This page described all the properties that can be set for the runtime.

The message properties are not in these lists because of the self explanatory properties in these files (default and language variants) and the sheer amount of them.

But to give you an idea, here is an example of a messages*.properties file: messages_en-GB.properties.

All properties

Subject	Property	Default	Explanation	Property file	Additional information
Aggregates	blueriq.customerdata-client.list.record.limit	10	Maxiumum results of the search.	`application.properties`
	blueriq.customerdata-client.url		Url for the customerdata service	`application.properties`
	blueriq.customerdata-client.username		Username used for authentication against the customerdata service	`application.properties`
	blueriq.customerdata-client.password		Password used for authentication against the customerdata service	`application.properties`
	blueriq.customerdata-client.preemptive-authentication	true	Use preemptive authentication	`application.properties`	since 11.8
	blueriq.customerdata-client.http.socket-timeout	120 (seconds)	Time waiting for data – after establishing the connection; maximum time of inactivity between two data packets	`application.properties`	Note: exception thrown can still cause data changes on Customer Data Service side, because connection has been established. https://hc.apache.org/httpclient-legacy/preference-api.html
	blueriq.customerdata-client.http.connection-timeout	10 (seconds)	Time to establish the connection with the remote host	`application.properties`	https://hc.apache.org/httpclient-legacy/preference-api.html
	blueriq.customerdata-client.http.connection-request-timeout	10 (seconds)	Time to wait for a connection from the connection manager/pool	`application.properties`	https://hc.apache.org/httpclient-legacy/preference-api.html

Subject	Property	Default	Explanation	Property file
Service call type: AQ_MailService	blueriq.mail.dkim.domain_alias.name		Specifies the domain name for dkim.	`application.properties`
	blueriq.mail.dkim.domain_alias.enabled	false	Enable/disable dkim.	`application.properties`
	blueriq.mail.dkim.domain_alias.selector		Specifies the DNS selector for dkim.	`application.properties`
	blueriq.mail.dkim.domain_alias.private-key-file		Specify the path to the private key file used for dkim in signing email messages.	`application.properties`

Properties

Subject	Property	Default	Explanation	Property file
Cluster	blueriq.session.session-manager		Configures the type of session manager used. The session manager can be 'memory', 'external' or a custom implemented bean.	`application.properties`
Cluster	blueriq.session.request-ward-enabled	false	Toggle to enable request wards	`application.properties`

Messages

Subject	Key	Explanation
Cluster	request-ward.invalid.title	The title of the error message when request ward validation fails
Cluster	request-ward.invalid.message	The error message when request ward validation fails

Subject	Property	Explanation
CMIS	blueriq.cmis.user	The username needed for the cmis connection.	`application-cmis-client.properties`
	blueriq.cmis.password	The password needed for the cmis connection.	`application-cmis-client.properties`
	blueriq.cmis.services-url	The serviceURL of the cmis connection.	`application-cmis-client.properties`
	blueriq.cmis.repository-id	The repository on the filesystem the cmis connection connects to.	`application-cmis-client.properties`
	blueriq.cmis.objectType-id	The kind of objectType the file is.	`application-cmis-client.properties`
	blueriq.cmis.binding-type	The type of communication you desire. Currently the only supported value is `atompub`	`application-cmis-client.properties`
	blueriq.cmis.read-timeout	The number of milliseconds within which a call to the CMIS URL needs to get a response.	`application-cmis-client.properties`
	blueriq.cmis.connection-timeout	The number of milliseconds within which the CMIS Server needs accept the connection.	`application-cmis-client.properties`
	blueriq.cmis.authProviderClassName	The classname of the authProvider	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.ks.fileUrl	URL pointing to key store containing RSA private/public keys for JWT signing	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.ks.password	Key store password	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration. jwt.ks.blueriqKeyAlias	Alias of key that Blueriq should use for JWT signing	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration. jwt.ks.blueriqKeyPassword	Password for key that Blueriq should use for JWT signing	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.claims.iss	Standard 'issuer' claim to put in Json Web token	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.claims.aud	Standard 'audience' claim to put in Json Web token	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.claims.sub	Standard 'subject' claim to put in Json Web token	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration.jwt.claims.idp	Custom claim to put in Json Web token	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration. jwt.blueriqUser.id.claimName	JWT claim name to put the Blueriq user id in	`application-cmis-client.properties`
	blueriq.cmis.authProviderConfiguration. jwt.cmisConnector.id.claimName	JWT claim name to put the CMIS connector id in	`application-cmis-client.properties`

