B Oracle Mobile Cloud Service Environment Policies
This chapter lists the policies that you can configure for each of your environments (such as Development, Staging, and Production) in Oracle Mobile Cloud Service (MCS). Policies control a variety of things, including logging level, password expiration times, means for restricting user access, and proxies. Policies can affect all artifacts of a specific type within a particular environment when applied at the environment level, or they can affect an individual artifact in the environment in which the policies are set.
Note:
The scope value shown is the narrowest level at which the property can be set.See Environments and Team Members to learn about environments and environment policies.
Environment Policies and Their Values
Environment policies determine the behavior of various aspects of Oracle Mobile Cloud Service (MCS). If you’re a mobile cloud administrator, you can view and modify the environment policies in the policies.properties
file by exporting the file for a specific environment from the Administration page or by exporting the file when deploying an artifact. See Environment Policies.
Policy | Description | Type | Default Value | Scope / Affects |
---|---|---|---|---|
|
Enables or disables automatic API call analytics event collection. |
Boolean |
true |
Scope: Environment Affects: Analytics |
|
Enables or disables database compact shrink during the automatic deletion of analytics API call data set by |
Boolean |
false |
Scope: Environment Affects: Analytics |
|
Determines how many days analytics API call raw event data is retained in the database. |
Integer |
1 |
Scope: Environment Affects: Analytics |
|
Controls whether or not Draft or Published artifacts in the trash can be purged. Valid values are:
|
String |
All |
Scope: Environment Affects: Realm, Mobile Backend, Custom API, API Implementation, Connector, and Collection |
|
Controls whether or not Draft or Published artifacts can be moved to the trash. Valid values are:
|
String |
All |
Scope: Environment Affects: Realm, Mobile Backend, Custom API, API Implementation, Connector, and Collection |
|
Controls whether or not Draft or Published artifacts can be restored from the trash. Valid values are:
|
String |
All |
Scope: Environment Affects: Realm, Mobile Backend, Custom API, API Implementation, Connector, and Collection |
|
Sets the default version for all newly created assets. |
String |
1.0 Note: Generally, the default value should be used. |
Scope: Environment Affects: all artifacts that have versions |
|
Sets the default Node.js configuration used by the API implementation ( custom code). Valid values are:
For the related JavaScript library versions, see What's the Foundation for the Custom Code Service?. |
String |
0.10 for MCS upgrades. 6.10 for new instances of MCS. |
Scope: Environment Affects: Custom Code |
|
Determines whether to log the body of a request in custom code. Bodies will be logged in the following circumstances:
|
Boolean |
false |
Scope: Mobile Backend Affects: Custom Code |
|
Sets the maximum number of characters to log if the custom code is logging the request body. |
Integer |
512 |
Scope: Mobile Backend Affects: Custom Code |
|
Maximum one minute average load per processor (in nodejs: When the load per processor exceeds this threshold:
|
Double |
1 |
Scope: Environment Affects: Custom Code |
|
Minimal megabytes of free memory (in nodejs: When free memory is below this threshold:
|
Integer |
256 |
Scope: Environment Affects: Custom Code |
|
Determines whether or not to send the stack trace from Node.js with the REST response from the custom code container indicating that there is a code problem. |
Boolean |
false |
Scope: Mobile Backend Affects: Custom Code |
|
Stores the endpoint URL of the particular connector instance. Set this policy when deploying to another environment by uncommenting the policy. |
String |
There is no default value for this policy. The initial value is set when the connector is created. |
Scope: Connector Affects: Connectors |
|
Identifies the JSON document representing connections to each configured ICS instance. |
String |
null |
Scope: Environment Affects: ICS Connector |
|
Controls whether the Database API can create, alter, or drop tables implicitly ( Setting this policy to Setting the policy to Setting this policy to |
String |
allow |
Scope: Environment Affects: Database Service |
|
Sets the maximum number of rows that can be returned by a single database query. |
Integer |
1000 |
Scope: Environment Affects: Database Service |
|
Sets the number of seconds to wait for a database query to return before canceling it. |
Integer |
20 |
Scope: Environment Affects: Database Service |
|
Sets the threshold for the average time spent servicing a request. If the average time spent servicing a request equals or exceeds this threshold, then the health of the system is considered severe (red). Set this value higher than the one set for the |
Double |
6000.0 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold for the average time spent servicing a request. If the time spent servicing a request equals or exceeds this threshold, then the health of the system is considered adverse (amber). |
