Startup Configuration Reference

This document is a reference of the properties used in Semarchy xDM startup configuration.

Repository Datasource

The base configuration must include the repository datasource, used by the application to connect the repository database. This datasource is configured with the properties listed below.

Driver and URL are mandatory properties for the repository datasource. The credentials used for this datasource are those configured for the repository storage.
The repository datasource uses the same properties as the platform datasources, as well as a connection pool. See datasources for more details about datasource configuration and connection pools.
Property (Environment variable) Description

xdm.repository.driver
(XDM_REPOSITORY_DRIVER)

JDBC driver class for the repository database. This property is required.

  • For Oracle: oracle.jdbc.OracleDriver

  • For PostgreSQL: org.postgresql.Driver

  • For SQL Server: com.microsoft.sqlserver.jdbc.SQLServerDriver

xdm.repository.url
(XDM_REPOSITORY_URL)

JDBC URL for the repository database. This property is required.

  • For Oracle:
    jdbc:oracle:thin:@<oracle_instance_hostname>:<oracle_listener_port>:<oracle_SID_name>

  • For PostgreSQL:
    jdbc:postgresql://<postgresql_hostname>:<postgresql_port>/<postgresql_database_name>

  • For SQL Server:
    jdbc:sqlserver://<sqlserver_hostname>:<sqlserver_port>;databaseName=<repository_database_name>;
    or
    jdbc:sqlserver://<sqlserver_hostname>;instanceName=<sqlserver_instancename>;databaseName=<repository_database_name>;

xdm.repository.username
(XDM_REPOSITORY_USERNAME)

Database user to connect the repository database (<repository_user>).

xdm.repository.password
(XDM_REPOSITORY_PASSWORD)

Database user password (<repository_password>).

xdm.repository.connectiontimeout
(XDM_REPOSITORY_CONNECTIONTIMEOUT)

Maximum number of milliseconds to wait to establish a connection. The default value is 30000 (30 seconds).

xdm.repository.idletimeout
(XDM_REPOSITORY_IDLETIMEOUT)

Amount of time in milliseconds allowed for a connection to sit in the pool before being retired. The default value is 600000 (10 minutes).

xdm.repository.keepalivetime
(XDM_REPOSITORY_KEEPALIVETIME)

Frequency of the attempts to keep idle connections alive. The default value is 0 (feature disabled).

xdm.repository.maxlifetime
(XDM_REPOSITORY_MAXLIFETIME)

Maximum lifetime of a connection before it is retired from the pool. The default value is 1800000 (30 minutes).

xdm.repository.connectiontestquery
(XDM_REPOSITORY_CONNECTIONTESTQUERY)

SQL query used to test or keep a connection alive. The default value is null, and the JDBC test method is used.

xdm.repository.minimumidle
(XDM_REPOSITORY_MINIMUMIDLE)

Minimum number of idle connections to maintain in the pool. The default value is 1.

xdm.repository.maximumpoolsize
(XDM_REPOSITORY_MAXIMUMPOOLSIZE)

Maximum number of idle and in-use connections in the pool. The default value is set to 16.

xdm.repository.connectioninitsql
(XDM_REPOSITORY_CONNECTIONINITSQL)

SQL query executed when creating a connection and adding it to the pool.

xdm.repository.validationtimeout
(XDM_REPOSITORY_VALIDATIONTIMEOUT)

Maximum number of milliseconds to wait for a connection test to succeed. The default value is 5000 (5 seconds).

xdm.repository.driverproperties
(XDM_REPOSITORY_DRIVERPROPERTIES)

Driver properties. This value is a JSON object containing the driver properties that you want to set. For example:

{
"driverProperty1": "property1Value",
"driverProperty2": "property2Value"
}

SEMARCHY_SETUP_TOKEN
(SEMARCHY_SETUP_TOKEN)

Required the first time you connect to Semarchy xDM to create or upgrade the repository and used as an authentication method to let you configure the administrator login and password.

Repository Read-Only Datasource

The base configuration must also include the repository read-only datasource, used by the application to connect the repository database with read-only credentials. This datasource is used by xDM Discovery built-in profile dashboards.

This datasource is configured with the properties listed below. These properties are similar to those of the Repository Datasource, and most inherit from the repository datasource configuration.

Username and password are the only mandatory properties for the repository read-only datasource. The credentials used for this datasource are those configured for the repository read-only user.
Property (Environment variable) Description

xdm.repository.readonly.username
(XDM_REPOSITORY_READONLY_USERNAME)

Database user to connect the repository database (<repository_readonly_user>). This property is required.

xdm.repository.readonly.password
(XDM_REPOSITORY_READONLY_PASSWORD)

Database user password (<repository_readonly_password>). This property is required.

xdm.repository.minimumidle
(XDM_REPOSITORY_MINIMUMIDLE)

Minimum number of idle connections to maintain in the pool. The default value is 1.

xdm.repository.maximumpoolsize
(XDM_REPOSITORY_MAXIMUMPOOLSIZE)

Maximum number of idle and in-use connections in the pool. The default value is set to 4.

xdm.repository.readonly.connectiontimeout
xdm.repository.readonly.idletimeout
xdm.repository.readonly.keepalivetime
xdm.repository.readonly.maxlifetime
xdm.repository.readonly.connectiontestquery
xdm.repository.readonly.connectioninitsql
xdm.repository.readonly.validationtimeout

(XDM_REPOSITORY_READONLY_CONNECTIONTIMEOUT
XDM_REPOSITORY_READONLY_IDLETIMEOUT
XDM_REPOSITORY_READONLY_KEEPALIVETIME
XDM_REPOSITORY_READONLY_MAXLIFETIME
XDM_REPOSITORY_READONLY_CONNECTIONTESTQUERY
XDM_REPOSITORY_READONLY_CONNECTIONINITSQL
XDM_REPOSITORY_READONLY_VALIDATIONTIMEOUT)

These properties use by default the value defined in the Repository Datasource. You can override them here.

xdm.repository.readonly.driverproperties
(XDM_REPOSITORY_READONLY_DRIVERPROPERTIES)

Driver properties are inherited from those defined in the Repository Datasource. A driver property set here replaces the one defined for the repository datasource.

Identity Management

By default, all the enabled identity providers are available on each node of a clustered Semarchy xDM environment. The xdm.idm.availableidps property allows defining the list of available IDPs on a given node.

Property (Environment variable) Description

xdm.idm.availableidps
(XDM_IDM_AVAILABLEIDPS)

Comma-separated list of identity providers that should be available for a given Semarchy xDM node.

The names should match the configured identity providers. Use the INTERNAL_IDP key for the internal identity provider.

For example, xdm.idm.availableidps = idp1,OIDC,idp2,idp3,INTERNAL_IDP

If this property is not specified, all the valid and enabled identity providers are made available.

Secrets Management

Semarchy xDM comes with a default KMS for encrypting secrets, labeled Insecure. This KMS provides encryption capabilities at installation time using a default built-in key.

You can configure stronger encryption in your environments and provide secret management configuration properties in the startup configuration. See Secrets Managers for more information.