Admin panel configuration
The /config/admin file is used to define admin panel configuration for the Strapi application.
Available options​
The /config/admin file can include the following parameters:
| Parameter | Description | Type | Default |
|---|---|---|---|
apiToken.salt | Salt used to generate API tokens | string | Random string |
auditLogs.enabled | Enable or disable the Audit Logs feature | boolean | true |
auditLogs.retentionDays | How long Audit Logs are kept, in days. The behavior differs for self-hosted vs. Strapi Cloud customers, see the note under the table. | integer | 90 |
auth | Authentication configuration | object | - |
auth.secret | Secret used to encode JWT tokens | string | undefined |
auth.domain | Domain used within the cookie for SSO authentication EnterpriseThis feature is available with an Enterprise plan. SSOThis feature is available with the SSO add-on.) | string | undefined |
auth.providers | List of authentication providers used for SSO | array(object) | - |
auth.options | Options object passed to jsonwebtoken | object | - |
auth.options.expiresIn | JWT expire time used in jsonwebtoken | object | 30d |
auth.events | Record of all the events subscribers registered for the authentication | object | {} |
auth.events.onConnectionSuccess | Function called when an admin user log in successfully to the administration panel | function | undefined |
auth.events.onConnectionError | Function called when an admin user fails to log in to the administration panel | function | undefined |
url | Url of your admin panel. Default value: /admin. Note: If the url is relative, it will be concatenated with url. | string | /admin |
autoOpen | Enable or disable administration opening on start. | boolean | true |
watchIgnoreFiles | Add custom files that should not be watched during development. See more here (property ignored). | array(string) | [] |
host | Use a different host for the admin panel. | string | localhost |
port | Use a different port for the admin panel. | string | 8000 |
serveAdminPanel | If false, the admin panel won't be served. Note: the index.html will still be served | boolean | true |
flags | Settings to turn certain features or elements of the admin on or off | object | |
flags.nps | Enable/Disable the Net Promoter Score popup | boolean | true |
flags.promoteEE | Enable/Disable the promotion of Strapi Enterprise features | boolean | true |
forgotPassword | Settings to customize the forgot password email (see Forgot Password Email) | object | |
forgotPassword.emailTemplate | Email template as defined in email plugin | object | Default template |
forgotPassword.from | Sender mail address | string | Default value defined in your provider configuration |
forgotPassword.replyTo | Default address or addresses the receiver is asked to reply to | string | Default value defined in your provider configuration |
rateLimit | Settings to customize the rate limiting of the admin panel's authentication endpoints, additional configuration options come from `koa2-ratelimit` | object | |
rateLimit.enabled | Enable or disable the rate limiter | boolean | true |
rateLimit.interval | Time window for requests to be considered as part of the same rate limiting bucket | object | { min: 5 } |
rateLimit.max | Maximum number of requests allowed in the time window | integer | 5 |
rateLimit.delayAfter | Number of requests allowed before delaying responses | integer | 1 |
rateLimit.timeWait | Time to wait before responding to a request (in milliseconds) | integer | 3000 |
rateLimit.prefixKey | Prefix for the rate limiting key | string | ${userEmail}:${ctx.request.path}:${ctx.request.ip} |
rateLimit.whitelist | Array of IP addresses to whitelist from rate limiting | array(string) | [] |
rateLimit.store | Rate limiting storage location (Memory, Sequelize, or Redis) and for more information please see the `koa2-ratelimit documentation` | object | MemoryStore |
transfer.token.salt | Salt used to generate Transfer tokens. If no transfer token salt is defined, transfer features will be disabled. | string | Random string |
Retention days for self-hosted vs. Strapi Cloud users
For Strapi Cloud customers, the auditLogs.retentionDays value stored in the license information is used, unless a smaller retentionDays value is defined in the config/admin.js|ts configuration file.
Configuration examples​
The /config/admin file should at least include a minimal configuration with required parameters for authentication and API tokens. Additional parameters can be included for a full configuration.