Subject	Property	Explanation
Connections	blueriq.connection.sessionHeaders	A comma-separated list of HTTP header names, stored through the blueriq.session.headers property, that should be put on outgoing requests for all HTTP and SOAP connections. More info here.	`application.properties`	@since 11.6
	blueriq.connection.header.[headerName]	Key-value pairs of HTTP headers that should be put on all outgoing REST and SOAP requests.	`application.properties`	@since 14.11
	blueriq.connection.timeout	Default global timeout in milliseconds to use for all outgoing HTTP requests (SOAP, REST or CMIS) when no other timeout was specified on the specific connection configuration. The value of 0 means there is no global timeout. Default is 5000 milliseconds (5 seconds). When a negative number is configured, or this property is not configured at all, this value will fallback to the default.	`application.properties`	@since 15.0 The default value changed from 15000 to 5000 ms in Blueriq 17.0
	blueriq.connection.[name].sql.type	The type of sql connection (ie. jdbc)	`application.properties`
	blueriq.connection.[name].sql.url	The url of the datasource which should be connected to.	`application.properties`
	blueriq.connection.[name].sql.driver	The driver that needs to be used to connect to the datasource	`application.properties`
	blueriq.connection.[name].sql.username	The username to login to the datasource	`application.properties`
	blueriq.connection.[name].sql.password	The password to login to the datasource	`application.properties`
	blueriq.connection.[name].filesystem.path	The path of the filesystem	`application.properties`
	blueriq.connection.[name].memory	Name of a memory connection.	`application.properties`
	blueriq.connection.[name].http.url	The URL of the REST web service.	`application.properties`
	blueriq.connection.[name].http.username	The username for basic authentication.	`application.properties`
	blueriq.connection.[name].http.password	The password for basic authentication.	`application.properties`
	blueriq.connection.[name].http.sessionHeaders	A comma-separated list of HTTP header names, stored through the blueriq.session.headers property, that should be put on outgoing requests for this connection. Overrides blueriq.connection.sessionHeaders. More info here.	`application.properties`	@since 11.6
	blueriq.connection.[name].http.header.[headerName]	Key-value pairs of HTTP headers that should be put on outgoing REST requests for this connection. Overrides blueriq.connection.header	`application.properties`	@since 14.11
	blueriq.connection.[name].http.timeout	The timeout in milliseconds. The value of 0 means there is no timeout. When a negative number is configured this value will fallback to the global default.	`application.properties`
	blueriq.connection.[name].http.authentication	If the Runtime authentication is set to openid-connect, then setting this property to 'openid-connect' will make the webservice send along a bearer Authorization header. Since Blueriq 16.3, if the Runtime authentication is set to jwt, then setting this property to 'jwt' will make the webservice send along a bearer Authorization header. Since Blueriq 17.0 Spring Security is used for defining OAuth2 connections, set this property to 'oauth2' when using oauth2. Define an Client Registration for OAuth 2 via Spring Security and set it on the connection. For an example see Release 17.0 Upgrade Instructions	`application.properties`
	blueriq.connection.[name].http.oauth2-client-registration	The name of the OAuth2 Client Registration defined in the properties or yaml file with Spring Security. (required when using oauth2)	`application.properties`	@since 17.0
	blueriq.connection.[name].soap.url	The URL of the SOAP web service.	`application.properties`
	blueriq.connection.[name].soap.username	The username for basic authentication.	`application.properties`
	blueriq.connection.[name].soap.password	The password for basic authentication.	`application.properties`
	blueriq.connection.[name].soap.interceptors	A comma separate list of security interceptors (defined using the blueriq.soap.interceptors.security.* properties, see WS-Security)	`application.properties`
	blueriq.connection.[name].soap.timeout	The timeout in milliseconds.	`application.properties`
	blueriq.connection.[name].soap.sessionHeaders	A comma-separated list of HTTP header names, stored through the blueriq.session.headers property, that should be put on outgoing requests for this connection. Overrides blueriq.connection.headers. More info here.	`application.properties`	@since 11.6
	blueriq.connection.[name].soap.header.[headerName]	Key-value pairs of HTTP headers that should be put on outgoing SOAP requests for this connection. Overrides blueriq.connection.header	`application.properties`	@since 14.11
	blueriq.connection.[name].email.smtp	The hostname of the SMTP server.	`application.properties`
	blueriq.connection.[name].email.smtpport	The port of the SMTP server.	`application.properties`
	blueriq.connection.[name].email.username	The username to use when connecting to the SMTP server.	`application.properties`
	blueriq.connection.[name].email.password	The password to use when connecting to the SMTP server.	`application.properties`
	blueriq.connection.[name].email.usetls	Indicates if the SMTP server should be contacted using TLS.	`application.properties`
	blueriq.connection.[name].email.fromaddress	An email address from which to send the email.	`application.properties`
	blueriq.connection.[name].email.toaddress	An email address to which to send the email.	`application.properties`
	blueriq.connection.[name].email.ccaddresses	Addresses to put in cc.	`application.properties`
	blueriq.connection.[name].email.bccaddresses	Addresses to put in bcc.	`application.properties`
	blueriq.connection.[name].resource.path	Defines a path to a resource.	`application.properties`
	blueriq.connection.[name].external-flow.project	The REQUIRED name of the project that contains the flow to be started	`application.properties`
	blueriq.connection.[name].external-flow.version	The REQUIRED version of the project that contains the flow to be started, e.g. 0.0-Trunk	`application.properties`
	blueriq.connection.[name].external-flow.flow	The REQUIRED name of the flow to be started	`application.properties`
	blueriq.connection.[name].external-flow.channel	The OPTIONAL name of the channel be started	`application.properties`
	blueriq.connection.[name].external-flow.baseurl	The OPTIONAL URL of the external host where the target project is on (if omitted the same server is assumed).	`application.properties`

For the Blueriq Runtime there are two types of datasources that you can define in your properties: jndidatasources or externaldatasources. You can only enable one type by providing the type in the property spring.profiles.active.

Datasource configuration for the Customerdata Service can be found here: Customerdata service

Subject	Property	Default	Explanation	Property file spring.profiles.active= `externaldatasources`	Property file spring.profiles.active= `jndidatasources`
Datasources	blueriq.datasource.[name].url		The url of the datasource which should be connected to.	`application-externaldatasources.properties`	Only available when you have `externaldatasources` enables instead of `jndidatasources`.
	blueriq.datasource.[name].username		The username to login to the datasource	`application-externaldatasources.properties`	Only available when you have `externaldatasources` enables instead of `jndidatasources`.
	blueriq.datasource.[name].password		The password to login to the datasource	`application-externaldatasources.properties`	Only available when you have `externaldatasources` enables instead of `jndidatasources`.
	blueriq.datasource.[name].driverClassName		The driver that needs to be used to connect to the datasource	`application-externaldatasources.properties`	Only available when you have `externaldatasources` enables instead of `jndidatasources`.
	blueriq.datasource.[name].jndiName		The name of the jndi datasource connection.	Only available when you have `jndidatasources`instead of `externaldatasources`.	`application-jndidatasources.properties`
	blueriq.hibernate.[name].hbm2ddl.auto	validate	When starting server (SessionFactory) Supported values: `none` / `validate` create/update/create-drop are not supported ways to create a schema. Use the dbscripts that are provided with the release instead.	`application-externaldatasources.properties`	`application-jndidatasources.properties`
	blueriq.hibernate.[name].dialect		The dialect that hibernate should use.	`application-externaldatasources.properties`	`application-jndidatasources.properties`
	blueriq.hibernate.[name].use_nationalized_character_data	true	Enable nationalized character support on all string / clob based attributes ( string, char, clob, text etc ). Note that this property by defaults to true because 'hibernate.use_nationalized_character_data' is set in application.properties that is packaged in the default runtime WAR. For more information about it's usage see: UTF8 support.	`application-externaldatasources.properties`	`application-jndidatasources.properties`
	blueriq.hibernate.[name].globally_quoted_identifiers	false		`application-externaldatasources.properties`

