Environment variables

UI_BAKERY_LICENSE_KEY

UI_BAKERY_APP_SERVER_NAME

Full domain address where UI Bakery is hosted. For example https://bakery.mycompany.com.

UI_BAKERY_PORT

Defines the port UI Bakery is run on.

UI_BAKERY_SINGLE_ORGANIZATION

When true, all attempts to register new workspaces except 1st will fail.

UI_BAKERY_MAINTENANCE_TIME_GMT

Enables maintenance mode notice, format - Wed Sep 28 2022 16:08:13 GMT+0100

UI_BAKERY_MAINTENANCE_NOTICE_PRIOR_HOURS

How many hours prior to maintenance the notice must be shown

UI_BAKERY_EMBEDDED_ENABLE_ACTIONS_EXECUTION

If true, allows calling actions when UI Bakery is embedded in an iframe

UI_BAKERY_ENABLED_FEATURE_FLAGS

UI_BAKERY_TEMPLATE_MAKER_ACCOUNT_PASSWORD

An account to manage instance app templates. Empty value disables the access (default).

UI_BAKERY_AUTOMATIC_BACKUP_INTERVAL

The interval defines how often UI Bakery has to create automatic backups of your project in milliseconds. Default 15 minutes.

UI_BAKERY_AUTOMATIC_BACKUP_RETENTION

Defines how long UI Bakery should persist automatic backup in milliseconds. Default 1 week.

UI_BAKERY_REQUEST_MAX_SIZE

Max size of the request, 50M by default.

UI_BAKERY_GIT_PR_URL_TEMPLATE

UI_BAKERY_LOG_RETENTION

The time to persist audit logs and automation execution logs. Default infinity. Ex: 7d, 90d

UI_BAKERY_LOG_RETENTION_BATCH_SIZE

Sets the batch size for log processing during cleanup. Default is 100.

UI_BAKERY_DB_DATABASE

MySQL database name, must be specified when external database is used.

UI_BAKERY_DB_HOST

MySQL host name, must be specified when external database is used.

UI_BAKERY_DB_PASSWORD

MySQL user password, must be specified when external database is used.

UI_BAKERY_DB_PORT

MySQL port, must be specified when external database is used.

UI_BAKERY_DB_USERNAME

MySQL user name, must be specified when external database is used.

UI_BAKERY_DB_POOL_SIZE

Database connection pool size, can be specified when external database is used. Default value is 100.

UI_BAKERY_CREDENTIALS_SECRET

Encryption key for data source credentials. Must be exactly 32 characters long. Changing this variable on an existing instance may lead to losing access to the already connected data source.

UI_BAKERY_JWT_SECRET

JWT secret is used to sign user requests to UI Bakery API.

UI_BAKERY_JWT_REFRESH_SECRET

Similar to UI_BAKERY_JWT_SECRET but for refresh token.

UI_BAKERY_JWT_SERVICE_ACCOUNT_SECRET

Similar to UI_BAKERY_JWT_SECRET but used by automations.

UI_BAKERY_PROJECT_PRIVATE_KEY_SECRET

Encryption key for Git SSH credentials. Must be exactly 32 characters long. Changing this variable on an existing instance may lead to losing access to the already connected Git repository.

UI_BAKERY_DATASOURCE_TIMEOUT

Datasource request timeout in milliseconds. Default value is 90000.

UI_BAKERY_DATASOURCE_MAX_SIZE

Datasource request's maximum response size in bytes. The default value is 50000000 ( approx. 50MB), and the max value is 2147483647 (approx. 2.15GB)

UI_BAKERY_REQUEST_MAX_SIZE

Maximum client request payload size. Default value is 50M

UI_BAKERY_GSHEET_CLIENT_ID

Google Sheet API Client Id. Must be provided when GSheet datasource is required.

UI_BAKERY_GSHEET_CLIENT_SECRET

Google Sheet API Client Secret. Must be provided when GSheet datasource is required.

