You are reading the documentation for an outdated Corteza release. 2024.9 is the latest stable Corteza release.
Type Default value Description

AUTH_JWT_SECRET

string

(random)

Secret used for signing JWT tokens.

Make sure to provide a secret. If you don’t, a random value is assigned — this causes all of the tokens to become invalid after a server restart.

AUTH_JWT_EXPIRY

duration

1 month

Expiration time for the auth JWT tokens.

HTTP_CLIENT_TSL_INSECURE

boolean

false

Allow insecure (invalid, expired TSL/SSL certificates) connections.

We strongly recommend keeping this value set to false except for local development or demos.