The development properties only apply when the profile development-tools is added to the spring.profiles.active

Subject	Property	Explanation	Example
Development	logging.file.name=C:/Deployments/logs/runtime.log	The file in which to write the log		`application.properties`
Development	blueriq.development.usePasswordEncryption=true	When editing properties encrypt passwords before saving them.		`application-development-tools.properties`
Studio	blueriq.studio.description	description that is used in the development dashboard flow starter. default via installer = Studio Projects		`application-development-tools.properties`
	blueriq.studio.prefix	The prefix in front of the studio project when started. default via installer = studio		`application-development-tools.properties`
	blueriq.studio.authentication	Method of authentication that the Blueriq Studio uses. Its value always is `BASIC`.		`application-development-tools.properties`
	blueriq.studio.url	url where the management service of the Blueriq Studio can be reached. default via installer = http://HOSTNAME:PORT/Studio/Server/Services/ManagementService		`application-development-tools.properties`
	blueriq.studio.domain	Network domain where the studio is in. default via installer = empty		`application-development-tools.properties`
	blueriq.studio.username	Username for the studio management service. default via installer = runtime		`application-development-tools.properties`
	blueriq.studio.password	Password for the studio management service default via installer = runtime		`application-development-tools.properties`
External	blueriq.external.themes.[name].baseUrl	URL where the external theme is can be reached. When using a custom made them which is not configured via the Runtime using an STG, but rather via a CDN or reverse proxy. An external theme can be configured so that the development dashboard can create URL's to the corresponding targets.	https://example.com/	`application-development-tools.properties`
	blueriq.external.themes.[name].template.flow	RFC-6570 URI template for creating a start flow request. By combining the baseUrl and template.flow properties a full URL is formed. The variables which can be used in the URI template are: flow - name of the flow to start project - name of the project to use version - project version to use languageCode - code of the language to use testPath - name of the test path to use The combined URL will be expanded in development dashboard.	/flow/{project}/{flow} /{version}/{languageCode} With test path: /flow/{project}/{flow} /{version}/{languageCode}{?testPath}	`application-development-tools.properties`
	blueriq.external.themes.[name].template.shortcut	RFC-6570 URI template for creating a start shortcut request. By combining the baseUrl and template.shortcut properties a full URL is formed. The variables which can be used in the URI template are: shortcut - name of the shortcut to start The combined URL will be expanded in development dashboard.	/shortcut/{shortcut}	`application-development-tools.properties`
	blueriq.external.themes.[name].template.session	RFC-6570 URI template for creating a continue session request. By combining the baseUrl and template.session properties a full URL is formed. The variables which can be used in the URI template are: sessionId - id of the session to continue The combined URL will be expanded in development dashboard.	/session/{sessionId}	`application-development-tools.properties`

Subject	Property	Explanation
Domain Schema	blueriq.domainschema.infinite-loop-detection-limit	Sets the limit for loops in case of domain schema in domain schema relations.	`application.properties`

Subject	Property	Explanation
Exports	blueriq.exports.enabled	Boolean to enable usage of exports. Default is false.	`application.properties`
	blueriq.exports.description	The group name of all the exports shown in the dev dashboard	`application.properties`
	blueriq.exports.prefix	The prefix in front of the export project when started.	`application.properties`
	blueriq.exports.folder	The folder in the configuration folder where the exports are.	`application.properties`
	blueriq.exports.files	Direct location of (an) export file(s). Comma seperated.	`application.properties`

Subject	Property	Explanation		Example
Misc	blueriq.production.shortcuts-only	Only possible to start flows with shortcut (instead of 'dash start url')	`application.properties`
	blueriq.fileupload.maxuploadsize	maximum request size for the built-in file upload container, in bytes. Note: this is per request, so if you upload multiple files in one go, the total size of those files is validated against this property. Since 16.1 defaults to 10MB	`application.properties`	# set the max upload size to 10 MB blueriq.fileupload.maxuploadsize=10485760
	blueriq.fileupload.detect-content-type	Guesses the content type of uploaded files based on the actually uploaded data, instead of using the content type as present in the request. From a security perspective, it is advised that this option is enabled to reject malicious uploads. Available since R12.10, defaults to true.	`application.properties`
	blueriq.fileupload.validate-content-type	If enabled, the content type of the file is used to determine the supposed extension that is then validated against the list of allowed extensions. From a security perspective, it is advised that this option is enabled to reject malicious uploads. Available since R12.10, defaults to true.
	blueriq.license	the license for blueriq (content of the license file). Property is optional. One should set either this property or place a license file in the `spring.config.additional-location` folder , behaviour is undefined if both are set.	`application.properties`	The property `blueriq.license` should contain the contents of the license file, not the path to the license file. The value should be something like: blueriq.license=0MtWfrubLL4Rq6TH/4TfNleRJqJHtSQIYe070...
	blueriq.cache.timeout	This property is used to specified the timeout that has to pass before the data in the aggregate / Process statistics container is considered not up to date and has to be reloaded.	`application.properties`
	blueriq.runtimekeys.enabled	The element keys created by the Runtime that are send to the browser to build the HTML are now containing the element name prefixed by the page ID. E.g. P108-C0-C0-F0 is now P108_Person_Firstname_1. This way, the pagemodel which is used to build the HTML is more stable and in turn leads to a more predictable way of testing. This functionality is enabled by default.	`application.properties`
	blueriq.webservices.create-empty-elements-for-unknowns	Controls whether generating empty elements for unknown relations should be enabled. This property is available in Blueriq 14. Use the Legacy Property in earlier versions.	`application.properties`
	blueriq.webservices.structured-input-validation	The webservice responses can be returned by Blueriq in a more structured way when input validations are triggered so those can be used in the model of the receiver. When this functionality is enabled, the error message returned for an invalid request is split up in such a way that validation messages can be handled separately and indicate the exact instance which is not valid. When this functionality is disabled, the error message is one string containing the validation message. This functionality only applies to REST services based on domain schemas. This functionality is disabled by default.	`application.properties`

