Important

You are browsing the documentation for version 4.2 of OroCommerce, OroCRM and OroPlatform, which is no longer maintained. Security Support ends in January 2024. Read version 5.0 (the latest LTS version) of the Oro documentation to get the updated information.

See our Release Process documentation for more information on the currently supported and upcoming releases.

Bundles’ Configuration

To display the default configuration value, run the following command with the extension alias (root node) at the end:

php bin/console config:dump-reference -eprod [alias]

To display the actual configuration values used in your application, run the following command with the extension alias at the end:

php bin/console debug:config -eprod [alias]

oro_api

The default configuration for extension with alias “oro_api”:

oro_api:
    # The prefix of REST API URLs.
    rest_api_prefix:      /api/

    # The regular expression pattern to which REST API URLs are matched.
    rest_api_pattern:     '^/api/(?!(rest|doc)($|/.*))'

    # The maximum number of nesting target entities that can be specified in "Resources/config/oro/api.yml".
    config_max_nesting_level: 3

    # The default page size. It is used when the page size is not specified in a request explicitly.
    default_page_size:    10

    # The maximum number of primary entities that can be retrieved by a request.
    max_entities:         -1

    # The maximum number of related entities that can be retrieved by a request.
    max_related_entities: 100

    # The maximum number of entities that can be deleted by one request.
    max_delete_entities:  100

    # All supported API configuration files.
    config_files:

        # Prototype
        name:

            # The name of a file that contain API resources configuration. Can contain several files, in this case all of them are merged.
            file_name:            ~

            # The request type to which this file is applicable.
            request_type:         []

    # The configuration extensions for "Resources/config/oro/api.yml".
    config_extensions:

        # Examples:
        - oro_api.config_extension.filters
        - oro_api.config_extension.sorters

    # The configuration of API documentation cache.
    api_doc_cache:

        # The list of features that do not affect API documentation cache.
        excluded_features:

            # Default:
            - web_api

            # Example:
            - web_api

    # All supported API views.
    api_doc_views:

        # Prototype
        name:

            # The view label.
            label:                ~

            # Whether this view is default one.
            default:              false

            # The name of the underlying view.
            underlying_view:      ~

            # The request type supported by this view.
            request_type:         []

            # The URL to the API documentation for this view.
            documentation_path:   ~

            # The HTML formatter that should be used by this view.
            html_formatter:       oro_api.api_doc.formatter.html_formatter

            # Whether the sandbox should have a link to this view.
            sandbox:              true

            # Headers that should be sent with requests from the sandbox.
            headers:

                # Examples:
                Accept:              application/vnd.api+json
                Content-Type:        [{ value: application/vnd.api+json, actions: [create, update] }]
                X-Include:           [{ value: totalCount, actions: [get_list, delete_list] }, { value: deletedCount, actions: [delete_list] }]

                # Prototype
                name:                 []

            # The map between data-type names and their representation in API documentation.
            data_types:

                # Examples:
                guid:                string
                currency:            string

                # Prototype
                name:                 ~

    # The URL to the API documentation that should be used for API views that does not have own documentation.
    documentation_path:   null

    # The map between data-type names and their representation in API documentation. The data-types declared in this map can be overridden in "data_types" section of a particular API view.
    api_doc_data_types:

        # Examples:
        guid:                string
        currency:            string

        # Prototype
        name:                 ~

    # The definition of API actions.
    actions:

        # Example:
        get:                 { processor_service_id: oro_api.get.processor, processing_groups: { load_data: { priority: -10 }, normalize_data: { priority: -20 } } }

        # Prototype
        name:

            # The service id of the action processor. Set for public actions only.
            processor_service_id: ~

            # A list of groups by which child processors can be split.
            processing_groups:

                # Prototype
                name:

                    # The priority of the group.
                    priority:             ~

    # The definition of filters.
    filters:

        # Examples:
        integer:             { supported_operators: ['=', '!=', '<', '<=', '>', '>=', '*', '!*'] }
        primaryField:        { class: Oro\Bundle\ApiBundle\Filter\PrimaryFieldFilter }
        association:         { factory: ['@oro_api.filter_factory.association', createFilter] }

