C About the Oracle REST Data Services Configuration Files

The section describes the Oracle REST Data Services configuration files.


C.1 Understanding the Configuration Folder Structure

The configuration folder has the following structure:

+- global/
    +- settings.xml
    +- credentials
    +- wallet/
    +- standalone/
+- databases/
    +- default/
        +- pool.xml
        +- wallet/
    +- myapp/
         +- hostnames
         +- pool.xml
         +- wallet/
    +- myapp2/
         +- paths
         +- pool.xml
         +- wallet/
The global/ folder contains settings that apply across the entire ORDS instance:
  • settings.xml: Contains settings that are configured across the entire ORDS instance. For example: debug.printToScreen=true
  • credentials: The ORDS user password file
  • wallet/: Contains an Oracle auto login wallet that contains the instance wide encryption and mac keys previously stored in security.crypto.enc.password and security.crypto.mac.password configuration settings in defaults.xml.
  • standalone/: Contains standalone mode related resources such as the HTTPS certificate and key.
The databases/ folder contains database pool configurations.
  • Each pool configuration is located in its own folder. The base path url mapping for a pool is inferred from the folder name. If the folder is named foo/, then requests can be mapped to the pool by accessing https://server/ords/foo/...
  • The database pool folder name must only contain lowercase alphabet a-z, digits 0-9, '-', '.' or '_' character.
  • The folder named default/ is reserved and is used to map requests that are not mapped to any other pool. It is equivalent to the apex.xml pool in the old structure.
  • The folder named databases/<pool-name>/wallet/ contains an Oracle auto login wallet that contains the credentials for the database pool. The database username and password must be stored in the wallet. The db.password settings must not be used. The wallet must conform to the requirements for ORDS wallets.
  • Alternatively, the folder may contain a file named hostname or paths, but not both.

C.2 Understanding the Configuration File Format

Configuration files use the standard Java XML properties file format, where each configuration setting contains a key and a corresponding value. The following is an example of settings.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<entry key="db.connectionType">basic</entry>
<entry key="db.hostname">localhost</entry>
<entry key="db.port">1521</entry>
<entry key="db.servicename">orcl</entry>
<entry key="jdbc.DriverType">thin</entry>
<entry key="jdbc.InitialLimit">3</entry>
<entry key="jdbc.MinLimit">1</entry>
<entry key="jdbc.MaxLimit">10</entry>
<entry key="jdbc.MaxStatementsLimit">10</entry>
<entry key="jdbc.InactivityTimeout">1800</entry>
<entry key="jdbc.statementTimeout">900</entry>
<entry key="jdbc.MaxConnectionReuseCount">1000</entry></properties>

C.3 Understanding the Configurable Settings

This section lists the configuration settings for the settings.xml and pool.xml configuration files, and secure settings for the wallet.


  • Oracle recommends users to use the Oracle REST Data Services command-line interface to edit the configuration files.
  • To add or change a Secure setting, you must use the ords config secret command.
  • To add, change, or delete a setting refer to Updating the Configuration Settings section.

    Example: ords config secret db.password

Table C-1 Oracle REST Data Services Configuration Settings

Key Type Description Example Setting Type
apex.security.administrator.roles string Specifies the comma delimited list of additional roles to assign authenticated APEX administrator type users. Not applicable Pool specific
apex.security.user.roles string Specifies the comma delimited list of additional roles to assign authenticated regular APEX users. Not applicable Pool specific
autoupgrade.api.aulocation string specifies a configuration setting for AutoUpgrade.jar location. Not applicable Pool specific
autoupgrade.api.enabled boolean Specifies a configuration setting to enable AutoUpgrade REST API features. Not applicable Pool specific
autoupgrade.api.jvmlocation string Specifies a configuration setting for AutoUpgrade REST API JVM location. Not applicable Pool specific
autoupgrade.api.loglocation string Specifies a configuration setting for AutoUpgrade REST API log location. Not applicable Pool specific
database.api.management.services.disabled boolean Specifies to disable the Database API administration related services. Only applicable when Database API is enabled. Not applicable Global
db.adminUser string Specifies the username for the database account that ORDS uses for administration operations in the database. Not applicable Pool specific
db.cdb.adminUser string Specifies the username for the database account that ORDS uses for the Pluggable Database Lifecycle Management. Not applicable Pool specific
db.credentialsSource string

Specifies the source for database credentials when creating a direct connection for running SQL statements.