Model Preloading properties

Note: these properties were introduced in Blueriq 13.8

Subject Property Explanation Default value Property file Example

Model preloading

blueriq.modelpreload.enabled

If true, preloading of configured application models during Runtime startup is enabled

false

application.properties

blueriq.modelpreload.before-requests

If false, preload the application models after the Runtime is ready to accept HTTP requests. Otherwise the models will be preloaded before HTTP requests are accepted.

true

application.properties

blueriq.modelpreload.models

A map of application models (name and versions) to preload. Only application models that are in this list will be preloaded if preloading is enabled.

application.properties

blueriq.modelpreload.models.MyApp1=0.0-Trunk,0.0-FeatureX,0.0-FeatureY

blueriq.modelpreload.models.MyApp2=0.0-Trunk

Subject	Property	Default	Explanation	Property file
Multi-tenacy	blueriq.multi-tenancy.enabled	false	Toggle to enable multi-tenancy.	`application.properties`
	blueriq.multi-tenancy.allowed-tenants		List of comma separated tenant names. Tenant names can contain letters, digits and '-' (dashes). For example: blueriq.multi-tenancy.allowed-tenants=google,apple	`application.properties`
	blueriq.multi-tenancy.http-header		The name of the HTTP header which the Runtime can retrieve the tenant name	`application.properties`
	blueriq.multi-tenancy.amqp-header		The name of the AMQP message header in which the tenant is stored	`application.properties`

Subject	Property	Explanation
MVC UI - deprecated	blueriq.mvc.development-mode	Turning mvc development mode on or off.	`application.properties`
	blueriq.mvc.themes.[theme].template-group-file	Path to where the stg file can be found.	`application.properties`
	blueriq.mvc.themes.[theme].template-name	Name of the mvcui template.	`application.properties`
	blueriq.mvc.active-themes	The themes that are active in the Runtime. The theme names listed here (as a comma separated list) must match the theme names that are used with the properties above. Not all defined themes need to be active. Only the active ones will be shown in the development dashboard. This is useful for overriding the default styling that is packaged with Blueriq.	`application.properties`
	spring.mvc.dispatch-options-request	This is a spring mvc property that enables the dispatcher to listen to OPTIONS request methods.	`application.properties`

Example

blueriq.mvc.themes.bootstrap3.template-group-file=UI/mvc/v2/bootstrap3.stg
blueriq.mvc.themes.bootstrap3.template-name=main
blueriq.mvc.active-themes=bootstrap3

Subject	JAVA Property	Explanation
OpenID Connect	blueriq.security.openid-connect.use-discovery	Boolean property which enables Blueriq to read identity provider specific properties from an specific exposed location if the value is true, or to read them from application.properties if the value is false. Default: false.	`application.properties`
	blueriq.security.openid-connect.public-keys.<key id>=<key value>	Defines the <key id, public key> mappings that are loaded by Blueriq if blueriq.security.openid-connect.use-discovery is false. Note that the key value should be encoded as Base64 encoded bytes that conform to the X509EncodedKeySpec	`application.properties`
	blueriq.security.openid-connect.client-id	The client-id of the Runtime, as defined at the identity provider.	`application.properties`
	blueriq.security.openid-connect.client-secret	The client secret of the Runtime, as defined at the identity provider. This value is used, for example, to complete the OpenID Connect Authorization Code Flow, when exchanging the authorization code for ID and access tokens.	`application.properties`
	blueriq.security.openid-connect.scopes	The OpenID Connect scopes used when starting the Authorization Code flow. The scopes must include the value "openid" in order for the identity provider to recognize that the OpenID Connect Authorization Code flow must be initiated. If "openid" is not specified as a scope, the identity provider may instead initiate the OAuth2 Authorization Code flow (depends on the identity provider in use). Multiple scopes can be specified separated with coma.	`application.properties`
	blueriq.security.openid-connect.token-endpoint	the URL of the endpoint where access codes can be exchanged for ID and access tokens. Example for Keycloak: http://<host>:<port>/auth/realms/<realm name>/protocol/openid-connect/token	`application.properties`
	blueriq.security.openid-connect.token-endpoint-parameters.<name>=<value>	Additional custom parameters to be sent to the token endpoint. For example; blueriq.security.openid-connect.token-endpoint-parameters.audience=https://example.eu.auth0.com/api/v2/	`application.properties`
	blueriq.security.openid-connect.authorization-endpoint	the URL where the OpenID Connect Authorization Code flow can be started. Example for Keycloak: http://<host>:<port>/auth/realms/<realm name>/protocol/openid-connect/auth	`application.properties`
	blueriq.security.openid-connect.authorization-endpoint-parameters.<name>=<value>	Additional custom parameters to be sent to the authorization endpoint. For example; blueriq.security.openid-connect.authorization-endpoint-parameters.audience=https://example.eu.auth0.com/api/v2/	`application.properties`
	blueriq.security.openid-connect.token-issuer	The expected issuer in the "iss" claim of JWT tokens. A received JWT which does not have this exact, case-sensitive value in its "iss" claim will be rejected as invalid.	`application.properties`
	blueriq.security.openid-connect.check-audience	Boolean indicating whether the audience claim should be checked. If true, the audience claim must contain the Runtime's client-id. All JWTs which do not contain the Runtime's client-id in the audience claim are rejected as invalid. When false, the audience claim is not checked. Default: false.	`application.properties`
	blueriq.security.openid-connect.sso-logout	Boolean indicating whether when logging out of Blueriq the user should be logged out of the Single-Sign-On session as well. Default: false	`application.properties`
	blueriq.security.openid-connect.end-session-endpoint	When sso-logout is true, the Runtime redirects to this URL at the identity provider in order to log out of the Single-Sign-On session.	`application.properties`
	blueriq.security.openid-connect.post-logout-redirect-uri	Optional URI that the OpenID Connect provider should redirect to after logging out. This property will be taken account both when using discovery and when using manual configuration through properties. Since Blueriq 16.0.1	`application.properties`
	blueriq.security.openid-connect.user-info-endpoint	the URL of the OpenID Connect UserInfo endpoint. This endpoint provides information about the user associated with an access token. It is used when the access token is not a JWT.	`application.properties`
	blueriq.security.openid-connect.user-info-endpoint-parameters.<name>=<value>	Additional custom parameters to be sent to the user info endpoint. For example; blueriq.security.openid-connect.user-info-endpoint-parameters.audience=https://example.eu.auth0.com/api/v2/	`application.properties`

