication.
• googleplus - Specifies Google Workspace authentication.
• oam - Specifies Oracle Access Management authentication.
• oidc - Specifies IdentityServer authentication.
• okta - Specifies Okta authentication.
• pingfed - Specifies PingFederate authentication.
• salesforce - Specifies Salesforce authentication.
• siteminder - Specifies SiteMinder authentication.

  To configure the SiteMinder authentication, contact AgilePoint Professional Services.

• waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365.

Default Value:

["waad", "google", "pingfed", "salesforce", "sfsandbox"]

Example:

"syncuserprofileforauthproviders": ["waad", "google"]

enableautosyncuserprofileonlogin

Description:

Specifies whether to synchronize the user profile in your AgilePoint NX environment at the time of sign-in to AgilePoint NX Portal.

Allowed Values:

• true - Synchronizes the user profile.
• false - Does not synchronize the user profile.

Default Value:

true

Example:

"enableautosyncuserprofileonlogin": true

enablemanagersync

Description:

Specifies whether to synchronize the user's manager profile in your AgilePoint NX environment at the time of sign-in.

The enableautosyncuserprofileonlogin attribute must set to true

Allowed Values:

• true - Synchronizes the manager profile.
• false - Does not synchronize the manager profile.

Default Value:

true

Example:

"enablemanagersync": true

acs:authority

Description:

Specifies the Amazon Cognito server URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"acs:authority": "[Amazon Cognito service URL]"

Example:

"acs:authority": "https://cognito-idp.us-east-2.amazonaws.com/us-east-1_abcdefg12"

acs:clientid

Description:

Specifies the client ID of the app you added in Amazon Cognito.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"acs:clientid": "[client ID from Amazon Cognito]"

Example:

"acs:clientid": "2tmqdmcst123uchcfijtf4tgmd"

acs:clientsecret

Description:

Specifies the client secret of the app you created or added in Amazon Cognito.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"acs:clientsecret": "[client secret from Amazon Cognito]"

Example:

"acs:clientsecret": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

adfs:portalclientid

Description:

Specifies the client ID of the app you added in ADFS.

Allowed Values:

One line of text (a string).

Represents:

• A GUID

Default Value:

None

Example:

Format:

"adfs:portalclientid": "[client ID from ADFS]"

Example:

"adfs:portalclientid": "8emqdmcst123uchcfijtf4tgmd"

adfs:portalclientsecret

Description:

Specifies the client secret of the app you created or added in ADFS.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"adfs:portalclientsecret": "[client secret from ADFS]"

Example:

"adfs:portalclientsecret": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

adfs:authority

Description:

Specifies the ADFS server URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"adfs:authority": "[ADFS server URL]"

Example:

"adfs:authority": "https://adfs.contoso.com/adfs/ls/"

gp:clientid

Description:

Specifies the client ID of the app you added in Google Workspace.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"gp:clientid": "[client ID from Google Workspace]"

Example:

"gp:clientid": "k45fgjqdmcst123uchcfijtf4tgmd"

gp:clientsecret

Description:

Specifies the client secret of the app you created or added in Google Workspace.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"gp:clientsecret": "[client secret from Google Workspace]"

Example:

"gp:clientsecret": "8qyrhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

oam:authority

Description:

Specifies the server URL for the Oracle Access Management.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"oam:authority": "[Oracle Access Management server URL]"

Example:

"oam:authority": "http://oam.example.com:7001/oamconsole"

oam:clientid

Description:

Specifies the client ID of the app you added in Oracle Access Management.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"oam:clientid": "[client ID from Oracle Access Management]"

Example:

"oam:clientid": "2tjhnmqdmcst123uchcfijtf4tgmd"

oam:clientsecret

Description:

Specifies the client secret of the app you created or added in Oracle Access Management.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"oam:clientsecret": "[client secret from Oracle Access Management]"

Example:

"oam:clientsecret": "8bhhgf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

oidc:authority

Description:

Specifies the IdentityServer server URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"oidc:authority": "[server URL for IdentityServer]"