Value can be one of pool or request.

If the value is pool, then the credentials defined in this pool is used to create a JDBC connection.

If the value request is used, then the credentials in the request is used to create a JDBC connection and if successful, grants the requestor SQL Developer role.

Default value: pool

Not applicable Pool specific
cache.metadata.graphql.expireAfterAccess duration Specifies the duration after a GraphQL schema is not accessed from the cache that it expires.

Default value: 1 minute

2m Global
cache.metadata.graphql.expireAfterWrite duration Specifies the duration after a GraphQL schema is cached that it expires and has to be loaded again.

Default value: 2 minutes

5m Not applicable
feature.graphql string Specifies which GraphQL features are enabled. Value can be one of: enabled, disable_graphiql or disable_all.
  • If the value is set to enabled, then all the GraphQL features are available.
  • If the value is set to disable_graphiql, then the GraphQL feature is disabled.
  • If the value is set to disable_all, then all the GraphQL features are unavailable.

The default value is enabled.

enabled Pool specific
cache.metadata.jwks.enabled boolean

Specifies the setting to enable or disable JWKS caching.

Supported values:

  • true

  • false

Default value: true

true Global
cache.metadata.jwks.initialCapacity numeric Specifies the initial capacity of the JWKS cache. 10 Global
cache.metadata.jwks.maximumSize numeric Specifies the maximum capacity of the JWKS cache. 10000 Global
cache.metadata.jwks.expireAfterAccess duration Specifies the duration after a JWK is not accessed from the cache that it expires. By default this is disabled. 2m Global
cache.metadata.jwks.expireAfterWrite duration Specifies the duration after a JWK is cached, that is, it expires and has to be loaded again.

Default value: 5 minutes

5m Global
db.invalidPoolTimeout duration

Specifies how long to wait before retrying an invalid pool.

Default value: 15m

Not applicable Global
db.poolDestroyTimeout duration

Indicates how long to wait to gracefully destroy a pool before moving to forcefully destroy all connections including borrowed ones.

Default value: 5m

Not applicable Pool specific
db.wallet.zip string Specifies the wallet archive (provided in BASE64 encoding) containing connection details for the pool. Not applicable Pool specific
db.wallet.zip.path string Specifies the path to a wallet archive containing connection details for the pool. Not applicable Pool specific
db.wallet.zip.service string Specifies the service name in the wallet archive for the pool. Not applicable Pool specific
debug.trackResources boolean Specifies to enable tracking of JDBC resources. If not released causes in resource leaks or exhaustion in the database. Tracking imposes a performance overhead. Not applicable Pool specific
feature.grahpql.max.nesting.depth numeric Specifies the maximum join nesting depth limit for GraphQL queries. Defaults to 5. 10 Global
feature.openservicebroker.exclude boolean Specifies to disable the Open Service Broker services available for the pool. Not applicable Pool specific
feature.sdw boolean Specifies to enable the Database Actions feature. Not applicable Pool specific
http.cookie.filter string Specifies a comma separated list of HTTP Cookies to exclude when initializing an Oracle Web Agent environment. Not applicable Pool specific
instance.api.enabled boolean Specifies the setting to enable or disable the instance API service. The default value is false. true Global / Pool specific
jdbc.auth.admin.role string Identifies the database role that indicates that the database user must get the SQL Administrator role. Not applicable Pool specific
jdbc.cleanup.mode Not applicable Specifies how a pooled JDBC connection and corresponding database session, is released when a request has been processed.