JAVA Property	Explanation
blueriq.security.jwt-claims.roles-path	A JsonPath expression to the roles claim in the JWT body. For example, if the JWT body contains below claims, this property should be set to `$.realm_access.roles` in order to indicate that the `roles` claim nested within the `realm_access` claim represents the roles. { ... other claims ... "realm_access": [ "roles": ["role1", "role2"] ] ... other claims ... }	`application.properties`
blueriq.security.jwt-claims.teams-path	A JsonPath expression to the teams claim in the JWT body. See roles-path above for more information.	`application.properties`
blueriq.security.jwt-claims.role-mapping.<role-claim>	Maps a role claim to zero, one or multiple Blueriq roles. If a role claim does not have a mapping, it is considered to have an implicit identity mapping. Example: blueriq.security.jwt-claims.role-mapping.employee=authenticated_user,vu_employee (all users which have the employee role at the identity provider will have the authenticated_user and vu_employee roles in Blueriq)	`application.properties`
blueriq.security.jwt-claims.team-mapping.<team-claim>	Maps a team claim to zero, one or multiple Blueriq teams. If a team claim does not have a mapping, it is considered to have an implicit identity mapping. Example: blueriq.security.jwt-claims.team-mapping.amsterdam=europe,netherlands (all users which have the amsterdam team at the identity provider will have the europe and netherlands teams in Blueriq)	`application.properties`
blueriq.security.jwt-claims.username-path	A JsonPath expression to the usernameclaim in the JWT body. See roles-path above for more information. If no value is specified, the default value is used: `$.preferred_username`.	`application.properties`
blueriq.security.jwt-claims.claim-mapping.<key-id>=<value>	Additional optional custom parameter to retrieve a claim from the JWT and place it in the Authentication under the specified key. The value should be a JsonPath expression to the claim in the JWT body. Only (lists of) strings, numbers and booleans are supported. These values will all be converted to strings. See roles-path above for more information. These claims can be retrieved to the profile using the GetAuthenticationClaims service.	`application.properties`

The property retain-required-tasks has been added

Subject	JAVA Property	Explanation
Processes and DCM	blueriq.timer.interval	Timer interval of when to check timed tasks - (values must now be MINUTE, HOUR or NEVER, caps are required)	`application.properties`
	blueriq.scheduler-quartz.advanced-scheduler	Property to enable the advanced scheduler Default: false	`application.properties`
	blueriq.migrate.displaynames.endpoint.enabled	Activates the migration endpoint for processing and updating the cases and tasks display names	`application.properties`
	blueriq.processengine.cancel-started-tasks	Will cancel all started tasks when the runtime starts. This property does not work as intended for production environments where the runtime is installed on multiple nodes. Starting a new (or restarting a running node) might cancel tasks that are in use. For that scenario we recommend to use the Reopening Tasks endpoint exposed by the CancelAllStartedTasks from the Scheduler Maintenance REST API or the Backend REST API V1 Default: false	`application.properties`
	blueriq.processengine.retain-required-tasks	If true, ad-hoc tasks for which the precondition becomes false will not be automatically canceled (pre R11 behaviour). Defaults to `false`.	`application.properties`
	blueriq.processengine.worklist.limit	Limit of amount of items shown in the worklist Default: 1000	`application.properties`
	blueriq.processengine.caselist.limit	Limit of amount of items shown in the caselist Default: 1000
	blueriq.processengine.default-app-id-ignore-mode	To influence the behavior of models that normally make use of the application Id for whole server (Control applicationId behavior) Default: none	`application.properties`
	blueriq.processengine.app-id-ignore-modes.[app-id]	To influence the behavior of models that normally make use of the application Id, but per project.	`application.properties`
	blueriq.processengine.default-ignore-unknown-attributes	Indicates whether attributes stored in the process database which are no longer in the model should be ignored. By default, these attributes are not ignored and an error is raised when such an attribute is found in the database. To ignore the attributes, set this property to true.	`application.properties`
	blueriq.processengine.ignore-unknown-attributes.[app-name]	Same as blueriq.processengine.default-ignore-unknown-attributes, but allows enabling this setting on a per-application basis. The application-specific setting takes precedence over the global setting.	`application.properties`
	blueriq.processengine.default-ignore-unknown-entities	Indicates whether entity instances stored in the process database which are no longer in the model should be ignored. By default, these entity instances are not ignored and an error is raised when such an entity instance is found in the database. To ignore the entity instances, set this property to true.	`application.properties`
	blueriq.processengine.ignore-unknown-entities.[app-name]	Same as blueriq.processengine.default-ignore-unknown-attributes, but allows enabling this setting on a per-application basis. The application-specific setting takes precedence over the global setting.	`application.properties`
	blueriq.processlist.default-app-id-ignore-mode		`application.properties`
	blueriq.processlist.app-id-ignore-modes.[app-id]		`application.properties`
	blueriq.process-sql-store.oracle.case-insensitive-search-enabled	This property enables case insensitive searching for oracle. For more information see: How to enable case insensitive search on case data for Oracle	`application.properties`