Example:

"oidc:authority": "https://login.identityprovider.com"

oidc:clientid

Description:

Specifies the client ID of the app you added in IdentityServer.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"oidc:clientid": "[client ID from IdentityServer]"

Example:

"oidc:clientid": "5hhjlkhvhnmqdmcst123uchcfijtf4tgmd"

oidc:clientsecret

Description:

Specifies the client secret of the app you created or added in IdentityServer.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"oidc:clientsecret": "[client secret from IdentityServer]"

Example:

"oidc:clientsecret": "7tert3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

okta:oauthauthority

Description:

Specifies the Okta server URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"okta:oauthauthority": "[Okta server URL]"

Example:

"okta:oauthauthority": "https://dev-1okta.com"

okta:oauthclientid

Description:

Specifies the client ID of the app you added in Okta.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"okta:clientid": "[client ID from Okta]"

Example:

"okta:clientid": "5iughldqdmcst123uchcfijtf4tgmd"

okta:oauthclientsecret

Description:

Specifies the client secret of the app you created or added in Okta.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"okta:clientsecret": "[client secret from Okta]"

Example:

"okta:clientsecret": "3mnfss3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

pingfed:authority

Description:

Specifies the PingFederate server URL.

Allowed Values:

One line of text (a string).

Format:

• URL

Default Value:

None

Example:

Format:

"pingfed:authority": "[PingFederate server URL]"

Example:

"pingfed:authority": "https://pingfed.example.com"

pingfed:clientid

Description:

Specifies the client ID of the app you added in PingFederate.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"pingfed:clientid": "[client ID from PingFederate]"

Example:

"pingfed:clientid": "2wehnmqdmcst123uchcfijtf4tgmd"

pingfed:clientsecret

Description:

Specifies the client secret of the app you created or added in PingFederate.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"pingfed:clientsecret": "[client secret from PingFederate]"

Example:

"pingfed:clientsecret": "6lupgf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

sf:clientid

Description:

Specifies the client ID of the app you added in Salesforce.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"sf:clientid": "[client ID from Salesforce]"

Example:

"sf:clientid": "6pghtdmcst123uchcfijtf4tgmd"

sf:password

Description:

Specifies the client secret of the app you created or added in Salesforce.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"sf:password": "[client secret from Salesforce]"

Example:

"sf:password": "6uydf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

ida:clientid

Description:

Specifies the client ID of the app you added in Microsoft Entra ID.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"ida:clientid": "[client ID from Microsoft Entra ID]"

Example:

"ida:clientid": "abcd-1234-efgh-5678"

ida:password

Description:

Specifies the client secret of the app you created or added in Microsoft Entra ID.

Allowed Values:

One line of text (a string).

Not Accepted:

• Spaces

Default Value:

None

Example:

Format:

"ida:password": "[client secret from Microsoft Entra ID]"

Example:

"ida:password": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

mssqlenabled

Description:

Specifies whether to enable Microsoft SQL Server database integration to store data from AgilePoint NX Portal.

Allowed Values:

• true - Enables Microsoft SQL Server database integration.

  Microsoft SQL Server is the default database to store data for AgilePoint NX Portal.

• false - Disables Microsoft SQL database integration, and enables in-memory data store.

  If the attribute is set to false, you must configure the alternative option for these attributes to ensure AgilePoint NX Portal functions correctly:

  • identityproviderstoretype
  • sessionstoretype
  • cachestoretype

Default Value:

true

Example:

"mssqlenabled": true

mssqlconfig

Description:

Specifies how to configure the Microsoft SQL connection with a connection string and pool settings.

Allowed Values:

A connection string for the Microsoft SQL Server database.

The connection string must be in JSON format.