Default value: RECYCLE

Not applicable Pool specific
owa.trace.sql boolean Specifies a boolean property. If it is true, then it causes a trace of the SQL statements performed by Oracle Web Agent to be echoed to the log. Not applicable Pool specific
plsql.gateway.mode string

Indicates if the PL/SQL Gateway functionality should be available for a pool or not.

Value can be one of disabled, direct, or proxied.

  • If the value is direct, then the pool serves the PL/SQL Gateway requests directly.
  • If the value is PLSQL_GATEWAY_CONFIG, view is used to determine the user to whom to proxy.
proxied Pool specific
request.traceHeaderName string

Specifies the name of the HTTP request header that uniquely identifies the request end to end as it passes through the various layers of the application stack. In Oracle this header is commonly referred to as the ECID (Entity Context ID).

Not applicable Global
resource.templates.enabled boolean Deprecated. Configuration property indicating if the legacy resource templates (APEX based REST) should be enabled or not. False by default. The resource-templates code base is not compatible with the single pool (ORDS_PUBLIC_USER) architecture so must be disabled. Not applicable Global
security.jwt.profile.enabled boolean Specifies whether the JWT Profile authentication is available. Supported values:
  • true

  • false

Default value: true

true Pool specific
security.jwks.size numeric Specifies the maximum number of bytes read from the JWK url.

Default value: 100000 bytes

100000 Pool specific
security.jwks.connection.timeout duration Specifies the maximum amount of time before timing-out when accessing a JWK url.

Default value: 5 seconds

5s Pool specific
security.jwks.read.timeout duration Specifies the maximum amount of time reading a response from the JWK url before timing-out.

Default value: 5 seconds.

5s Pool specific
security.jwks.refresh.interval duration Specifies the minimum interval between refreshing the JWK cached value. 10s Pool specific
security.jwt.allowed.skew duration Specifies the maximum skew the JWT time claims are accepted. This is useful if the clock on the JWT issuer and ORDS differs by a few seconds. By default, it is disabled. 10s Pool specific
security.jwt.allowed.age duration Specifies the maximum allowed age of a JWT in seconds, regardless of expired claim. The age of the JWT is taken from the JWT issued at claim. By default, it is disabled. 1h Pool specific
security.credentials.attempts numeric Specifies the maximum number of unsuccessful password attempts allowed. Enabled by setting a positive integer value.

Defaults to -1.

3 Global
security.credentials.file string Specifies the file where credentials are stored. Not applicable Global
security.credentials.lock.time duration Specifies the period to lock the account that has exceeded maximum attempts.

Defaults to 10m (10 minutes)

15m Global
security.validationFunctionType string Indicates the type of security.requestValidationFunction: javascript or plsql.

Defaults to plsql.

Not applicable Pool specific
standalone.access.log string Specifies the path to the folder to store HTTP request access logs. If not specified, then no access log is generated. Not applicable Global
standalone.binds string Specifies the comma separated list of host names or IP addresses to identify a specific network interface on which to listen.

Default value:

Not applicable Global
standalone.context.path string Specifies the context path where ords is located. Defaults to /ords Not applicable Global
standalone.doc.root string Points to the location where static resources tto be served under the / root server path are located. Not applicable Global
standalone.http.port numeric Specifies the HTTP listen port.

Default value: 8080

8777 Global
standalone.https.cert string Specifies the SSL certificate path. If you are providing the SSL certificate, then you must specify the certificate location. Not applicable Global
standalone.https.cert.key string Specifies the SSL certificate key path. If you are providing the SSL certificate, you must specify the certificate key location. Not applicable Global
standalone.https.host string Specifies the SSL certificate hostname. Not applicable Global
standalone.https.port numeric Specifies the HTTPS listen port.

Default value: 8443

Not applicable Global
standalone.static.context.path string Specifies the Context path where APEX static resources are located.

Default value: /i

Not applicable Global
standalone.static.path string Specifies the path to the folder containing static resources required by APEX. Not applicable Global
standalone.stop.timeout duration Specifies the period for Standalone Mode to wait until it is gracefully shutdown.

