Skip to main content

Configurations

Using environment variables, you can configure the PDP to suit your needs. Since the PDP uses OPAL under the hood, all of OPAL Configurations are also available with a OPAL_ prefix. PDP specific configurations are available with a PDP_ prefix.

info

PDP versions follow Semantic Versioning conventions. Hence, minor versions (e.g., 1.2.3 to 1.2.4) do not introduce breaking changes. For further details and more information, see SemVer

PDP Configurations

PDP_API_KEY

Default: MUST BE DEFINED

The API key used to authenticate the PDP against Permit.io. See more details about API Keys

note

This is a required configuration. The key must be an Environment-level API Key.

PDP_CONTROL_PLANE

Default: https://api.permit.io

The URL of the Permit.io control plane.

PDP_DEBUG

Default: None

Enables debug mode, which injects debug attributes to OPA policy queries. The available configurations are:

  • PDP_DEBUG=None - The default behavior - will use the configuration set by Permit.io Cloud.
  • PDP_DEBUG=True - Will enable Debug Mode for this specific PDP.
  • PDP_DEBUG=False - Will disable Debug Mode for this specific PDP.
warning

Turning on Debug Mode will impact policy evaluation latency. Thus, it is recommended to disable Debug Mode when running in production.

For more detailed configuration about the PDP Debug Mode, please check the full documentation here.

PDP_PORT

Default: 7766

The port the PDP server will listen on.

PDP_USE_NEW_AUTHORIZED_USERS

Default: false

Feature flag for enabling the new authorized users implementation. This feature is controlled by the control plane.

Added in PDP v0.9.0

PDP_SHARD_ID

Default: None

The shard id of this PDP, used to identify the PDP in the control plane

PDP_CONTROL_PLANE_PDP_DELTAS_API

Default: https://pdp-deltas.api.permit.io

The URL of the Permit.io PDP Deltas API.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

PDP_CONTROL_PLANE_RELAY_API

Default: https://opal-relay.api.permit.io

The URL of the Permit.io Relay API.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

PDP_CONTROL_PLANE_RELAY_JWT_TIER

Default: https://relay-jwt.api.permit.io

The URL of the Permit.io Relay JWT API.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

PDP_BACKEND_SERVICE_URL

Default: https://api.permit.io/v2

The Permit.io service URL where proxy requests are sent.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

PDP_BACKEND_LEGACY_URL

Default: https://api.permit.io/sdk

The legacy Permit.io service URL where proxy requests are sent.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

PDP_REMOTE_CONFIG_ENDPOINT

Default: /v2/pdps/me/config

The control plane route to fetch policy data topics.

PDP_REMOTE_STATE_ENDPOINT

Default: /v2/pdps/me/state

The control plane route to push state changes.

PDP_DECISION_LOG_DEBUG_INFO

Default: True

Log verbose debug information about decision logs.

PDP_PRINT_CONFIG_ON_STARTUP

Default: False

Print the PDP configuration on startup.

PDP_ENABLE_MONITORING

Default: False

Enables Datadog APM tracing.

PDP_CENTRAL_LOG_DRAIN_URL

Default: https://listener.logz.io:8071

The URL for centralized logging.

PDP_CENTRAL_LOG_DRAIN_TIMEOUT

Default: 5

The timeout for the centralized log drain, in seconds.

PDP_CENTRAL_LOG_TOKEN

Default: None

The token used for centralized logging.

PDP_CENTRAL_LOG_ENABLED

Default: False

Forward logs to the centralized logging service.

danger

This feature is deprecated and will be removed in future versions.

PDP_PING_INTERVAL

Default: 10

The interval for pinging the control plane, in seconds.

PDP_OPA_CLIENT_QUERY_TIMEOUT

Default: 1

The timeout for querying OPA for an allow decision, in seconds. 0 means no timeout.

PDP_OPA_CLIENT_FAILURE_THRESHOLD

Default: 0.1

The percentage of failed requests to OPA that will trigger a failure, causing the healthcheck to fail.

PDP_OPA_CLIENT_FAILURE_THRESHOLD_INTERVAL

Default: 60

The interval to calculate the failure threshold, in seconds.

PDP_OPA_CONFIG_FILE_PATH

Default: ~/opa/config.yaml

The path on the container for OPA config file.

PDP_OPA_AUTH_POLICY_FILE_PATH

Default: ~/opa/basic-authz.rego

The path on the container for OPA authorization policy (rego file).

PDP_OPA_BEARER_TOKEN_REQUIRED

Default: True

If true, all API calls to OPA must provide a bearer token (the value of CLIENT_TOKEN).

PDP_OPA_DECISION_LOG_ENABLED

Default: True

If true, OPA decision logs will be uploaded to the Permit.io cloud console.

PDP_OPA_DECISION_LOG_CONSOLE

Default: False

If true, OPA decision logs will also be printed to console (only relevant if OPA_DECISION_LOG_ENABLED is true).

PDP_OPA_DECISION_LOG_INGRESS_ROUTE

Default: /v2/decision-logs/ingress

The route on Permit.io the decision logs will be uploaded to.

PDP_OPA_DECISION_LOG_INGRESS_BACKEND_TIER_URL

Default: https://decision-log-ingress.api.permit.io

The URL that decision logs will be uploaded to. Automatically configured by the control plane.

PDP_OPA_DECISION_LOG_MIN_DELAY

Default: 1

The minimum amount of time (in seconds) to wait between decision log uploads.

When unable to upload logs, the PDP performs an exponential backoff up to PDP_OPA_DECISION_LOG_MAX_DELAY until a successful upload.

PDP_OPA_DECISION_LOG_MAX_DELAY

Default: 10

The maximum amount of time (in seconds) to wait between decision log uploads.