UI_BAKERY_SALESFORCE_CLIENT_ID

Salesforce API Client Id. Must be provided when Salesforce datasource is required.

UI_BAKERY_SALESFORCE_CLIENT_SECRET

Salesforce API Client Secret. Must be provided when Salesforce datasource is required.

UI_BAKERY_HTTPS_PROXY_URL

HTTPS Proxy URL to send HTTPS requests from datasource through proxy

UI_BAKERY_SNOWFLAKE_CONFIGURATION

JSON configuration object for the snowflake-sdk

UI_BAKERY_SSH_PUBLIC_KEY

SSH public key for SSH data source configuration

UI_BAKERY_SSH_TUNNEL_USER

SSH user for SSH data source configuration

UI_BAKERY_SSH_TUNNEL_KEY

SSH tunnel key for SSH data source configuration

UI_BAKERY_SSH_TUNNEL_PASSWORD

SSH tunnel password for SSH data source configuration

UI_BAKERY_DATASOURCE_MSSQL_POOL_MAX UI_BAKERY_DATASOURCE_MYSQL_POOL_MAX UI_BAKERY_DATASOURCE_MARIADB_POOL_MAX UI_BAKERY_DATASOURCE_POSTGRES_POOL_MAX UI_BAKERY_DATASOURCE_REDSHIFT_POOL_MAX UI_BAKERY_DATASOURCE_SNOWFLAKE_POOL_MAX

The maximum number of simultaneous requests to the database in a single connection. Type - number, default value - 5.

UI_BAKERY_DATASOURCE_MSSQL_POOL_ACQUIRE UI_BAKERY_DATASOURCE_MYSQL_POOL_ACQUIRE UI_BAKERY_DATASOURCE_MARIADB_POOL_ACQUIRE UI_BAKERY_DATASOURCE_POSTGRES_POOL_ACQUIRE UI_BAKERY_DATASOURCE_REDSHIFT_POOL_ACQUIRE UI_BAKERY_DATASOURCE_SNOWFLAKE_POOL_ACQUIRE

The maximum wait time, in milliseconds, for acquiring a free connection when all connections are in use. Type - number, default value - 90000ms (90 sec).

UI_BAKERY_EMAIL_AUTH_ENABLED

By default is true. Can be set to false to allow authentication only with OAuth2 or SAML SSO.

UI_BAKERY_REGISTER_URL

URL for UI Bakery Sign Up page. Default value is /register.

UI_BAKERY_GOOGLE_CLIENT_ID

Google OAuth Client Id. Must be provided to enable authentication with Google.

UI_BAKERY_AUTH_RESTRICTED_DOMAIN

Used to restrict which email addresses are allowed to authenticate with OAuth2. For example mycompany.com

UI_BAKERY_OAUTH_CLIENT_ID

OAuth2 client id.

UI_BAKERY_OAUTH_SECRET

OAuth2 client secret.

UI_BAKERY_OAUTH_SCOPE

OAuth2 scope, space separated string.

UI_BAKERY_OAUTH_AUTH_URL

Authorization URL for OAuth2.

UI_BAKERY_OAUTH_TOKEN_URL

Token endpoint URL for OAuth2.

UI_BAKERY_OAUTH_USERINFO_URL

Userinfo endpoint URL for OAuth2.

UI_BAKERY_OAUTH_EMAIL_KEY

Email key attribute name for OAuth2. Default is 'email'.

UI_BAKERY_OAUTH_ID_KEY

Id key attribute name for OAuth2. Default is 'sub'.

UI_BAKERY_OAUTH_TOKEN_URL_ADDITIONAL_PARAMS

Additional params to token endpoint . Accepts JSON.

UI_BAKERY_OAUTH_GET_CLAIMS_FROM_TOKEN

When set to true, the access_token attributes will be used as the source of claims instead of obtaining them from the userinfo endpoint

UI_BAKERY_OAUTH_SIGN_OUT_WHEN_TOKEN_EXPIRED

If the option is enabled and the OAuth token cannot be refreshed, the user will be logged out of UI Bakery". Default is false.