Subject	Property	Explanation
Publisherclient	blueriq.hibernate.publisher-client.main.hbm2ddl.auto=validate	Specifies the hibernate property for publisherclient connection.	`application-publisher-client.properties`
	blueriq.hibernate.publisher-client.dialect=org.hibernate.dialect.Oracle12cDialect	Example: blueriq.hibernate.publisherclient.dialect=org.hibernate.dialect.Oracle12cDialect	`application-publisher-client.properties`
	blueriq.datasource.publisher-client.database.url=jdbc:oracle:{host}:{port}:{servicename}	The url of the publisher database.	`application-publisher-client.properties`
	blueriq.datasource.publisher-client.database.driverClassName=oracle.jdbc.driver.OracleDriver	The driverclassname of the publisher database.	`application-publisher-client.properties`
	blueriq.datasource.publisher-client.database.username={Username}	The username to log in the database.	`application-publisher-client.properties`
	blueriq.datasource.publisher-client.database.password={password}	The password to log in the database.	`application-publisher-client.properties`
	blueriq.publisher-client.environmentName=Test		`application-publisher-client.properties`

Subject	Property	Explanation
Runtime API	blueriq.runtime.name	name of the runtime in the REST API	`application.properties`

Subject	Property	Explanation
Security LDAP	blueriq.security.auth-providers.ldap01.type	What type of provider is used, in this case it always is 'ldap'	`application.properties`
	blueriq.security.auth-providers.ldap01.connectionUrl	The connection url to the LDAP server	`application.properties`
	blueriq.security.auth-providers.ldap01.userDn	The userDn to connect with the ldap; format should look something like 'cn=LDAP reader,ou=something,dc=company,dc=nl'	`application.properties`
	blueriq.security.auth-providers.ldap01.password	Password to connect to the LDAP	`application.properties`
	blueriq.security.auth-providers.ldap01.useTls	boolean to either use TLS or not for the LDAP connection; this setting is not required	`application.properties`
	blueriq.security.auth-providers.ldap01.tls.trustStoreUrl	Only required if useTls is true; the location to the truststore file	`application.properties`
	blueriq.security.auth-providers.ldap01.tls.trustStorePassword	Only required if useTls is true; The password used to login to the keystore	`application.properties`
	blueriq.security.auth-providers.ldap01.tls.trustStoreType	Only required if useTls is true; what type of keystore is used, like 'jks' or 'pkcs12'	`application.properties`
	blueriq.security.auth-providers.ldap01.referralStrategy	Can be 'ignore' or 'follow'	`application.properties`
	blueriq.security.auth-providers.ldap01.searchSubtree	Used for searching in LDAP; boolean value if set to true, not only the current directory will be search, but also underlaying directories.	`application.properties`
	blueriq.security.auth-providers.ldap01.userSearchBaseDn	Used for searching in LDAP; Should look something like 'OU=Gebruikers,DC=company,DC=nl'; points to the directory to where the user search should happen.	`application.properties`
	blueriq.security.auth-providers.ldap01.userSearchAttribute	Used for searching in LDAP; What attribute to use to iddentify as a user, common use is : 'sAMAccountName'	`application.properties`
	blueriq.security.auth-providers.ldap01.groupSearchBaseDn	Used for searching in LDAP; Should look something like 'OU=Groepen,DC=company,DC=nl'; points to the directory to where the group search should happen. Important for the roles for the user	`application.properties`
	blueriq.security.auth-providers.ldap01.groupSearchFilterAttribute	Used for searching groups in ldap; What attribute to use to to filter groups on; This property is not required	`application.properties`
	blueriq.security.auth-providers.ldap01.groupSearchFilterPattern	Used for searching groups in ldap; What pattern to use to to filter groups on;This property is not required; Should look something like this: 'BQ_, EVE_,PRO - ,PRO -' Results in: ((<attribute>=BQ_)(<attribute>=EVE_)(<attribute>=PRO -*))	`application.properties`
	blueriq.security.auth-providers.ldap01.role-mapping	Used for mapping LDAP groups to Blueriq roles, in the form ..role-mapping.<ldap group 1>=<blueriq role 1>[,<blueriq role 2>,...,<blueriq role n>] ..role-mapping.<ldap group n>=<blueriq role 1>[,<blueriq role 2>,...,<blueriq role n>]	`application.properties`