PDP_OPA_DECISION_LOG_UPLOAD_SIZE_LIMIT

Default: 65536

Log upload size limit in bytes. OPA will chunk uploads to cap message body to this limit.

PDP_ALLOW_METRICS_UNAUTHENTICATED

Default: False

If true, the /metrics endpoint will be accessible without authentication.

PDP_LOCAL_FACTS_WAIT_TIMEOUT

Default: 10

When using SDK proxy facts via PDP, the default time to wait for the facts to be available, in seconds.

PDP_TEMP_LOG_FORMAT

Default: <green>{time}</green> | {process} | <blue>{name: <40}</blue>|<level>{level:^6} | {message}</level>

Change this parameter to change the log format (e.g. remove colors).

PDP_LOCAL_FACTS_TIMEOUT_POLICY

Default: ignore

The policy to use when the PDP fails to apply a data update within the timeout period.

  • ignore: Respond immediately when data update did not apply within the timeout period
  • fail: Respond with 424 status code when data update did not apply within the timeout period

PDP_DATA_UPDATE_CALLBACKS

Default: []

List of data update callbacks to be called when data is updated. For example:

[
{
"url": "http://example.com/callback",
"key": "example", // optional
"config": { // optional
"headers": {
"Authorization": "Bearer token"
},
"method": "GET",
"data": {
"key": "value"
}
}
}
]

The default config is: {"method": "POST"}.

For more information, see the CallbackEntry interface.

note

Data update callbacks can increase data synchronization latency. Optimize the callback endpoint to handle expected loads efficiently.

PDP_FACTDB_ENABLED

Default: False

Enable FactDB for this PDP. For more information, see the FactDB documentation.

PDP_CACHE_STORE

Default: none

The cache storage type. Options include: none, in-memory, and redis. For more information, see the PDP Cache documentation.

Added in PDP v0.9.0

PDP_CACHE_TTL

Default: 3600

Time-to-live in seconds for cached items.

Added in PDP v0.9.0

PDP_CACHE_MEMORY_CAPACITY

Default: 128

Memory capacity in MiB for in-memory cache (when using in-memory store).

Added in PDP v0.9.0

PDP_CACHE_REDIS_URL

Default: "" (empty string)

Redis connection URL (when using redis store).

Added in PDP v0.9.0

PDP_HORIZON_PORT

Default: 7001

The port for the Horizon service. Horizon is the PDP's internal Python service bridge that facilitates communication between different components within the PDP.

Added in PDP v0.9.0

PDP_HORIZON_CLIENT_TIMEOUT

Default: 60

Timeout in seconds for Horizon client requests.

Added in PDP v0.9.0

PDP_HORIZON_NICENESS

Default: 10

The niceness value for the PDP Horizon process (the internal Python service). Niceness values range from -20 (highest priority) to 19 (lowest priority), where 0 represents equal priority.

This setting helps manage CPU resource allocation, particularly the interaction between the Horizon service and the OPA process. A higher value (e.g., 10, the default) makes Horizon 'nicer', yielding CPU more readily to other processes like OPA.

Added in PDP v0.9.0

PDP_OPA_URL

Default: http://localhost:8181

URL for the Open Policy Agent service.

Added in PDP v0.9.0

OPAL Configurations

note

The list below includes only the configurations that are most commonly used. Additional configurations are available in the OPAL documentation.

OPAL_SERVER_URL

Default: https://opal-v2.permit.io

The URL of the OPAL server.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

OPAL_SERVER_WS_URL

Default: wss://opal-v2.permit.io

The WebSocket URL of the OPAL server.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

OPAL_CLIENT_TOKEN

Default: automatically configured

The client token used to authenticate the PDP against the OPAL server.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

OPAL_INLINE_OPA_ENABLED

Default: True

When enabled, run OPA inside the PDP server.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

OPAL_INLINE_OPA_LOG_FORMAT

Default: none

The log format for OPA logs.

  • none - no logs
  • minimal - only the event name is logged
  • http - log HTTP method, path, and status code
  • full - log the entire data returned

OPAL_INLINE_CEDAR_ENABLED

Default: True

When enabled, run Cedar inside the PDP server.

info

This configuration is controlled by Permit.io, changing it can cause your PDP to malfunction.

OPAL_INLINE_CEDAR_LOG_FORMAT

Default: none

The log format for Cedar logs.

  • none - no logs
  • minimal - only the event name is logged
  • http - log HTTP method, path, and status code
  • full - log the entire data returned

OPAL_FETCHING_WORKER_COUNT

Default: 6

The number of workers to use for fetching data concurrently.

OPAL_FETCHING_CALLBACK_TIMEOUT

Default: 60

The timeout for fetching the callback, in seconds.

OPAL_FETCHING_ENQUEUE_TIMEOUT

Default: 10

The timeout for queueing a fetch, in seconds.

OPAL_ENABLE_DATADOG_APM

Default: False

Enables Datadog APM tracing.

note

Additional configurations are available in the OPAL documentation.

OPAL_LOG_DIAGNOSE

Default: False

Include diagnosis in log messages.

danger

When OPAL_LOG_DIAGNOSE is set to True, it may print sensitive information, including secrets.

note

Additional configurations are available in the OPAL documentation.

OPAL_LOG_SERIALIZE

Default: False

Serialize log records as JSON format to STDERR (useful for log aggregation services)

note

Additional configurations are available in the OPAL documentation.

Additional Configurations

UVICORN_NUM_WORKERS

Default: 1

The number of parallel workers to run the PDP server on.

UVICORN_PORT

Default: 7000

The port to run the PDP server on.

GUNICORN_TIMEOUT

Default: 600

Maximum idle / unresponsive time before a worker is killed, in seconds. For more information, see the Gunicorn documentation.