        # Prototype
        name:
            class:                ~
            factory:              []
            supported_operators:

                # Defaults:
                - =
                - !=
                - *
                - !*

    # A definition of operators for filters. The key is the name of an operator. The value is optional and it is a short name of an operator.
    filter_operators:

        # Examples:
        eq:                  '='
        regexp:              null

        # Prototype
        name:                 ~

    # The form types that can be reused in API.
    form_types:

        # Examples:
        - Symfony\Component\Form\Extension\Core\Type\FormType
        - oro_api.form.type.entity

    # The form type extensions that can be reused in API.
    form_type_extensions:

        # Example:
        - form.type_extension.form.http_foundation

    # The form type guessers that can be reused in API.
    form_type_guessers:

        # Example:
        - form.type_guesser.validator

    # The definition of data type to form type guesses.
    form_type_guesses:

        # Examples:
        integer:             { form_type: Symfony\Component\Form\Extension\Core\Type\IntegerType }
        datetime:            { form_type: Symfony\Component\Form\Extension\Core\Type\DateTimeType, options: { model_timezone: UTC, view_timezone: UTC } }

        # Prototype
        name:
            form_type:            ~
            options:

                # Prototype
                name:                 ~

    # The map between error titles and their substitutions.
    error_title_overrides:

        # Example:
        percent range constraint: 'range constraint'

        # Prototype
        name:                 ~

    # The configuration of CORS requests.
    cors:

        # The amount of seconds the user agent is allowed to cache CORS preflight requests.
        preflight_max_age:    600

        # The list of origins that are allowed to send CORS requests.
        allow_origins:

            # Examples:
            - 'https://foo.com'
            - 'https://bar.com'

        # Indicates whether CORS request can include user credentials.
        allow_credentials:    false

        # The list of headers that are allowed to send by CORS requests.
        allow_headers:

            # Examples:
            - X-Foo
            - X-Bar

        # The list of headers that can be exposed by CORS responses.
        expose_headers:

            # Examples:
            - X-Foo
            - X-Bar

    # The configuration of feature depended API firewalls.
    api_firewalls:

        # Prototype
        name:

            # The name of the feature.
            feature_name:         ~

            # The list of security firewall listeners that should be removed if the feature is disabled.
            feature_firewall_listeners: []

    # The Batch API configuration.
    batch_api:
        async_operation:

            # The number of days asynchronous operations are stored in the system.
            lifetime:             30

            # The maximum number of seconds that the asynchronous operations cleanup process can spend in one run.
            cleanup_process_timeout: 3600

        # The default maximum number of entities that can be saved in a chunk.
        chunk_size:           100

        # The default maximum number of included entities that can be saved in a chunk.
        included_data_chunk_size: 50

        # The maximum number of entities of a specific type that can be saved in a chunk.
        # The null value can be used to revert already configured chunk size for a specific entity type and use the default chunk size for it.
        chunk_size_per_entity:

            # Example:
            Oro\Bundle\UserBundle\Entity\User: 10

            # Prototype
            name:                 ~

        # The maximum number of included entities that can be saved in a chunk for a specific primary entity type.
        # The null value can be used to revert already configured chunk size for a specific entity type and use the default chunk size for it.
        included_data_chunk_size_per_entity:

            # Example:
            Oro\Bundle\UserBundle\Entity\User: 20

            # Prototype
            name:                 ~

oro_asset

The default configuration for extension with alias “oro_asset”:

oro_asset:

    # Permanently disable Babel
    disable_babel:        false

    # Path to NodeJs executable
    nodejs_path:          ~

    # Path to NPM executable
    npm_path:             ~

    # Assets build timeout in seconds, null to disable timeout
    build_timeout:        null

    # Npm installation timeout in seconds, null to disable timeout
    npm_install_timeout:  null

    # Webpack Dev Server configuration
    webpack_dev_server:

        # Enable Webpack Hot Module Replacement. To activate HMR run `oro:assets:build --hot`
        enable_hmr:           '%kernel.debug%'

