Environment Variables
The following application settings must be configured on your Azure Function Apps in enterprise deployments.
Customer Portal API
| Setting | Required | Description |
|---|---|---|
DEPLOYMENT_MODE | Yes | SaaS, EnterpriseHybrid, LocalFirst, or Disconnected |
POSTGRES_CONNECTION_STRING | Yes | Full PostgreSQL connection string |
KEY_VAULT_URI | Yes | Azure Key Vault URI, e.g. https://kv-name.vault.azure.net/ |
VERIPROOF_ENTERPRISE_API_KEY | Partial | Required for Hybrid and LocalFirst modes |
VERIPROOF_COMMITMENT_ENDPOINT | Partial | Required for Hybrid and LocalFirst modes. https://api.veriproof.app/v1/enterprise/commitments |
PORTAL_BASE_URL | Yes | Public URL of your portal, e.g. https://portal.acme.com |
JWT_SIGNING_KEY | Yes | 256-bit secret for signing portal JWTs |
APPLICATIONINSIGHTS_CONNECTION_STRING | No | Azure Application Insights connection string |
STAFF_NOTIFICATION_EMAIL | No | Operator email for system alerts |
Ingest API
| Setting | Required | Description |
|---|---|---|
DEPLOYMENT_MODE | Yes | Same as Portal API |
POSTGRES_CONNECTION_STRING | Yes | Same PostgreSQL instance as Portal API |
KEY_VAULT_URI | Yes | Same Key Vault as Portal API |
VERIPROOF_ENTERPRISE_API_KEY | Partial | Required for Hybrid and LocalFirst |
VERIPROOF_COMMITMENT_ENDPOINT | Partial | Required for Hybrid and LocalFirst |
MAX_SESSION_PAYLOAD_BYTES | No | Default: 10485760 (10 MB). Reject sessions larger than this. |
APPLICATIONINSIGHTS_CONNECTION_STRING | No | Azure Application Insights connection string |
Generating a JWT Signing Key
openssl rand -hex 32Store the output in your Key Vault as veriproof-jwt-signing-key and reference it using a Key Vault reference in Azure Functions:
@Microsoft.KeyVault(SecretUri=https://your-kv.vault.azure.net/secrets/veriproof-jwt-signing-key/)Example local.settings.json (Development)
For local development with Azurite:
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage": "UseDevelopmentStorage=true",
"FUNCTIONS_WORKER_RUNTIME": "dotnet-isolated",
"DEPLOYMENT_MODE": "EnterpriseHybrid",
"POSTGRES_CONNECTION_STRING": "Host=localhost;Port=5432;Database=veriproof_dev;Username=postgres;Password=dev",
"KEY_VAULT_URI": "https://your-dev-kv.vault.azure.net/",
"VERIPROOF_ENTERPRISE_API_KEY": "vp_enterprise_dev_...",
"VERIPROOF_COMMITMENT_ENDPOINT": "https://api.veriproof.app/v1/enterprise/commitments",
"PORTAL_BASE_URL": "http://localhost:3000",
"JWT_SIGNING_KEY": "<generate with openssl rand -hex 32>"
}
}Last updated on