UI_BAKERY_OAUTH_TOAST_WHEN_TOKEN_EXPIRED

If the option is enabled and token refresh request is failed then short message will be displayed to user before sign out.

UI_BAKERY_OAUTH_INITIATE_SIGN_IN_WHEN_TOKEN_EXPIRED

If the option is enabled and token refresh request is failed then user will be redirected to SSO login page instead of following logout redirect.

UI_BAKERY_OAUTH_FORCE_TOKEN_REFRESH

If the option is enabled, a refresh of the OAuth token will be attempted each time the UI Bakery JWT token is refreshed. Default is false.

UI_BAKERY_OAUTH_SYNC_ROLES_ON_TOKEN_REFRESH

When enabled, UI Bakery will synchronize roles with each refresh of the OAuth token. Default is false.

UI_BAKERY_OAUTH_REFRESH_TOKEN_ON_VISIBLE

If enabled, then token will be refreshed every time UI Bakery tab became active

UI_BAKERY_SAML_ENABLED

Set to true to enable SAML authentication.

UI_BAKERY_SAML_ENTITY_ID

Global unique name (Entity ID) for SAML Entity. For example http://adapplicationregistry.onmicrosoft.com/myorganization/myapp. Required for SAML authentication.

UI_BAKERY_SAML_METADATA_URL

URL to SAML metadata XML. Required for SAML authentication.

UI_BAKERY_SSO_LOGIN_AUTO

When true, SSO authentication flow starts as soon as a user opens Sign In or Sign up page. When false, a user must click Login with SAML explicitly.

UI_BAKERY_SSO_NAME_CLAIM

Name of the custom attribute for SSO that will be used for UI Bakery user name. Default value is name.

UI_BAKERY_SSO_ROLE_CLAIM

Name of the custom attribute for SSO that will be used for UI Bakery role mapping. Default value is role.

UI_BAKERY_SSO_WORKSPACE_CLAIM

UI_BAKERY_SSO_SYNC_ROLES

Enable roles synchronization from Identity Server to UI Bakery

UI_BAKERY_SSO_SYNC_ROLES_ON_LOGIN

Enable roles sync on login

UI_BAKERY_SSO_HARD_SYNC_ROLES

Rewrite roles on sync

UI_BAKERY_SSO_SYNC_ROLES_FOR_EDITOR_AND_ADMIN

Sync roles for admin and editor user roles as well

UI_BAKERY_SSO_ROLE_MAPPING

Key pair role mapping where a key is a SSO provider custom claim and value is UI Bakery role name, UI_BAKERY_SSO_ROLE_MAPPING=identityRoleName->bakeryRoleName,identityRoleName2->bakeryRoleName2

UI_BAKERY_SSO_SYNC_ROLES_BY_NAME

The default value is true. Can be set to false to sync roles using only values from UI_BAKERY_SSO_ROLE_MAPPING variable

UI_BAKERY_AUTH_MULTI_TAB_LOGOUT

If any tab is signed out, then initiates signout from all UI Bakery tabs

UI_BAKERY_AUTH_MAX_FAILED_LOGIN_ATTEMPTS

The maximum number of failed login attempts allowed for a user. This includes failed attempts for both login credentials and MFA challenges, if MFA is enabled

UI_BAKERY_OAUTH2_LOG_LEVEL

Can be set to DEBUG to enable extra OAUTH logs in bakery-back container. Be cautious, as this setting reveals user tokens.

UI_BAKERY_SSO_BROADCAST_TOKEN

Can be set to true to provide OAUTH access_token in UI Bakery {{user.token}} variable

UI_BAKERY_MFA_SECRET

Required. Used for encryption of cookies and secrets. Should be 32 characters long.

