Skip to content

Fix environment variable naming inconsistencies in documentation (#5983) #7091

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
EricWittmann merged 1 commit into from
Jan 7, 2026
+34 −34
Merged

Fix environment variable naming inconsistencies in documentation (#5983) #7091

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 34 additions & 34 deletions .../modules/ROOT/pages/getting-started/assembly-configuring-registry-security.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ You can use the defaults for the other client settings.
|The client ID for the {registry} REST API.
|String
|`registry-api`
|`APICURIO_UI_AUTH_OIDC_CLIENT-ID`
|`APICURIO_UI_AUTH_OIDC_CLIENT_ID`
|The client ID for the {registry} web console.
|String
|`apicurio-registry`
Expand All @@ -116,7 +116,7 @@ TIP: For an example of setting environment variables on OpenShift, see xref:conf
|Java system property
|Type
|Default value
|`APICURIO_AUTH_ROLE-BASED-AUTHORIZATION`
|`APICURIO_AUTH_ROLE_BASED_AUTHORIZATION`
|`apicurio.auth.role-based-authorization`
|Boolean
|`false`
Expand Down Expand Up @@ -158,7 +158,7 @@ TIP: For an example of setting environment variables on OpenShift, see xref:conf
|Java system property
|Type
|Default value
|`APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION_LIMIT-GROUP-ACCESS`
|`APICURIO_AUTH_OWNER_ONLY_AUTHORIZATION_LIMIT_GROUP_ACCESS`
|`apicurio.auth.owner-only-authorization.limit-group-access`
|Boolean
|`false`
Expand Down Expand Up @@ -226,13 +226,13 @@ IMPORTANT: You must register your {registry} application host as a *Redirect URI
|Environment variable
|Description
|Setting
|`QUARKUS_OIDC_CLIENT-ID`
|`QUARKUS_OIDC_CLIENT_ID`
|The client application ID for the {registry} REST API
|Your Azure AD Application (client) ID obtained in step 5. For example: `123456a7-b8c9-012d-e3f4-5fg67h8i901`
|`APICURIO_UI_AUTH_OIDC_CLIENT-ID`
|`APICURIO_UI_AUTH_OIDC_CLIENT_ID`
|The client application ID for the {registry} web console.
|Your Azure AD Application (client) ID obtained in step 5. For example: `123456a7-b8c9-012d-e3f4-5fg67h8i901`
|`QUARKUS_OIDC_AUTH-SERVER-URL`
|`QUARKUS_OIDC_AUTH_SERVER_URL`
|The URL for authentication in Azure AD.
|Your Azure AD Application (tenant) ID obtained in step 6. For example: `\https://login.microsoftonline.com/1a2bc34d-567e-89f1-g0hi-1j2kl3m4no56/v2.0`.
|===
Expand All @@ -245,19 +245,19 @@ IMPORTANT: You must register your {registry} application host as a *Redirect URI
|Environment variable
|Description
|Setting
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|Enables authentication for {registry}.
|`true`
|`QUARKUS_HTTP_CORS_ORIGINS`
|The host for your {registry} deployment for cross-origin resource sharing (CORS).
|For example: `\https://test-registry.com`
|`APICURIO_UI_AUTH_OIDC_REDIRECT-URI`
|`APICURIO_UI_AUTH_OIDC_REDIRECT_URI`
|The host for your {registry} web console.
|For example: `\https://test-registry.com/ui`
|`APICURIO_AUTH_ROLE-BASED-AUTHORIZATION`
|`APICURIO_AUTH_ROLE_BASED_AUTHORIZATION`
|Enables role-based authorization in {registry}.
|`true`
|`QUARKUS_OIDC_ROLES_ROLE-CLAIM-PATH`
|`QUARKUS_OIDC_ROLES_ROLE_CLAIM_PATH`
|The name of the claim in which Azure AD stores roles.
|`roles`
|===
Expand Down Expand Up @@ -329,19 +329,19 @@ You can set the following environment variables to configure authentication for
|Description
|Type
|Default
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|Enables authentication for {registry}. When set to `true`, the environment variables that follow are required for authentication using {keycloak}.
|String
|`false`
|`QUARKUS_OIDC_AUTH-SERVER-URL`
|`QUARKUS_OIDC_AUTH_SERVER_URL`
|The URL of the {keycloak} authentication server. For example, `\http://localhost:8080`.
|String
|-
|`QUARKUS_OIDC_CLIENT-ID`
|`QUARKUS_OIDC_CLIENT_ID`
|The client ID for the {registry} REST API.
|String
|`registry-api`
|`APICURIO_UI_AUTH_OIDC_CLIENT-ID`
|`APICURIO_UI_AUTH_OIDC_CLIENT_ID`
|The client ID for the {registry} web console.
|String
|`apicurio-registry`
Expand All @@ -356,7 +356,7 @@ You can set the following environment variables to configure authentication for
|String
|-