Default Value:

"mssqlconfig": 
  {
  "connectionString": "",
  "encrypt": false,
  "pool": 
    {
    "maxSize": 10,
    "minSize": 1
    }
  }

Example:

"mssqlconfig": 
  {
  "connectionString": "Server=myserver;Database=mydb;User Id=myuser;Password=mypassword;",
  "encrypt": true,
  "pool": 
    {
    "maxSize": 15,
    "minSize": 2
    }
  }

mssql:locksettings

Description:

Specifies how to set the lock for the Microsoft SQL database.

Allowed Values:

One line of text (a string) that represents a table hint.

Default Value:

None

Example:

"mssql:locksettings": "WITH (ROWLOCK)"

identityproviderstoretype

Description:

Specifies the storage type used by the identity provider.

Allowed Values:

• mssql - Stores information about the authentication provider in the Microsoft SQL Server database.
• in-memory - Stores information about the authentication provider in the in-memory database.

Default Value:

mssql

Example:

"identityproviderstoretype": "in-memory"

sessionstoretype

Description:

Specifies the storage type to use for the session.

Allowed Values:

• mssql - Stores the session in the Microsoft SQL Server database.
• in-memory - Stores the session in the in-memory database.

Default Value:

mssql

Example:

"sessionstoretype": "in-memory"

cachestoretype

Description:

Specifies the storage type to use for the cache.

Allowed Values:

• mssql - Stores the cache in the Microsoft SQL Server database.
• redis - Stores the cache in the Redis database.
• in-memory - Stores the cache in the in-memory database.

Default Value:

mssql

Example:

"cachestoretype": "inmemory"

responseheaders

Description:

Specifies the response headers to add all the HTTP responses from the server.

Allowed Values:

More than one line of text.

Format:

• JSON

Default Value:

None

Example:

"responseheaders": { "X-Frame-Options": "DENY", "X-Content-Type-Options": "nosniff", "Strict-Transport-Security": "max-age=31536000; includeSubDomains" }

copyright

Description:

Specifies the copyright text to show in the footer of the AgilePoint NX Portal UI.

Allowed Values:

One line of text (a string).

Default Value:

© AgilePoint, Inc. [current year] All rights reserved.

Example:

"copyright": "© 2025 AgilePoint, Inc."

enableendofsupportmessage

Description:

Specifies whether the end-of-support notification shows in the footer.

Allowed Values:

• true - Shows the end-of-support notification in the footer.
• false - Does not shows the end-of-support notification in the footer.

Default Value:

true

Example:

"enableendofsupportmessage": true

endofsupportreminderdays

Description:

Specifies the number of days before the end of support to show the reminder.

Allowed Values:

An integer.

Default Value:

90

Example:

"endofsupportreminderdays": 90

defaultculture

Description:

Specifies the default language or culture to use if no translation is found.

Allowed Values:

Any valid IETF BCP 47 language code.

Default Value:

en-US

Example:

"defaultculture": "fr-FR"

internal:resolutioncheckmode

Description:

Specifies how to check the display resolution for AgilePoint NX Portal.

Allowed Values:

• Strict - The screen size must be minimum of 1366 px width and 660 px height. If the screen size is below this limit, a resolution guard shows in a pop-up message. The Portal user must either resize their screen or return to the home page.
• Moderate - If the screen size is below the resolution of 1366 px width and 660 px height, a warning message shows in a pop-up, and the Portal user has the option to continue.
• Off - The screen resolution check is disabled.

Default Value:

Moderate

Example:

"internal:resolutioncheckmode": "Moderate"

istourguideenabled

Description:

Specifies whether to enable the product tour guide.

Allowed Values:

• true - Enables the product tour guide.
• false - Disables the product tour guide.

Default Value:

true

Example:

"istourguideenabled": false

showwelcomepopup

Description:

Specifies whether to show the welcome pop-up screen.

Allowed Values:

• true - Shows the welcome pop-up screen.
• false - Does not show the welcome pop-up screen.

Default Value:

true

Example:

"showwelcomepopup": false

settings:showlogfile

Description:

Specifies whether to show the Log Files section in the Agilepoint NX Potal Settings.

Allowed Values:

• true - Shows the Log Files section in the Agilepoint NX Potal Settings.
• false - Hides the Log Files section in the Agilepoint NX Potal Settings.