Default value: 10s (10 seconds)

15s Global



This parameter is deprecated, instead use owa.docTable parameter.


Pool specific


Specifies the setting to determine for how long a metadata record remains in the cache. Longer duration means, it takes longer to view the applied changes.

The formats accepted are based on the ISO-8601 duration format.

Default value: 1s (1 second)

5m Global


Specifies the setting to enable or disable metadata caching.

Supported values:

  • true

  • false

Default value: true

false Global


Specifies whether the Database API is enabled.

Supported values:

  • true

  • false

Default value: false

Not applicable Global



The type of connection. Supported values:

  • basic

  • tns

  • customurl


Pool specific



Specifies the JDBC URL connection to connect to the database.

jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP) (HOST=myhost)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ora111.example.com)))

Pool specific



Specifies the host system for the Oracle database.


Pool specific



Specifies the password of the specified database user

Not applicable Pool specific secure setting



Specifies the database listener port.


Pool specific
db.adminUser.password string Specifies the password for the database account that ORDS uses for administration operations in the database. Not applicable Pool specific secure setting
db.cdb.adminUser.password string Specifies the password for the database account that ORDS uses for the Pluggable Database Lifecycle Management. Not applicable Pool specific secure setting



Specifies the network service name of the database.


Pool specific



Specifies that the pool points to a CDB, and that the PDBs connected to that CDB should be made addressable by Oracle REST Data Services (see Making All PDBs Addressable by Oracle REST Data Services (Pluggable Mapping)).


Pool specific



Specifies the name of the database.


Pool specific



Specifies the TNS alias name that matches the name in the tnsnames.ora file.


Pool specific



The directory location of your tnsnames.ora file.


Pool specific



Specifies the name of the database user for the connection.


Pool specific



Specifies whether to display error messages on the browser.

Supported values:

  • true

  • false

Default value: false


error.responseFormat string Specifies how the HTTP error responses must be formatted.

Supported values:

  • html - Force all responses to be in HTML format
  • json - Force all responses to be in JSON format
  • auto - Automatically determines most appropriate format for the request (default).
json Global



Specifies the path to a folder that contains the custom error page.





Specifies the Internet Content Adaptation Protocol (ICAP) port to virus scan files.

Either icap.port or icap.secure.port are required to have a value.




Specifies the Internet Content Adaptation Protocol (ICAP) port to virus scan files.

Either icap.port or icap.secure.port are required to have a value.

If values for both icap.port and icap.secure.port are provided, then the value of icap.port is ignored.

1344 Global



Specifies the Internet Content Adaptation Protocol (ICAP) server name or IP address to virus scan files.

The icap.server is required to have a value.





Specifies the JDBC driver type. Supported values:

  • thin

  • oci8

Default value: thin


Pool specific



Specifies how long an available connection can remain idle before it is closed. The inactivity connection timeout is in seconds.

Defaults to 1800.


Pool specific



Specifies the initial size for the number of connections that will be created.

Defaults to 10. (The default is low, and should probably be set higher in most production environments.)


Pool specific



Specifies the maximum number of times to reuse a connection before it is discarded and replaced with a new connection.

Defaults to 1000.


Pool specific



Specifies the maximum number of connections.

Defaults to 10. (Might be too low for some production environments.)


Pool specific



Specifies if the PL/SQL Gateway calls can be authenticated using database users. If the value is true then this feature is enabled. If the value is false, then this feature is disabled. The default value is false. Oracle recommends not to use this feature. This feature used only to facilitate customers migrating from mod_plsql.


Pool specific



Specifies the maximum number of statements to cache for each connection.

Defaults to 10.


Pool specific



Specifies the minimum number of connections.

Defaults to 2.


Pool specific



Specifies a timeout period on a statement.

An abnormally long running query or script, executed by a request, may leave it in a hanging state unless a timeout is set on the statement. Setting a timeout on the statement ensures that all the queries automatically timeout if they are not completed within the specified time period.

