Settings ¶

The sections below outline in more detail the settings that you either must set or may want to override, and their purpose.

* Asterisk indicates a setting that you must set

App settings ¶

`AGENCY_NAME` ¶

The name of the agency that this server is deployed for

`APP_NAME` ¶

The name set on the Flask app

`DEBUG_MODE` ¶

Value passed as a keyword argument for debug in app.run

`HOST` ¶

Value passed as a keyword argument for host in app.run

`LOG_LEVEL` ¶

The log level used for the server’s logging.

Database settings ¶

Note

See other configurable settings from Flask-SQLAlchemy.

`SQLALCHEMY_DATABASE_URI` ¶

The URI that should be used for database connection.

API settings ¶

These settings configure access to the API endpoints on the server.

`AUTH_HEADER` ¶

The header name that the server expects to see from authenticated/authorized requests.

See the Eligibility API’s documentation on Authentication/Authorization.

`AUTH_TOKEN` ¶

The header value that the server expects to see from authenticated/authorized requests.

See the Eligibility API’s documentation on Authentication/Authorization.

`TOKEN_HEADER` ¶

The header name that the server expects to see for the header containing the Eligibility Verification request token.

Eligibility Verification settings ¶

These settings configure how the server parses, composes, and validates requests and responses according to the Eligibility API specification.

`CLIENT_KEY_PATH` ¶

The path to the Eligibility Verification client’s public key, stored as a PEM text file. Used to verify the client’s request signature, and to encrypt the server’s response.

Can be a path to a local file or a remote URL. For URLs, a simple anonymous GET request is made.

`JWE_CEK_ENC` ¶

The value used for enc in the JOSE header of the JWE.

See the Eligibility API’s documentation on Composing a message.

`JWE_ENCRYPTION_ALG` ¶

The value used for alg in the JOSE header of the JWE.

See the Eligibility API’s documentation on Composing a message.

`JWS_SIGNING_ALG` ¶

The value used for alg in the JOSE header of the JWS

See the Eligibility API’s documentation on Composing a message.

`SERVER_PRIVATE_KEY_PATH` ¶

The path to the server’s private key, stored as a PEM text file. Used to decrypt the client’s request and sign the server’s response.

Can be a path to a local file or a remote URL. For URLs, a simple anonymous GET request is made.

`SERVER_PUBLIC_KEY_PATH` ¶

The path to the public key corresponding to the server’s private key, stored as a PEM text file. Used by clients to encrypt requests sent to this server.

Can be a path to a local file or a remote URL. For URLs, a simple anonymous GET request is made.

`SUB_FORMAT_REGEX` ¶

A regular expression that the request’s sub field must match.

Data settings ¶

`IMPORT_FILE_PATH`* ¶

The path to file containing data to be imported into the server’s database. Must be CSV.

`INPUT_HASH_ALGO` ¶

Must be one of the types available in the hashlib library’s algorithms_available function.

CSV-specific settings ¶

When using a CSV import file, the following variables can be configured:

`CSV_DELIMITER` ¶

Specify a custom delimiter or use the default “,”

`CSV_NEWLINE` ¶

Specify a newline or use the default of “”

`CSV_QUOTECHAR` ¶

Specify a quote character or use the default of none

`CSV_QUOTING` ¶

Default of 3 (no quotes)

These are the possible values for the CSV_QUOTING variable:

csv.QUOTE_MINIMAL: 0 - To be used when the CSV file has quotes around entries which contain special characters such as delimiters, quotechar or any of the characters in lineterminator
csv.QUOTE_ALL: 1 - To be used when all the values in the CSV file are present inside quotation marks
csv.QUOTE_NONNUMERIC: 2 - To be used when the CSV file uses quotes around non-numeric entries
csv.QUOTE_NONE: 3 - To be used when the CSV file does not use quotes around entries

Sentry ¶

`SENTRY_DSN` ¶

Cal-ITP’s Sentry instance collects both errors (“Issues”) and app performance info.

Alerts are sent to #benefits-notify in Slack. Others can be configured.

You can troubleshoot Sentry itself by turning on debug mode and visiting /error/.

Sentry docs

Data Source Name (DSN)

Enables sending events to Sentry.

`SENTRY_ENVIRONMENT` ¶

Sentry docs

environment config value

Segments errors by which deployment they occur in. This defaults to local, and can be set to match one of the environment names.

`SENTRY_TRACES_SAMPLE_RATE` ¶

Sentry docs

traces_sample_rate config value

Control the volume of transactions sent to Sentry. Value must be a float in the range [0.0, 1.0].

The default is 0.0 (i.e. no transactions are tracked).

Settings ¶

App settings ¶

AGENCY_NAME ¶

APP_NAME ¶

DEBUG_MODE ¶

HOST ¶

LOG_LEVEL ¶

Database settings ¶

SQLALCHEMY_DATABASE_URI ¶

API settings ¶

AUTH_HEADER ¶

AUTH_TOKEN ¶

TOKEN_HEADER ¶

Eligibility Verification settings ¶

CLIENT_KEY_PATH ¶

JWE_CEK_ENC ¶

JWE_ENCRYPTION_ALG ¶

JWS_SIGNING_ALG ¶

SERVER_PRIVATE_KEY_PATH ¶

SERVER_PUBLIC_KEY_PATH ¶

SUB_FORMAT_REGEX ¶

Data settings ¶

IMPORT_FILE_PATH* ¶

INPUT_HASH_ALGO ¶

CSV-specific settings ¶

CSV_DELIMITER ¶

CSV_NEWLINE ¶

CSV_QUOTECHAR ¶

CSV_QUOTING ¶

Sentry ¶

SENTRY_DSN ¶

SENTRY_ENVIRONMENT ¶

SENTRY_TRACES_SAMPLE_RATE ¶

`AGENCY_NAME` ¶

`APP_NAME` ¶

`DEBUG_MODE` ¶

`HOST` ¶

`LOG_LEVEL` ¶

`SQLALCHEMY_DATABASE_URI` ¶

`AUTH_HEADER` ¶

`AUTH_TOKEN` ¶

`TOKEN_HEADER` ¶

`CLIENT_KEY_PATH` ¶

`JWE_CEK_ENC` ¶

`JWE_ENCRYPTION_ALG` ¶

`JWS_SIGNING_ALG` ¶

`SERVER_PRIVATE_KEY_PATH` ¶

`SERVER_PUBLIC_KEY_PATH` ¶

`SUB_FORMAT_REGEX` ¶

`IMPORT_FILE_PATH`* ¶

`INPUT_HASH_ALGO` ¶

`CSV_DELIMITER` ¶

`CSV_NEWLINE` ¶

`CSV_QUOTECHAR` ¶

`CSV_QUOTING` ¶

`SENTRY_DSN` ¶

`SENTRY_ENVIRONMENT` ¶

`SENTRY_TRACES_SAMPLE_RATE` ¶