Configuration File

Path of Configuration File

Production environment: /usr/local/janusec/config.json
Development environment: ./config.json

Configuration Items

The following is based on Janusec Application Gateway V0.9.9, and use // as comment, please delete // comment before using it.

    "node_role": "primary",            // "primary" for primary node, "replica" for replica nodes
    "primary_node": {                  // keep empty for replica nodes
        "admin": {                    // Administrator portal
            "listen": true,           // Listen on new ports for admin portal
            "listen_http": ":9080",   // Format :port or IP:Port,when listen is true, http://IP:9080/janusec-admin/ is available
            "listen_https": ":9443",  // Format :port or IP:Port,when listen is true, https://any_application_domain:9443/janusec-admin/ is available
            "portal": "",   // admin portal, used for OAuth callback, if listen is false, remove colon and port number
            "webssh_enabled": false   // Web SSH Operation permitted when it is true
        "database": {                 // PostgreSQL 9.3+
            "host": "",      // PostgreSQL IP Address
            "port": "5432",           // PostgreSQL Port, 5432
            "user": "postgres",       // PostgreSQL user
            "password": "123456",     // PostgreSQL password, less than 32bit
            "dbname": "janusec"       // PostgreSQL database name
        "oauth": {                    // OAuth2
            "enabled": false,         // true: Enable LDAP or OAuth2 Authentication
            "provider": "wxwork",     // ldap (LDAP), wxwork(WeChat Work), dingtalk(DingTalk), feishu(Feishu)
            "wxwork": {               // WeChat Work
                "display_name": "Login with WeChat Work",     
                // Only http/https and domain changable, don't use port number
                "callback": "",  
                // Get form
                "corpid": "wwd03be1f8",  
                // Create Application "JANUSEC" at 
                "agentid": "1000002",  
                // Secret                             
                "corpsecret": "BgZtz_hssdZV5em-AyGhOgLlm18rU_NdZI"  
                // Note:Authorized Callback domian should be configured. 
            "dingtalk": {             // DingTalk
                "display_name": "Login with DingTalk", 
                "callback": "", 
                "appid": "dingoa8xvc",
                "appsecret": "crrALdXUIj4T0zBekYh4u9sU_T1GZT"
            "feishu": {
                "display_name": "Login with Feishu",
                "callback": "",
                "appid": "cli_9ef21d00e",
                "appsecret": "ihUBspRAG1PtNdDLUZ"
                // Create application JANUSEC is required
                // "Secure Domain"-"Redirect URL" is required, example: "" 
            "ldap": {
                "display_name": "Login with LDAP",
                // change the entrance, replace the domain
                "entrance": "",
                // change the ldap server with domain:port  
                "address": "",
                // keep the {uid}
                // Enable Authenticator (Google Authenticator or Microsoft Authenticator)
                "authenticator_enabled": false
    "replica_node": {      // for replica nodes
        // copy from the node management
        "node_key": "",  
        // If listen is true, IP:Port is required.
        // If https is required, it need a seperate domain for primary node, and an empty applicaiton should be configured, destination may be which not used.
        "sync_addr": ""
©JANUSEC All Rights Reserved.      Contact:    QQ Group: 776900157