Subject	JAVA Property	Explanation	Type	Default
Security	blueriq.security.click-jacking-protection.enabled	Turn clickjack protection on/off. For more information go to Security: Clickjacking protection.	Boolean	true	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.default-src	Set the location where content can be loaded from, if no more specific value (for example font for where fonts can be loaded from) is given there is a fallback to this value. For more information see Security: Clickjacking protection.	String	'self'	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.script-src	Set the location where scripts can be loaded from. For more information see Security: Clickjacking protection.	String	'self'	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.style-src	Set the location where stylesheets can be loaded from. For more information see Security: Clickjacking protection.	String	'self'	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.font-src	Set the location where fonts can be loaded from. For more information see Security: Clickjacking protection.	String	'self'	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.img-src	Set the location where images can be loaded from. For more information see Security: Clickjacking protection.	String	'self'	`application.properties`
	blueriq.security.click-jacking-protection.content-security-policy.frame-ancestors	Set the valid parent hosts that may embed Blueriq using <frame>, <iframe>, <object>, <embed> or <applet>. For more information see Security: Clickjacking protection. Available since Blueriq 14.4. Note that Content Security Policy is not supported by Internet Explorer, so this setting will not have an effect on users that still use Internet Explorer.	String	'self'	`application.properties`
	blueriq.security.csrf-protection.enabled	Turn Cross Site Request Forgery protection on/off. For more information go to Security: Cross-site scripting protection.	Boolean	true	`application.properties`
	blueriq.security.strict-transport-protection.enabled	Enables HTTP Strict Transport Security (HSTS). For more information go to Security: HTTP Strict Transport Security.	Boolean	true	`application.properties`
	blueriq.security.x-content-type-protection.enabled	Add the X-Content-Type-Options header to responses to protect against MIME type sniffing. For more information go to Security: Content sniffing protection.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.enabled	Turn cross site scripting protection protection on/off. For more information go to Security: Cross-site scripting protection.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.header.enabled	Turn the X-XSS-Protection HTTP header on/off.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.request-body-validation.enabled	Enable the X-XSS-Protection on request body.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.request-parameter-validation.enabled	Enable the X-XSS-Protection on request parameters.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.request-url-validation.enabled	Enable the X-XSS-Protection on request url.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.multipart-request-validation.enabled	Enable the X-XSS-Protection on multipart request.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.blacklist.enabled	Turn the XSS blacklist on/off.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.whitelist.enabled	Turn the XSS whitelist on/off.	Boolean	true	`application.properties`
	blueriq.security.xss-protection.whitelist.allowed-protocols	Set the whitelisted protocols in URI attributes. Example value: 'http,https,mailto'	Comma separated string	empty	`application.properties`
	blueriq.security.xss-protection.whitelist.allowed-tags	Set the whitelisted HTML tags. Example value: 'b,img'	Comma separated string	empty	`application.properties`
	blueriq.security.xss-protection.whitelist.allowed-global-attributes	Set the whitelisted attributes allowed on any whitelisted HTML tag. Example value: 'class,title'	Comma separated string	empty	`application.properties`
	blueriq.security.xss-protection.whitelist.allowed-attributes.<tag>	Set the whitelist attributes allowed on a specific whitelisted HTML tag. Example key: 'blueriq.security.xss-protection.whitelist.allowed-attributes.h1' Example value: 'class'	Key: string Value: comma separated string	empty	`application.properties`
	blueriq.security.xss-protection.whitelist.uri-attributes.<tag>=<attr1>,<attr2>	Mark which attributes are URI attributes and are subject to the allowed protocols rule. In Java, URI attributes can be defined per tag. In .NET, URI attributes can be defined only globally.	Key: string Value: comma separated string	empty	`application.properties`
	blueriq.security.xss-protection.whitelist.max-loop-count	Define a limit on the number of sanitization iterations.	Integer	5	`application.properties`
	blueriq.security.xxe-protection.enabled	Enable XML External Entity (XXE) protection.	Boolean	true	`application.properties`
	blueriq.security.xxe-protection.disallow-doctype-decl	Disallow doctype declaration processing in XML-files. Protection is enabled when set to: true.	Boolean	true	`application.properties`
	blueriq.security.xxe-protection.load-external-dtd	Enable loading external DTDs in XML-files. Protection is enabled when set to: false.	Boolean	false	`application.properties`
	blueriq.security.xxe-protection.external-general-entities	Enable processing external general entities in XML-files. Protection is enabled when set to: false.	Boolean	false	`application.properties`
	blueriq.security.xxe-protection.external-parameter-entities	Enable processing external parameter entities in XML-files. Protection is enabled when set to: false.	Boolean	false	`application.properties`
	blueriq.security.xxe-protection.xinclude-aware	Enable processing of XML Inclusions (XInclude) in XML-files. Protection is enabled when set to: false.	Boolean	false	`application.properties`
	blueriq.security.xxe-protection.expand-entity-references	Enable expansion of entity references in XML-files. Protection is enabled when set to: false.	Boolean	false	`application.properties`
	blueriq.security.http.restricted-methods	Specify the methods that should not be allowed while doing HTTP calls. For more information go to Security: Block HTTP Methods. Example value: 'head,get,post,options'	Comma separated string	empty	`application.properties`
	blueriq.security.http.runtime.enabled	This property if true enables the default secured access to the runtime interactions.	Boolean	true	`application.properties`
	blueriq.security.login-type	Defines the login type used in Blueriq. If openid-connect is chosen, openid-connect properties have to be defined as well.	One of: 'form-login' 'openid-connect' 'jwt'	'form-login'	`application.properties`
	blueriq.security.redirect-url-whitelist	Define a whitelist of URLs where the user can be redirected to. If the `redirect_uri` (for OpenIdConnect login/logout) or the `error-redirect` (for render document/page and file download) are not in this list, the Runtime will return 400. This list is case sensitive. If the list is empty, any URL is accepted up to version 14.x. From 15.0 onwards, no URLs are accepted when an empty list is provided.	Comma separated list	empty	`application.properties`
	blueriq.security.keystore.location	The path to the keystore file to be used as repository for security certificates.	Spring Resource	empty	`application.properties`
	blueriq.security.keystore.password	The password of the keystore.	String	empty	`application.properties`
	blueriq.security.keystore.default-certificate	Default certificate used to verify signatures when no KeyInfo is provided in the request.	String	empty
	blueriq.security.truststore.location	The path to the trust store containing the public keys/certificates of external hosts that should be trusted.	Spring Resource	empty	`application.properties`
	blueriq.security.truststore.password	The password for the truststore file.	String	empty	`application.properties`
	blueriq.security.truststore.default-certificate	Default certificate used to verify signatures when no KeyInfo is provided in the request.	String	empty
	blueriq.security.bcrypt-strength	Define the BCrypt strength for password hashing. BCrypt is the default encoder in Blueriq. Applicable values: number between 4-30 Performance impact The higher the number the higher the hashing complexity but also the work to calculate the hash. Each increment is twice as much work. Introduced in version 12.13.	Integer	10	`application.properties`
	blueriq.security.session-fixation-protection.enabled	Turn session fixation on/off. For more information, see Security: Session Fixation protection. Introduced in versions 14.11, 13.13.18 and 12.13.39.	Boolean	true	`application.properties`
	blueriq.security.cors.enabled	Enable response headers related to Cross-Origin Resource Sharing. When disabled, the Same-origin policy implemented in web browsers does not allow scripts with a different origin to call Runtime endpoints. This is the secure default.	Boolean	false	`application.properties`
	blueriq.security.cors.allowed-origins	Specify origins for the Access-Control-Allow-Origin response header.	Comma separated string	empty	`application.properties`
	blueriq.security.cors.allowed-methods	Specify methods for the Access-Control-Allow-Methods response header.	Comma separated string	empty	`application.properties`
	blueriq.security.cors.allowed-headers	Specify headers for the Access-Control-Allow-Headers response header.	Comma separated string	empty	`application.properties`
	blueriq.security.cookie-same-site.enabled	Turn on the same site attribute for the cookies in blueriq. for more information see: Security: SameSite. Introduced in version 15.0.	Boolean	true	`application.properties`
	blueriq.security.cookie-same-site.value	Define the value for the same site attribute for the cookies in blueriq. for more information see: Security: SameSite. Introduced in version 15.0.	String	'strict'	`application.properties`

