Skip to content



The Docker image provided for Signing Agent provides a control file, or configuration file, config.yaml.


Customize the properties of config.yaml to suit your needs.

The following table presents each property.

Property Sub-property Sub-property/Options Description
base Controls connection properties
qredoApi or Base domain for the production or sandbox environment
pin Pin number used to provide a Zero-Knowledge proof token for communication with the Partner API. This token is passed in the “x-api-zkp” header for authentication.
autoApproval Enables automatic approval of all transactions
enabled true, false Toggles automatic approval on/off
retryIntervalMaxSec Maximum time for which the Signing Agent retries approval attempts. Failure fallback applies after this period
retryIntervalSec Interval between approval attempts. Cycled until retryIntervalMaxSec is reached
qredoWebsocket Qredo provides a WebSocket to collect transaction approval requests from
ws_scheme wss The scheme to use for the web socket feed connection. Note, Qredo WebSocket services support WSS calls
reconnectTimeoutSec Timeout in seconds for connection attempt
reconnectIntervalSec Interval in seconds between connection attempts
pingPeriodSec The ping period for the ping handler in seconds
pongWaitSec The pong wait for the pong handler in seconds
writeWaitSec The write wait in seconds
readBufferSize The WebSocket upgrader read buffer size in bytes
writeBufferSize The WebSocket upgrader write buffer size in bytes
addr The address and port the service runs on
CORSAllowOrigins * Optional: The value assigned to the Access-Control-Allow-Origin of the responses of the build in API. If not required, pass *.
logAllRequests true, false Toggles logging of incoming requests to the build in API on/off
TLS Array of TLS configurations for the internal HTTP server
enabled Toggles whether TLS is enabled on/off with true, false
keyFile If enabled is true, specifies the key file to use for the TLS server
certFile If enabled is true, specifies the cert file to use for the TLS server
format File format for the log
level debug, info, warn, error Log level; default is debug
enable true, false Toggles whether load balancing logic is on/off
onLockErrorTimeoutMs On lock timeout in milliseconds
actionIDExpirationSec Expiration of action_id variable in Redis in seconds
host Redis host
port Redis port
password Redis password
store Store type holding private key information for the Signing Agent
type file, oci, aws
file If store type is file, pass path to the storage file
oci If store type is Oracle cloud configuration, details for the Oracle vault
compartment OIDC where the vault and encryption key reside
vault OIDC of the vault where the secret will be stored
secretEncryptionKey Encryption key used for both the secret and the data inside the secret
configSecret Name of secret that will be used to store the data
aws Amazon cloud configuration to store the private keys in amazon secrets manager
region If using AWS Secrets Manager, AWS region where the secret is stored
configSecret If using AWS Secrets Manager, name of the AWS Secrets Manager secret containing the encrypted data

Example configuration values


Note, this is not an example configuration file, as examples are provided for properties that would conflict, such as storing/passing the private key by different methods.

Property Sub-property Sub-property Example
pin 0
enabled false
retryIntervalMaxSec 300
retryIntervalSec 5
ws_scheme wss
reconnectTimeoutSec 300
reconnectIntervalSec 5
pingPeriodSec 5
pongWaitSec 10
writeWaitSec 10
readBufferSize 512
writeBufferSize 1024
CORSAllowOrigins *
logAllRequests false
enabled true
keyFile tls/domain.crt
certFile tls/domain.key
format text
level debug
enable false
onLockErrorTimeoutMs 300
actionIDExpirationSec 6
host redis
port 6379
password ""
db 0
type file
file /volume/ccstore.db
compartment ocid1.tenancy.oc1...
vault ocid1.vault.oc1...
secretEncryptionKey ocid1.key.oc1...
configSecret automatedApproverConfig
region aws-region-...
configSecret secretsManagerSecret...

Last update: 2023-01-09