Skip to content

Auth Service Configuration

Auth Service is configured through Helm values and environment variables rendered by the deployment chart.

  • Server, environment, logging, CORS, and Swagger settings.
  • PostgreSQL connection and migration settings.
  • API security secrets.
  • Identity-provider selection and provider-specific settings.
  • Token issuer and refresh-token settings.
  • Governance worker service-account settings.
  • DID key-management provider settings.
  • Configure exactly one active identity provider.
  • Use auth0, entra, or keycloak for standard full-platform deployments.
  • Use generic only when EQTY support has reviewed claim mapping and user-flow behavior.
  • Use azure_key_vault, aws_kms, or gcp_kms key management in production.
  • Keep API_SECRET, JWT signing material, and provider credentials secret.
  • Keep Auth Service public URL and ingress base path aligned with the deployed domain.
  • Confirm chart values match the release manifest version.