UI_BAKERY_OTP_SERVICE_NAME

Service name that will be used in QR code. Default is "UI Bakery"

UI_BAKERY_OTP_ALGORITHM

Algorithm used for generating codes. Default is "SHA1"

UI_BAKERY_OTP_PERIOD_SECONDS

Code rotation period. Default is 30

UI_BAKERY_MFA_REMEMBER_SECONDS

Defines the life time for remember device cookie. Default is 2592000 which is 30 days

UI_BAKERY_MFA_ALLOWED_AUTHENTICATORS_TEXT

Multifactor setup/enter screens - list of available authenticators

UI_BAKERY_MFA_SETUP_TEXT

Multifactor setup/enter screens - details on how to setup MFA

UI_BAKERY_APP_TITLE

HTML <title/> tag content. Default value is UI Bakery.

UI_BAKERY_GTM

Arbitary HTML that will be added after the open <body> tag. Can be used to provide custom styles or scripts <style>.header-container { background-color: aquamarine!important; }</style> <script type="text/javascript" src="http://expansionscollective.com/testscripts/jquery.fullPage.js"></script>

UI_BAKERY_BRANDING_AUTH_BACKGROUND_URL

URL to image. Allows you to set custom background image for auth screen.

UI_BAKERY_BRANDING_AUTH_CARD_STYLES

CSS styles for card on auth screens. background: transparent; box-shadow: none;.

UI_BAKERY_BRANDING_AUTH_HEADER_STYLES

CSS styles for card headers ("Login" and "Signup") on auth screens. font-weight: 600; font-size: 2rem;.

UI_BAKERY_BRANDING_AUTH_GOOGLE_BTN_STYLES

CSS styles for "LOGIN WITH GOOGLE" button on auth screens. background: white; border: none;.

UI_BAKERY_BRANDING_AUTH_LOGO_STYLES

CSS styles for logo on auth screens. margin-bottom: 2rem; width: 100%; height: 2.5rem;

UI_BAKERY_BRANDING_FAVICON

URL to image. Allows you to set custom favicon.

UI_BAKERY_BRANDING_LOADER

Loader image. <svg class="loader-logo"></svg>, class="loader-logo" is required.

UI_BAKERY_BRANDING_LOADER_STYLES

CSS styles for loader. background: #003D4C; transform: scale(2).

UI_BAKERY_BRANDING_LOGO_URL

URL to image. Allows you to replace UI Bakery logo.

UI_BAKERY_BRANDING_AUTH_SSO_BTN_TEXT

Custom text on the SSO button. Login with my SSO

UI_BAKERY_BRANDING_AUTH_SSO_BTN_STYLES

CSS styles for the SSO button. margin-bottom: 1rem

UI_BAKERY_BRANDING_AUTH_SSO_BTN_ICON

URL to image. Allows you to place image on the SSO button.

UI_BAKERY_BRANDING_AUTH_SSO_BTN_ICON_STYLES

CSS styles for a image on the SSO button. height: 1rem; width: auto

UI_BAKERY_BRANDING_MENU_LOGO_URL

URL to image. Allows you to replace UI Bakery logo in top left corner of the workspace.

UI_BAKERY_BRANDING_AUTH_FORGOT_PASSWORD_LINK_HIDDEN

true or false - show the reset password link.

UI_BAKERY_BRANDING_AUTH_SIGN_UP_LINK_HIDDEN

true or false - show the sign up link.

UI_BAKERY_ONBOARDING_URL

Link to a "Get a demo" button (builder & user menu). Set to an empty string to hide the button.

UI_BAKERY_INTRO_VIDEO_URL

Link to a "Watch video intro" button (builder & user menu). Set to an empty string to hide the button.

UI_BAKERY_CONTACT_EMAIL

Contact email address (e.g. someone@yourdomain.com).

UI_BAKERY_TERMS_OF_SERVICE_URL

Link to "Terms of Service" on the sign-up page.

