HTTP server

The Maverics Identity Orchestrator includes an HTTP server in order to consume and process requests for AppGateways and AuthProviders. The server has various properties defined below that can be configured.

Configuration options

Address

The address declares which address the Orchestrator will listen on. If the host section of the address is blank, the Orchestrator will listen on all available unicast and anycast IP addresses of the local system.

Example with just port specified:

http:
  address: :443

Example with IP and port specified:

http:
  address: 127.0.0.1:443

Alternatively, the HTTP server address can be specified via the MAVERICS_HTTP_ADDRESS environment variable. If the address is defined in both config and environment variable, the value from the environment variable will be used.

export MAVERICS_HTTP_ADDRESS=":443"

TLS

tls defines the transport layer security object will be used for the server. The TLS object used for the server must include valid certFile and keyFile fields.

The HTTP server’s TLS key pair can also be defined as environment variables by setting both MAVERICS_TLS_SERVER_CERT_FILE and MAVERICS_TLS_SERVER_KEY_FILE. If the server’s TLS key pair is defined in both config and environment variables, the value from the environment variable will be used.

export MAVERICS_TLS_SERVER_CERT_FILE="/etc/certs/maverics.sonarsystems.co.crt"
export MAVERICS_TLS_SERVER_KEY_FILE="/etc/certs/maverics.sonarsystems.co.key"

Read Header Timeout

The readHeaderTimeoutSeconds is an optional field used to determine the amount of time allowed to read request headers. Since the Orchestrator often serves as an HTTP proxy and has many clients with varying performance characteristics, no timeout is set by default.

Example Configuration

tls:
  maverics:
    certFile: /etc/certs/maverics.sonarsystems.co.crt
    keyFile: /etc/certs/maverics.sonarsystems.co.key

http:
  address: :443
  tls: maverics
  readHeaderTimeoutSeconds: 5