Defaults to 900.


Pool specific



Specifies whether procedures are to be logged.

Supported values:

  • true

  • false

Default value: false





Specifies the default page to display. The Oracle REST Data Services Landing Page.


Pool specific



Specifies the maximum number of rows that will be returned from a query when processing a RESTful service and that will be returned from a nested cursor in a result set. Affects all RESTful services generated through a SQL query, regardless of whether the resource is paginated.

Defaults to 10000.


Pool specific



Specifies the name of the document table used by the file upload.



For APEX 4.x and above this parameter should not be used.


Pool specific



Specifies the procedure name(s) to execute after executing the procedure specified on the URL. Multiple procedure names must be separated by commas.


Pool specific



Specifies the procedure name(s) to execute prior to executing the procedure specified on the URL. Multiple procedure names must be separated by commas.


Pool specific



Specifies the function to be invoked prior to dispatching each Oracle REST Data Services based REST Service. The function can perform configuration of the database session, perform additional validation or authorization of the request.

The function is invoked only after authorization has been granted to a protected resource.

If the function returns true, then processing of the request continues. If the function returns false, then processing of the request is aborted and an HTTP 403 Forbidden status is returned.

If authorization to the protected resource fails, the pre-hook function is not invoked. Instead, ORDS returns an HTTP 401 Unauthorized Response status code.


Pool specific



If this value is set to true, then the Oracle REST Data Services internal exclusion list is not enforced.

Note: The Oracle REST Data Services internal exclusion list blocks the users from accessing the following:
  • sys.*
  • dbms_*
  • utl_*
  • owa_*
  • owa.*
  • htp.*
  • htf.*
  • wpg_docload.*

Supported values:

  • true

  • false

Default value: false

Oracle recommends that you do not set this value to true. That is, do not disable the default internal exclusion list. The only possible exception is temporarily disabling the internal exclusion list for debugging purposes.





Specifies a pattern for procedures, packages, or schema names which are forbidden to be directly executed from a browser.

Procedure names can contain the wildcard characters asterisk (*) or question mark (?). Use an asterisk (*) to substitute zero or more characters and a question mark (?) to substitute for any one character.

Note: Separate multiple patterns using commas.

customer_account,bank*, employe?




Specifies a pattern for procedures, packages, or schema names which are allowed to be directly executed from a browser.

Procedure names can contain the wildcard characters asterisk (*) or question mark (?). Use an asterisk (*) to substitute zero or more characters and a question mark (?) to substitute for any one character.

Note: Separate multiple patterns using commas.

apex, p, v, f, wwv_*, y*, c*




Specifies the maximum number of cached procedure validations. Defaults to 2000. Set this value to 0 to force the validation procedure to be invoked on each request.





Specifies an authentication function to determine if the requested procedure in the URL should be allowed or disallowed for processing. The function should return true if the procedure is allowed; otherwise, it should return false. If it returns false, Oracle REST Data Services will return WWW-Authenticate in the response header.


Pool specific



Specifies a validation function to determine if the requested procedure in the URL should be allowed or disallowed for processing. The function should return true if the procedure is allowed; otherwise, return false.


Pool specific



Specifies whether HTTPS is available in your environment.

Supported values:

  • true

  • false

Default value: true

If you change the value to false, see Using OAuth2 in Non-HTTPS Environments.





When using the SODA REST API, specifies the default number of documents returned for a GET request on a collection when a limit is not specified in the URL. Must be a positive integer, or "unlimited" for no limit.

Defaults to 100.


Pool specific



When using the SODA REST API, specifies the maximum number of documents that will be returned for a GET request on a collection URL, regardless of any limit specified in the URL. Must be a positive integer, or "unlimited" for no limit.

Defaults to 1000.


Pool specific



Specifies whether the REST-Enabled SQL service is active. Supported values:
  • true

  • false

Default value: false


Pool specific