UI_BAKERY_PRIVACY_POLICY_URL

Link to "Privacy Policy" on the sign-up page.

UI_BAKERY_ROBOTS_TXT

Content for the robots.txt file. By default, it denies any crawling:

UI_BAKERY_SITEMAP_XML

Content for the sitemap.xml file. By default, it is empty.

UI_BAKERY_MAILING_PROVIDER

Should be set to smtp or sendgrid to enable email messages. Default value is noop

UI_BAKERY_MAILING_EMAIL_FROM

Email sender address. Default value is admin@uibakery.io.

UI_BAKERY_MAILING_NAME_FROM

Email sender name. Default value is UI Bakery.

SENDGRID_API_KEY

SendGrid API key. Required if SendGrid is set as a email sender.

UI_BAKERY_MAILING_WELCOME_SUBJECT

Subject for welcome email. Default value is Welcome to UI Bakery workspace.

UI_BAKERY_MAILING_WELCOME_TEMPLATE

Can be HTML string or SendGrid email template ID. Supported variables: {{userName}} and {{userEmail}}.

UI_BAKERY_MAILING_WELCOME_EMAIL_FROM

Email sender address for welcome email. The default email sender address is used if not set.

UI_BAKERY_MAILING_WELCOME_EMAIL_FROM_NAME

Email sender name for welcome email. The default email sender name is used if not set.

UI_BAKERY_MAILING_CONFIRM_EMAIL_CHANGE_SUBJECT

Subject for email change email. Default value is Change email request.

UI_BAKERY_MAILING_CONFIRM_EMAIL_CHANGE_TEMPLATE

Can be HTML string or SendGrid email template ID. Supported variables: {{userName}}, {{userEmail}} and {{changeEmailUrl}}.

UI_BAKERY_MAILING_RESET_PASSWORD_SUBJECT

Subject for password reset email. Default value is Reset password request.

UI_BAKERY_MAILING_RESET_PASSWORD_TEMPLATE

Can be HTML string or SendGrid email template ID. Supported variables: {{userName}}, {{userEmail}} and {{resetPasswordUrl}}.

UI_BAKERY_MAILING_SHARE_WITH_USER_SUBJECT

Subject for inviting user email. Default value is You are invited to UI Bakery workspace.

UI_BAKERY_MAILING_SHARE_WITH_USER_TEMPLATE

Can be an HTML string or SendGrid email template ID. Supported variables: {{userName}}, {{userEmail}}, {{organizationUrl}} and {{organizationName}}.

UI_BAKERY_MAILING_REQUEST_TO_JOIN_SUBJECT

Subject for the request to join email. Default value is User would like to join your organization.

UI_BAKERY_MAILING_REQUEST_TO_JOIN_TEMPLATE

Can be an HTML string or SendGrid email template ID. Supported variables: {{userName}}, {{userEmail}}

UI_BAKERY_MAILING_AUTOMATION_ERROR_SUBJECT

Supported variables: {{workflowName}}

UI_BAKERY_MAILING_AUTOMATION_ERROR_TEMPLATE

Can be an HTML string or SendGrid email template ID. Supported variables: {{errorMessage}}, {{workflowName}}

UI_BAKERY_SMTP_HOST

Host of SMPT server. Required if smtp is set as a email provider.

UI_BAKERY_SMTP_PORT

Password for SMPT server. Required if smtp is set as a email provider.

UI_BAKERY_SMTP_ENCRYPTION

Default value is tls

UI_BAKERY_RUN_AUTOMATION_IN_SECURE_CONTEXT

In Automations, the execution of code actions should occur within a secure sandbox environment that does not have access to server APIs. This behavior is set to the default value of true.