|`APICURIO_AUTH_ROLE-BASED-AUTHORIZATION`
|`APICURIO_AUTH_ROLE_BASED_AUTHORIZATION`
|Enables or disables role-based authorization.
|Boolean
|False
Expand All @@ -376,11 +376,11 @@ By default, {registry} supports authentication by using OpenID Connect. Users or
|Java system property
|Type
|Default value
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|`quarkus.oidc.tenant-enabled`
|Boolean
|`false`
|`APICURIO_AUTHN_BASIC-CLIENT-CREDENTIALS.ENABLED`
|`APICURIO_AUTHN_BASIC_CLIENT_CREDENTIALS_ENABLED`
|`apicurio.authn.basic-client-credentials.enabled`
|Boolean
|`false`
Expand All @@ -400,7 +400,7 @@ When using {keycloak}, it is best to set this configuration to your {keycloak} J
|Java system property
|Type
|Default value
|`APICURIO_AUTHN_BASIC-CLIENT-CREDENTIALS_CACHE-EXPIRATION`
|`APICURIO_AUTHN_BASIC_CLIENT_CREDENTIALS_CACHE_EXPIRATION`
|`apicurio.authn.basic-client-credentials.cache-expiration`
|Integer
|`10`
Expand All @@ -420,11 +420,11 @@ You can set the following options to `true` to enable role-based authorization i
|Java system property
|Type
|Default value
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|`quarkus.oidc.tenant-enabled`
|Boolean
|`false`
|`APICURIO_AUTH_ROLE-BASED-AUTHORIZATION`
|`APICURIO_AUTH_ROLE_BASED_AUTHORIZATION`
|`apicurio.auth.role-based-authorization`
|Boolean
|`false`
Expand All @@ -445,7 +445,7 @@ To enable using roles assigned by {keycloak}, set the following environment vari
|Description
|Type
|Default
|`APICURIO_AUTH_ROLE-SOURCE`
|`APICURIO_AUTH_ROLE_SOURCE`
| When set to `token`, user roles are taken from the authentication token.
|String
|`token`
Expand Down Expand Up @@ -503,7 +503,7 @@ To enable using roles managed internally by {registry}, set the following enviro
|Description
|Type
|Default
|`APICURIO_AUTH_ROLE-SOURCE`
|`APICURIO_AUTH_ROLE_SOURCE`
| When set to `application`, user roles are managed internally by {registry}.
|String
|`token`
Expand All @@ -528,27 +528,27 @@ Because there are no default admin users in {registry}, it is usually helpful to
|Description
|Type
|Default
|`APICURIO_AUTH_ADMIN-OVERRIDE_ENABLED`
|`APICURIO_AUTH_ADMIN_OVERRIDE_ENABLED`
| Enables the admin-override feature.
|String
|`false`
|`APICURIO_AUTH_ADMIN-OVERRIDE_FROM`
|`APICURIO_AUTH_ADMIN_OVERRIDE_FROM`
|Where to look for admin-override information. Only `token` is currently supported.
|String
|`token`
|`APICURIO_AUTH_ADMIN-OVERRIDE_TYPE`
|`APICURIO_AUTH_ADMIN_OVERRIDE_TYPE`
|The type of information used to determine if a user is an admin. Values depend on the value of the FROM variable, for example, `role` or `claim` when FROM is `token`.
|String
|`role`
|`APICURIO_AUTH_ADMIN-OVERRIDE_ROLE`
|`APICURIO_AUTH_ADMIN_OVERRIDE_ROLE`
|The name of the role that indicates a user is an admin.
|String
|`sr-admin`
|`APICURIO_AUTH_ADMIN-OVERRIDE_CLAIM`
|`APICURIO_AUTH_ADMIN_OVERRIDE_CLAIM`
|The name of a JWT token claim to use for determining admin-override.
|String
|`org-admin`
|`APICURIO_AUTH_ADMIN-OVERRIDE_CLAIM-VALUE`
|`APICURIO_AUTH_ADMIN_OVERRIDE_CLAIM_VALUE`
|The value that the JWT token claim indicated by the CLAIM variable must be for the user to be granted admin-override.
|String
|`true`
Expand Down Expand Up @@ -577,12 +577,12 @@ You can set the following options to `true` to enable owner-only authorization f
|Boolean
|`false`

|`APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION`
|`APICURIO_AUTH_OWNER_ONLY_AUTHORIZATION`
|`apicurio.auth.owner-only-authorization`
|Boolean
|`false`

|`APICURIO_AUTH_OWNER-ONLY-AUTHORIZATION_LIMIT-GROUP-ACCESS`
|`APICURIO_AUTH_OWNER_ONLY_AUTHORIZATION_LIMIT_GROUP_ACCESS`
|`apicurio.auth.owner-only-authorization.limit-group-access`
|Boolean
|`false`
Expand All @@ -607,11 +607,11 @@ To enable authenticated read access, you must first enable role-based authorizat
|Java system property
|Type
|Default value
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|`quarkus.oidc.tenant-enabled`
|Boolean
|`false`
|`APICURIO_AUTH_AUTHENTICATED-READ-ACCESS_ENABLED`
|`APICURIO_AUTH_AUTHENTICATED_READ_ACCESS_ENABLED`
|`apicurio.auth.authenticated-read-access.enabled`
|Boolean
|`false`
Expand All @@ -636,11 +636,11 @@ calls to the REST API, set the following options to `true`:
|Java system property
|Type
|Default value
|`QUARKUS_OIDC_TENANT-ENABLED`
|`QUARKUS_OIDC_TENANT_ENABLED`
|`quarkus.oidc.tenant-enabled`
|Boolean
|`false`
|`APICURIO_AUTH_ANONYMOUS-READ-ACCESS_ENABLED`
|`APICURIO_AUTH_ANONYMOUS_READ_ACCESS_ENABLED`
|`apicurio.auth.anonymous-read-access.enabled`
|Boolean
|`false`
Expand Down
Loading