The Application Name (defaults to Showcase) will be passed over to the Gui and is displayed multiple times. You can change it to a more customer-centric name if required.
# General Config
todo
Configuration File: CLIENT_CONFIG/config/config.php
With the config key config.* you may control most of the basic settings for SCP.
config.app_nameconfig.app_short_nameBeside the app_name there is another short version of the name which will be used when there is not
enough space to display the full name. It defaults to SC.
config.frontend_urlIf you have a custom domain beside our defaults you would like to let SCP build links using the custom
one instead of using the default URL. Set this config to the desired URL (e.g. https://something.com).
config.maintenanceModeIf you want to prevent users from using SCP, turn on the maintenance mode.
# E-Mail Settings
Whenever SCP creates an e-mail to one of its users, it uses the given configuration.
Configure in Actions
Beside setting defaults with the general configuration you can change sender and subject lines directly from the Action which actually creates the e-mail.
config.email.prefixThe e-mail prefix will be prepended to all subject lines for e-mails created by SCP. It defaults to Showcase -.
config.email.from.addressThe default senders address used by SCP for e-mails. Defaults to updates@showcase-app.io.
config.email.from.nameThe default senders name used by SCP for e-mails. Defaults to Showcase.
# Security Settings
todo
# Account Approval
SCP offers different ways on how to approve account before they actually are allowed to use the platform.
You'll find more details in the Authorization Section
config.account_approval.approve_unknown_users_automaticallyIf there are no approvers and no approved_domains found SCP will try to automatically approve users – you control the
behavior by setting this option.
It defaults to true.
config.account_approval.default_approverThe default approvers will be merged with the approvers set on the Auth Code level. These both arrays of e-mail-addresses will
result in a list of users which receive e-mails to approve or reject users. Defaults to [].
config.account_approval.default_approved_domainsTogether with the list of approved domains from the Auth Code of the user, this list will be used to determine if the e-mail address of the user is allowed to sign up without an additional approval process.
# Password Expiry
By default SCP does not expire passwords automatically. For security reasons it makes sense to set the hard and soft limits to something suitable.
config.security.password_expiry.soft_limitGiven in days, the soft limit will instruct SCP to send a reminder e-mail to the user once this password becomes older
than the defined timespan. This option defaults to 0 which explicitly disables the functionality. The user is still allowed
to use the platform if the password is older than the soft_limit allows.
config.security.password_expiry.hard_limitThe hard limit is the timespan for how long unchanged credentials will be accepted. If a user did not change the password for longer than the defined amount of days here, he cannot use the platform anymore.
Users will receive a one-time-link if the password is becomes older than one of the defined lifespans. He can easily use the link inside the mail to change the password directly.
TIP
If you do not want to warn your users before they might lose access to SCP you can set the soft_limit to 0 and
just use the hard_limit.
# Failed Logins
SCP supports banning users which tried to sign in with invalid credentials. All necessary configuration can be found here.
config.security.failed_login_lock.limitThe number of consecutive unsuccessful sign in attempts which are required before SCP locks down the account. Defaults
to 10.
config.security.failed_login_lock.check_periodSCP checks how often a user tries within this specified timespan. If the users waits for longer than the timespan set here,
SCP will start counting from the beginning. Defaults to 60 minutes.
config.security.failed_login_lock.lock_durationAfter the user has made more then the allowed failed attempts, SCP will lock down the account for the given amount of
minutes set here. It defaults to 30 minutes which means that the user by default cannot sign in anymore for 30 minutes
after the threshold defined in config.security.failed_login_lock.limit has been reached.
# Password History
Showcase Platform supports password histories which can prevent users from always choosing the same password. This feature is disabled by default.
config.security.password_history_countJust set the amount of passwords SCP should check when a user will update his password. SCP will prevent setting the new password to one of the passwords already stored in the history.
Hashed Passwords
Also passwords stored in the history are hashed and cannot be reversed to their original state.
# Rendition Settings
There are a few options to control Renditions within the general config. Most of the time might need to change the underlying Actions when it comes to detailed configuration.
config.renditions.priorityThis list of rendition names (see Renditions for details) will specify which rendition will be used to be display within the Material Card as the main thumbnail. The first image which is found will be used as the thumbnail.
Defaults to ['live_thumbnail', 'briefing_thumbnail', 'template_thumbnail']
Giving this priority SCP will use the live_thumbnail if it exists, if not it will try to show the briefing_thumbnail
and if this is also not available, it will show the template_thumbnail which is always available.
config.excludeRenditionsOnCopyWhenever a material gets copied, SCP tries to copy everything which makes sense. Without any configuration, renditions
will be copied to the new material. This might make no sense so you can control which renditions should be excluded.
Defaults to ['live_thumbnail', 'live_pdf']
Check out Filename Templates if you want to change the filenames for downloaded renditions.
# Request Fields
When users create new Materials they have to enter a limited set of information to let SCP create the material for them. As we use Filters for dynamically attach fields etc. it is required to have at least all the fields in this list which are used in the very early Filters.
If you want for example to control which material types can be used for a given country, the user has to set the value for the country before the filter of the material type gets executed.
# Filename Templates
When a file gets downloaded by a user SCP generates the filenames from this configuration. Filename Templates are used along with a Filter to find the matching configuration.
- The filter will be evaluated against the current material
- If the filter matches, the given
tokenis used
We use this default:
<?php
// CLIENT_CONFIG/config/config.php
return [
'filename_templates' => [
'download_rendition' => [
[
'filter' => [],
'token' => '%material.id%_%material.name%_%rendition.created_at%'
],
]
]
];
# Token Replacements
For Filename templates, the TokenReplacer is used which parses %some.term% terms which are place between
percent-characters. The dot notation is used evaluated with the given context.
Context for Filename Templates
[
'material' => [
'material_field_a' => 'value',
'material_field_b' => 'another value',
// the list of all fields with their values
// are available for use within a token
],
// the date and time of the rendition creation
'rendition.created_at' => '2020-01-02 13:44:12'
];
With the above example of material.id%_%material.name%_%rendition.created_at% the downloaded file
would be named like 123_The name of the material_2020-01-02 13:44:12.zip
# Emptying Trashes
todo
# Filters Settings
todo
# My Materials Filter
This SCP feature gives user option to only show materials that are created by him.
This feature is enabled by default.
To disable it apply:
<?php
// CLIENT_CONFIG/config/config.php
return [
'my_materials_filter' => false
];
When enabled, it will offer user two new options in filters area: My Materials and All Materials.
# MFA
Multifactor Authentication (MFA) is a security method that requires users to provide two or more different types of verification to prove their identity. It is activated for Production and Staging by default. The client can enable/disable the feature.
'mfa' => [
'enabled' => true,
]
If enabled, the button will redirect you to Fusionauth configuration page for MFA.
← Defaults Auth Codes →