Default Value:

false

Example:

"settings:showlogfile": true

announcement:allowedusers

Description:

Specifies one or more users who can access the Announcements screen in the Portal Settings UI.

Allowed Values:

An array of user names.

Default Value:

There is no explicit default value. The AgilePoint Service Account and the Tenant Administrator have permission to access this feature in the Settings UI.

Example:

"announcement:allowedusers": ["domain\\maintenance_admin", "LillyAllen@fasbey.com"]

enableservicemaintenanceforusers

Description:

Specifies one or more users who can access the Maintenance Notification screen in the Portal Settings UI.

Allowed Values:

An array of user names.

Default Value:

There is no explicit default value. The AgilePoint Service Account and the Tenant Administrator have permission to access this feature in the Settings UI.

Example:

"enableservicemaintenanceforusers": ["domain\\maintenance_admin", "LillyAllen@fasbey.com"]

mobileconfig:enablecustommobilepage

Description:

Specifies whether to show the Mobile App Settings screen in the AgilePoint NX Portal UI.

Allowed Values:

• true - Shows the Mobile App Settings screen in the AgilePoint NX Portal UI.
• false - Does not show the Mobile App Settings screen in the AgilePoint NX Portal UI.

Default Value:

false

Example:

"mobileconfig:enablecustommobilepage": true

applicationcookiename

Description:

Specifies the cookie name for session management.

Allowed Values:

One line of text (a string).

Default Value:

ap-nx-portal-v2

Example:

"applicationcookiename": "your-session-cookie"

cookieexpirydays

Description:

Specifies the duration in days to expire the cookie.

Allowed Values:

An integer.

Default Value:

14

Example:

"cookieexpirydays": 7

servicemaintenancecookiename

Description:

Specifies the cookie name used during service maintenance.

Allowed Values:

Valid string

Default Value:

AP_Maintenance

Example:

"servicemaintenancecookiename": "AP_Maintenance"

analytics:agilepointanalyticsserverurl

Description:

Specifies the runtime URL for Analytics Center in your environment.

Allowed Values:

The Analytics Center URL, followed by /api.

Default Value:

http://myagilepointnxdomain.com:13492/AnalyticsCenter/api/

Example:

Format:

"analytics:agilepointanalyticsserverurl": "[Your AgilePoint NX Portal URL]/AnalyticsCenter/api/"

Example:

"analytics:agilepointanalyticsserverurl": "http://myagilepointnxdomain.com:13492/AnalyticsCenter/api/"

analytics:showanalytics

Description:

Specifies whether to show the Analytics Center component in AgilePoint NX Portal.

Allowed Values:

• true - Shows the Analytics Center component in AgilePoint NX Portal.
• false - Does not show the Analytics Center component in AgilePoint NX Portal.

Default Value:

true

Example:

"analytics:showanalytics": true

analytics:showexportmanager

Description:

Specifies whether to show or hide the export manager in Analytics Center.

Allowed Values:

• true - Shows the export manager in Analytics Center.
• false - Hides the export manager in Analytics Center.

Default Value:

false

Example:

"analytics:showexportmanager": false

aria:isariaenabled

Description:

Specifies whether to show the ARIA component in the AgilePoint NX Portal UI.

Allowed Values:

• true - Shows the ARIA component.
• false - Does not show the ARIA component.

Default Value:

true

Example:

"aria:isariaenabled": false

aria:orgname

Description:

Specifies the organization name to use for ARIA.

The organization name can be passed from AgilePoint NX Portal to the ARIA server while registering the ARIA license.

Allowed Values:

One line of text (a string).

Accepted:

• Letters
• Numbers
• Spaces
• Special characters

Default Value:

AgilePoint

Example:

"aria:orgname": "AgilePoint, Inc."

aria:retrycount

Description:

Specifies the maximum number of retry attempts permitted for ARIA requests.

Allowed Values:

An integer.

Default Value:

2

Example:

"aria:retrycount": 3