Auth Service Configuration
Auth Service is configured through Helm values and environment variables rendered by the deployment chart.
Required Categories
Section titled “Required Categories”- Server, environment, logging, CORS, and Swagger settings.
- PostgreSQL connection and migration settings.
- API security secrets.
- Identity-provider selection and provider-specific settings.
- Token issuer and refresh-token settings.
- Governance worker service-account settings.
- DID key-management provider settings.
Production Guidance
Section titled “Production Guidance”- Configure exactly one active identity provider.
- Use
auth0,entra, orkeycloakfor standard full-platform deployments. - Use
genericonly when EQTY support has reviewed claim mapping and user-flow behavior. - Use
azure_key_vault,aws_kms, orgcp_kmskey management in production. - Keep
API_SECRET, JWT signing material, and provider credentials secret. - Keep Auth Service public URL and ingress base path aligned with the deployed domain.
- Confirm chart values match the release manifest version.