Double |
3000.0 |
Scope: Environment Affects: Administration Console |
|
Creates a list of headers that shouldn’t be logged with each API request in the API History log file. |
String |
Authorization header, cookie name |
Scope: Environment Affects: Administration Console |
|
Sets the threshold for the number of long-running requests. If the number of long-running requests exceeds this threshold, then the system health is considered severe (red). Set this value higher than the one set for the |
Integer |
10 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold for the number of long-running requests. If the number of long-running requests exceeds this threshold, then the system health is considered adverse (amber). A long-running request to an endpoint server has a duration that’s greater than (or equal to) 8 seconds (8000 ms). |
Integer |
0 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold for the amount of time spent on a request to an endpoint server. If a request to an endpoint server has a duration that is greater than (or equal to) 8 seconds (8000 ms), then it's considered a long-running request. |
Integer |
8000 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold of the proportion of pending requests. If the proportion of pending requests (which is expressed as a percentage) equals or exceeds this threshold, then the system health is considered severe (red). The value should be higher than the one set for the |
Double |
30 Generally, the default value should be used. |
Scope: Environment Affects: Administration Console |
|
Sets the threshold of the proportion of pending requests. If the proportion of pending requests (which is expressed as a percentage) equals or exceeds this threshold, then the system health is considered adverse (amber). Pending requests represent the ratio of in-flight requests to the number of active requests, successful requests, and failed requests within the last minute. |
Double |
15 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold of the proportion of failed requests. If the number of failed requests (including unserviceable requests) equals or exceed this threshold, then the system health is considered severe (red). The value should be higher than the one set for the |
Integer |
10 |
Scope: Environment Affects: Administration Console |
|
Sets the threshold of the proportion of failed requests. If the number of failed requests (including unserviceable requests) equals or exceeds this threshold, then the system health is considered adverse (amber). |
Integer |
0 |
Scope: Environment Affects: Administration Console |
|
Sets the logging level. |
Integer |
800 |
Scope: Mobile Backend Affects: Custom APIs, Storage |
|
Sets the amount of time spent in milliseconds (ms) connecting to the remote URL. The value should be less than the value of Set this policy when deploying to another environment by uncommenting the policy. |
Integer |
There is no default value for this policy. The initial value is set when the connector is created. |
Scope: Environment, Mobile Backend, Connector, Fully-Qualified Connector Affects: Connectors |
|
Controls the behavior of
|
String |
For environments that were provisioned before 18.2.3, the default is |
Scope: Environment Affects: Connectors |
|
Sets the maximum time (in milliseconds) spent waiting to read data. The value should be less than the value of Set this policy when deploying to another environment by uncommenting the policy. |
Integer |
There is no default value for this policy. The initial value is set when the connector is created. |
Scope: Environment, Mobile Backend, Connector, Fully-Qualified Connector Affects: Connectors |
|
Sets the amount of time in milliseconds (ms) on an HTTP request before it times out. Set this policy when deploying to another environment. |
Integer |
40,000 ms |
Scope: Environment Affects: Custom APIs |
|
Defines the threshold level (percentage) of messages sent successfully without returning an error. If the proportion of messages accepted by the service provider is below the threshold, then a warning is displayed. The default value is 70.0 (70%). Set this policy per environment as needed. |
Double |
70.0 Note: For testing purposes only, consider setting this value to 100.0 (100%). |
Scope: Environment Affects: Notifications |
|
Determines which core service to use to resolve the API request. For connectors, set this policy when deploying to another environment by uncommenting the policy. |
String |
There is no default value for this policy. |
Scope: API Affects: Custom APIs, Connectors |
|
Resolves the API request to a mock service instead of the implementation that’s bound to the API. |
Boolean |
false Note: Do not modify this policy. |
Scope: Fully-Qualified API Affects: Mobile Backends, Custom APIs |
|
Specifies the default implementation for the initially created API (that is, the mock service). |
String |
MockService/1.0 Note: Do not modify this policy. |
Scope: Environment Affects: Custom APIs |
|
Reroutes mobile API calls made to a mobile backend to the target mobile backend specified. Allows backend fixes (fixes that require a new mobile backend) to be delivered to the mobile app without requiring the mobile app to be recompiled. |