Note
Environmental configurations (i.e. using the env() helper) do not need to contain all the values so long as they exist in the default /config/server.
- Minimal configuration
- Full configuration
The default configuration created with any new project should at least include the following:
- JavaScript
- TypeScript
./config/admin.js
module.exports = ({ env }) => ({
apiToken: {
salt: env('API_TOKEN_SALT', 'someRandomLongString'),
},
auditLogs: { // only accessible with an Enterprise plan
enabled: env.bool('AUDIT_LOGS_ENABLED', true),
},
auth: {
secret: env('ADMIN_JWT_SECRET', 'someSecretKey'),
},
transfer: {
token: {
salt: env('TRANSFER_TOKEN_SALT', 'anotherRandomLongString'),
}
},
});
./config/admin.ts
export default ({ env }) => ({
apiToken: {
salt: env('API_TOKEN_SALT', 'someRandomLongString'),
},
auditLogs: { // only accessible with an Enterprise plan
enabled: env.bool('AUDIT_LOGS_ENABLED', true),
},
auth: {
secret: env('ADMIN_JWT_SECRET', 'someSecretKey'),
},
transfer: {
token: {
salt: env('TRANSFER_TOKEN_SALT', 'anotherRandomLongString'),
}
},
});
- JavaScript
- TypeScript
./config/admin.js
module.exports = ({ env }) => ({
apiToken: {
salt: env('API_TOKEN_SALT', 'someRandomLongString'),
},
auditLogs: { // only accessible with an Enterprise plan
enabled: env.bool('AUDIT_LOGS_ENABLED', true),
retentionDays: 120,
},
auth: {
events: {
onConnectionSuccess(e) {
console.log(e.user, e.provider);
},
onConnectionError(e) {
console.error(e.error, e.provider);
},
},
options: {
expiresIn: '7d',
},
secret: env('ADMIN_JWT_SECRET', 'someSecretKey'),
},
url: env('PUBLIC_ADMIN_URL', '/dashboard'),
autoOpen: false,
watchIgnoreFiles: [
'./my-custom-folder', // Folder
'./scripts/someScript.sh', // File
],
host: 'localhost',
port: 8003,
serveAdminPanel: env.bool('SERVE_ADMIN', true),
forgotPassword: {
from: 'no-reply@example.com',
replyTo: 'no-reply@example.com',
},
rateLimit: {
interval: { hour: 1, min: 30 },
timeWait: 3*1000,
max: 10,
},
transfer: {
token: {
salt: env('TRANSFER_TOKEN_SALT', 'anotherRandomLongString'),
}
},
});
./config/admin.ts
export default ({ env }) => ({
apiToken: {
salt: env('API_TOKEN_SALT', 'someRandomLongString'),
},
auditLogs: { // only accessible with an Enterprise plan
enabled: env.bool('AUDIT_LOGS_ENABLED', true),
retentionDays: 120,
},
auth: {
events: {
onConnectionSuccess(e) {
console.log(e.user, e.provider);
},
onConnectionError(e) {
console.error(e.error, e.provider);
},
},
options: {
expiresIn: '7d',
},
secret: env('ADMIN_JWT_SECRET', 'someSecretKey'),
},
url: env('PUBLIC_ADMIN_URL', '/dashboard'),
autoOpen: false,
watchIgnoreFiles: [
'./my-custom-folder', // Folder
'./scripts/someScript.sh', // File
],
host: 'localhost',
port: 8003,
serveAdminPanel: env.bool('SERVE_ADMIN', true),
forgotPassword: {
from: 'no-reply@example.com',
replyTo: 'no-reply@example.com',
},
rateLimit: {
interval: { hour: 1, min: 30 },
timeWait: 3*1000,
max: 10,
},
transfer: {
token: {
salt: env('TRANSFER_TOKEN_SALT', 'anotherRandomLongString'),
}
},
});