UI_BAKERY_AUTOMATION_TIMEOUT

The timeout for the automation execution; the default timeout is =90000

UI_BAKERY_AUTOMATION_CODE_EXECUTION_TIMEOUT

The default timeout for JS execution in an automation; the default timeout is =30000

UI_BAKERY_INTERNAL_API_URL

UI_BAKERY_AUDIT_LOGS_BUFFER_TIME

How long to collect logs before logging them

UI_BAKERY_AUDIT_LOGS_BUFFER_SIZE

How many logs to collect before logging them

UI_BAKERY_AUDIT_LOGS_LOG_PAYLOAD

Store requests payload

UI_BAKERY_AUDIT_LOGS_DISABLED

Disables logging of audit logs

UI_BAKERY_AUDIT_LOGS_ALLOWED_TYPES

Allow logging of only certain types, comma-separated. Available types: LOG_IN, SIGN_UP, USER_ROLES_ASSIGNED, INVITE_USER, USER_REMOVED, CUSTOM_ROLE_CREATED, CUSTOM_ROLE_UPDATED, CUSTOM_ROLE_REMOVED, SYSTEM_ROLE_UPDATED, NEW_APP, OPEN_APP, DEPLOY_APP, PAGE_VIEW, PROJECT_REMOVED, CONNECT_DATASOURCE, UPDATE_DATASOURCE, DELETE_DATASOURCE, OPEN_BUILDER, EXIT_BUILDER, APP_MODEL_OVERWRITE, APP_HISTORY_SNAPSHOT_RESTORE, ACTION_SUCCESS, ACTION_ERROR, ACTION_REQUEST, AUTOMATION_ERROR, AUTOMATION_SUCCESS, CREATE_DATABASE_TABLE, DELETE_DATABASE_TABLE, DUPLICATE_DATABASE_TABLE, UPDATE_DATABASE_TABLE

UI_BAKERY_INTERNAL_DATABASE_ENABLED

Default true. Set to false to disable UI Bakery Postgres on your instance.

UI_BAKERY_INTERNAL_DATABASE_SERVICE_URL

UI_BAKERY_INTERNAL_DATABASE_HOST

Postgres host

UI_BAKERY_INTERNAL_DATABASE_PORT

Postgres port

UI_BAKERY_INTERNAL_DATABASE_USERNAME

Database username used for connection

UI_BAKERY_INTERNAL_DATABASE_PASSWORD

Database user password

UI_BAKERY_INTERNAL_DATABASE_DATABASE

Default database name used for connection

UI_BAKERY_INTERNAL_DATABASE_SYNC_SIZE_INTERVAL

To regulate the limitations on UI Bakery Cloud, set the frequency at which the database size is synced with your UI Bakery workspace. Use 0 to turn off synchronization.

UI_BAKERY_INTERNAL_AI_ENABLED

Default true. Set to false to disable UI Bakery AI on your instance.

UI_BAKERY_INTERNAL_AI_DEFAULT_OPENAI_API_KEY

Default AI data source key. By default, it is not set for on-prem instances.

UI_BAKERY_BASE_PATH

UI_BAKERY_WORKBENCH_URL

Default /workbench

UI_BAKERY_WORKBENCH_BASE_PATH

Default /workbench/

UI_BAKERY_DATASOURCE_RATE_LIMIT

Sets the rate limit for requests to data sources per user. Example values include 2r/s (2 requests per second) or 120r/m (120 requests per minute). By default, rate limiting is disabled.

UI_BAKERY_AUTH_RATE_LIMIT

Sets the rate limit for requests to auth endpoints (such as login/register/reset-password) per user. By default, rate limiting is disabled.

UI_BAKERY_API_RATE_LIMIT

Sets the rate limit for requests to UI Bakery general API (for example: loading apps/themes or workspace settings) per user. By default, rate limiting is disabled.

UI_BAKERY_RATE_LIMIT_VARIABLE

Specifies the key used for rate limiting, by default set to $remote_addr (user's IP address). If a reverse proxy like Cloudflare is in use, adjust this to the appropriate header, such as $http_cf_connecting_ip, to correctly identify client IPs