Subject	Property	Explanation	Property file
Shortcuts	blueriq.shortcut.[name].flow	The flow of the project that is started	`application.properties`
	blueriq.shortcut.[name].languageCode	The languagecode of the project that is started	`application.properties`
	blueriq.shortcut.[name].project	The name project that is started	`application.properties`
	blueriq.shortcut.[name].theme	The theme of the project that is started	`application.properties`
	blueriq.shortcut.[name].ui	The ui of the project that is started	`application.properties`
	blueriq.shortcut.[name].version	The version of the project that is started	`application.properties`
	blueriq.shortcut.[name].channel	The device channel of the project that is started
	blueriq.shortcut.[name].privateAccess	This property indicates if the project reference that is specified in the shortcut is private or not. Read also Security: Shortcuts and AQ_GetRequestParameters	`application.properties`

Subject	Property	Default	Explanation	Property file
Webresources	blueriq.web-resources.source-location		The location (URL) of additional or overridden web resources. For example `file:///d:/resources/webresources/`. If not set only web resources from the classpath will be available	`application.properties`
	blueriq.web-resources.cache-key-seed		The seed used to generate a cacheKey for static resources. Set this property if you want to be responsible for invalidating the cache. This probably means you must change the cacheKeySeed every time you change one or more of your custom web resources. Please note that when this property is not set, the cacheKey is changed every time the Blueriq Runtime is restarted	`application.properties`
	blueriq.web-resources.cache-period-seconds	31536000	The cache period for all static web resources. When null, default behavior is to rely only on 'Last-Modified' header. When 0, caching is disabled. When > 0 is number of seconds to cache a resource client-side (browser). (31536000 seconds = 365 days)	`application.properties`

This component is part of an ongoing effort to separate the Process Engine from the Runtime. As this component is still in active development, it's not ready for use in production scenarios. Behavior and interfaces are subject to change.

Subject	Property	Explanation	Property file	Additional information
Case Engine Client Component	blueriq.dcm.rabbitmq.host	Settings for the RabbitMQ instance used to communicate with the Case Engine.	`application-case-engine-client.properties`
	blueriq.dcm.rabbitmq.port
	blueriq.dcm.rabbitmq.username
	blueriq.dcm.rabbitmq.password
	blueriq.dcm.rabbitmq.exchangeName			Exchange to which events to the Case Engine should be published
	blueriq.dcm.rabbitmq.queueNames			Queue from which events from the Case Engine should be consumed
	blueriq.dcm.rabbitmq.virtualHost
	blueriq.dcm.concurrency.concurrent-consumers	RabbitMQ consumer concurrency settings, used to be able to process multiple messages at the same time. For more information on concurrent consumers see Configuring RabbitMQ.
	blueriq.dcm.concurrency.max-concurrent-consumers
	blueriq.dcm.case-engine.url	URL and credentials for the Case Engine.
	blueriq.dcm.case-engine.username
	blueriq.dcm.case-engine.password
	blueriq.dcm.execute-automatic-tasks	Should this runtime execute automatic tasks? (default = true)		If this property is set to false, the blueriq.dcm.rabbitmq.queueNames property can be left empty, as this is the queue from which automatic tasks are read.

Common used properties

server.servlet.contextPath=/runtime

# do not use spring default multipart configuration
spring.http.multipart.enabled=false
spring.cloud.config.overrideSystemProperties=false

hibernate.use_nationalized_character_data=true

Java Third Party properties

For part of the features we rely on third party libraries. These library's have their own properties like: logging.level.com.aquima=DEBUG. you can find an overview or the Spring properties here: spring-common-application-properties.

Space shortcuts

Page tree

All properties

Properties

Messages

Model Preloading properties

Example

Common used properties

Java Third Party properties

Space shortcuts

Page tree

Reference Guide: Properties

All properties

Properties

Messages

Model Preloading properties

Example

Common used properties

Java Third Party properties