String |
There is no default value for this policy. |
Scope: Mobile Backend Affects: Dispatcher |
|
Enables Cross Origin Resource Sharing (CORS) from HTML5 clients on an external domain. Supported values are:
The wildcard character, *, can be used when providing URL values. However, there are rules for its use. See Securing Cross-Site Requests to MCS APIs for detailed information. |
String |
disallow Note: When dealing with browser-based applications, it’s highly recommended that cross-site access to MCS APIs either be restricted completely, or be restricted to trusted origins where legitimate applications are known to be hosted to prevent vulnerability to cross-site attacks (e.g., Cross-Site Request Forgery). |
Scope: Environment Affects: All cross origin calls to a given environment |
|
Provides a configuration to integrate with third-party identify providers through which mobile app users can authenticate. See JWT Tokens and Virtual Users. |
JSON object |
Scope: Environment Affects: Security |
|
|
Sets a storage collection to allow anonymous access. For each storage collection listed in the policy, anonymous read and write access will be allowed, provided that the correct anonymous access key is defined in the request headers. Specifying ' |
A comma-separated list of storage collections following this pattern:
|
No default value |
Scope: Storage collections Affects: The collections and versions listed in the policy |
|
Provides a means for browsers to access the server whitelist headers. By default, Cross Origin Resource Sharing (CORS) disallows accessing returned headers by the browser. Applies to HTML5 clients accessing a given resource from an external domain. |
String |
"" Indicates that no response headers are to be exposed to the browser. |
Scope: Environment Affects: All cross origin calls to a given environment |
|
Stores identity providers configuration. |
String |
Facebook identity provider configuration |
Scope: Environment Affects: Security |
|
Disables the SSL host name verification. To be applied to connectors (in development environments) that call outbound services using SSL certificates with an invalid or incomplete hostname. |
Boolean |
false |
Scope: Environment Affects: REST, SOAP, ICS, and Fusion Applications Connectors |
|
Sets the security policy used for outbound security. For connectors, set this policy when deploying to another environment by uncommenting the policy. |
Object |
There is no default value for this policy. The initial value is set when the connector is created. |
Scope: Connector Affects: Connectors |
|
Lists the URL patterns for the SSO |
String |
disallow |
Scope: Environment, Mobile Backend Affects: SSO Token Relay |
|
Defines the policy that governs the expiration time for MCS-issued tokens generated as a result of token exchange. Valid values are:
|
String |
|
Scope: Environment Affects: SSO Token Exchange |
|
Sets the token expiration time for SSO login. |
Integer |
216000 s |
Scope: Environment Affects: SSO Token Relay |
|
Specifies a list of the TLS/SSL protocols that should be used for the outbound connection for the specific connector. By default, only TLSv1.1 and TLSv1.2 protocols are used for outbound connections. This property can be used to override the system defaults so that connections can be established to legacy systems that don't support new versions of TLS/SSL. Caution: Use this property carefully as older protocols are more vulnerable to security exploits. Valid value is a comma separated list of the TLS/SSL protocols. Note that extra spaces around the protocol names are ignored. For example, TLSv1, TLSv1.1, TLSv1.2. Supported protocols are: SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2. |
String |
No default value |
Scope: Connectors, Fully-qualified Connectors Affects: All Connectors |
|
Sets the default amount of time that data requested by a mobile app from a storage collection remains in the local cache that’s used by the Synchronization library. |
Integer |
86400 s Set this policy per environment as needed. |
Scope: Environment Affects: Storage |
|
Controls how spaces in query parameters of a URL are encoded. If set to true encodes spaces as |
Boolean |
false |
Scope: Connector Affects: REST Connector |
|
Indicates if the user schema can be augmented when unknown properties are part of the user data. This is used when users are imported into a realm or when a user is being updated. The properties defining the user that aren’t already defined as user properties are automatically added before importing the users. It isn’t possible to augment the user schema when the call is coming from the platform API, regardless of the policy. Set this policy at the environment level. |
Boolean |
Development environment: True Staging and Production environments: False |
Scope: Environment Affects: Mobile User Management |
|
Indicates the default user realm. This is used when creating a new mobile backend. The associated user realm is the one specified by this policy. You can reference only an existing realm. Set this policy at the environment level. |
String |
1.0 |
Scope: Environment Affects: Mobile User Management |