        # By Default `localhost` is used
        host:                 localhost
        port:                 8081

        # By default dev-server will be served over HTTP. It can optionally be served over HTTP/2 with HTTPS
        https:                false

oro_attachment

The default configuration for extension with alias “oro_attachment”:

oro_attachment:
    debug_images:         true
    maxsize:              10
    upload_file_mime_types: []
    upload_image_mime_types: []
    processors_allowed:   true
    png_quality:          100
    jpeg_quality:         85

oro_batch

The default configuration for extension with alias “oro_batch”:

oro_batch:

    # Enables/Disables writing of batch log files for each batch job in var/logs/batch directory
    log_batch:            false

    # Sets the time interval to keep the batch job records in the database
    cleanup_interval:     '1 week' # Example: '1 month'

oro_cms

The default configuration for extension with alias “oro_cms”:

oro_cms:
    direct_editing:
        login_page_css_field: false

    # Describes the rules how WYSIWYG fields should works with HTMLPurifier
    content_restrictions:

        # Configuration setting that defines the overall level of content restrictions:
        # "secure" - on the secure level there is no way to insert any potentially unsecure content via UI by any users
        # "selective" - on the less secure level potentially unsecure content can be inserted via UI by some roles into specific fields of specific entities
        # "unsecure" - on this level any content can be inserted via UI by any user with edit permission on that WYSIWYG field
        mode:                 secure # One of "secure"; "selective"; "unsecure"

        # List of user roles that has edit permission on entity field with selected secure level
        lax_restrictions:

            # Prototype: List of roles that has edit permission with selected secure level
            ROLE:

                # Prototype: List of entity fields to which selected secure level current apply
                \Entity:              []

oro_calendar

The default configuration for extension with alias “oro_calendar”:

oro_calendar:

    # Indicates whether Organization and/or System Calendars are enabled or not.
    # Possible values:
    #     true         - both organization and system calendars are enabled
    #     false        - both organization and system calendars are disabled
    #     organization - only organization calendar is enabled
    #     system       - only system calendar is enabled
    #
    enabled_system_calendar: system

oro_contact

The default configuration for extension with alias “oro_contact”:

oro_contact:
    social_url_format:
        twitter:              'https://twitter.com/%%username%%'
        facebook:             'https://www.facebook.com/%%username%%'
        google_plus:          'https://profiles.google.com/%%username%%'
        linked_in:            'http://www.linkedin.com/in/%%username%%'

oro_customer

The default configuration for extension with alias “oro_customer”:

oro_customer:
    cookie_secure:        auto # One of true; false; "auto"
    cookie_httponly:      true
    cookie_samesite:      null # One of null; "lax"; "strict"; "none"

oro_email

The default configuration for extension with alias “oro_email”:

oro_email:

    # Determines which email address owners should be excluded during synchronization.
    email_sync_exclusions:

        # Example:
        - Oro\Bundle\UserBundle\Entity\User
    flash_notification:
        max_emails_display:   4

oro_embedded_form

The default configuration for extension with alias “oro_embedded_form”:

oro_embedded_form:

    # The name of the hidden field that should be used to pass the session id to third party site. This allows to use the embedded form even if a web browser blocks third-party cookies.
    session_id_field_name: _embedded_form_sid

    # The number of seconds the CSRF token should live for.
    csrf_token_lifetime:  3600

    # The service id that is used to cache CSRF tokens.
    csrf_token_cache_service_id: ~

oro_entity

The default configuration for extension with alias “oro_entity”:

oro_entity:

    # Default doctrine`s query cache lifetime
    default_query_cache_lifetime: null

oro_entity_extend

The default configuration for extension with alias “oro_entity_extend”:

oro_entity_extend:
    backup:               '%kernel.project_dir%/var/backup'

oro_featuretoggle

The default configuration for extension with alias “oro_featuretoggle”:

oro_featuretoggle:
    strategy:             unanimous # One of "affirmative"; "consensus"; "unanimous"
    allow_if_all_abstain: false
    allow_if_equal_granted_denied: true

oro_form

The default configuration for extension with alias “oro_form”:

oro_form:
    # Describes scopes and scope rules for HTMLPurifier
    html_purifier_modes:

        # Prototype: Collection of scopes that defines the rules for HTMLPurifier
        default:

            # Extends configuration from selected scope
            extends:              null # Example: default

            # List of allowed forward document relationships in the rel attribute for HTMLPurifier.
            allowed_rel:

                # Examples:
                - nofollow
                - alternate

            # Only these domains will be allowed in iframes (in case iframes are enabled in allowed elements)
            allowed_iframe_domains:

                # Examples:
                - youtube.com/embed/
                - player.vimeo.com/video/

            # Allowed URI schemes for HTMLPurifier
            allowed_uri_schemes:

                # Examples:
                - http
                - https
                - mailto
                - ftp
                - data
                - tel

            # Allowed elements and attributes for HTMLPurifier
            allowed_html_elements:

                # Prototype: Collection of allowed HTML elements for HTMLPurifier
                -

                    # Collection of allowed attributes for described HTML tag
                    attributes:

                        # Examples:
                        - cellspacing
                        - cellpadding
                        - border
                        - align
                        - width

                    # Is HTML tag has closing end tag or not
                    hasClosingTag:        true

oro_frontend

The default configuration for extension with alias “oro_frontend”:

oro_frontend:
    debug_routes:         true
    routes_to_expose:     []

    # The configuration of storefront session.
    session:
        name:                 ~ # Required
        cookie_lifetime:      ~
        cookie_path:          ~
        cookie_secure:        ~ # One of true; false; "auto"
        cookie_httponly:      ~
        cookie_samesite:      ~ # One of null; "lax"; "strict"; "none"
        gc_maxlifetime:       ~
        gc_probability:       ~
        gc_divisor:           ~

    # The configuration of API for the storefront.
    frontend_api:

        # The API views that are available for the storefront.
        api_doc_views:        []

        # The configuration of CORS requests for the storefront.
        cors:

            # The amount of seconds the user agent is allowed to cache CORS preflight requests.
            preflight_max_age:    600

            # The list of origins that are allowed to send CORS requests.
            allow_origins:

                # Examples:
                - 'https://foo.com'
                - 'https://bar.com'

            # Indicates whether CORS request can include user credentials.
            allow_credentials:    false

            # The list of headers that are allowed to send by CORS requests.
            allow_headers:

                # Examples:
                - X-Foo
                - X-Bar

            # The list of headers that can be exposed by CORS responses.
            expose_headers:

                # Examples:
                - X-Foo
                - X-Bar

oro_gaufrette

The default configuration for extension with alias “oro_gaufrette”:

oro_gaufrette:
    stream_wrapper:

        # The name of read-only Gaufrette protocol. By default it is "{gaufrette protocol name}-readonly".
        readonly_protocol:    null

oro_google_tag_manager

The default configuration for extension with alias “oro_google_tag_manager”:

oro_google_tag_manager:
    config:

        # Number of product items in each batch for sending to GTM
        batch_size:           30

oro_hangouts_call

The default configuration for extension with alias “oro_hangouts_call”:

oro_hangouts_call:
    initial_apps:

        # Prototype
        -
            app_id:               ~ # Required
            app_type:             ROOM_APP
            app_name:             ~
            base_path:            ~

oro_health_check

The default configuration for extension with alias “oro_health_check”:

oro_health_check:
    maintenance_driver:
        class:                Oro\Bundle\HealthCheckBundle\Drivers\FileDriver
        options:
            ttl:                  600
            file_path:            ~

oro_help

The default configuration for extension with alias “oro_help”:

oro_help:
    defaults:             # Required
        server:               ~ # Required
        prefix:               ~
        uri:                  ~
        link:                 ~

oro_layout

The default configuration for extension with alias “oro_layout”:

oro_layout:
    view:

        # Defines whether @Layout annotation can be used in controllers
        annotations:          true

    # List of enabled themes
    enabled_themes:       []
    templating:
        default:              twig
        php:
            enabled:              true
            resources:

                # Default:
                - OroLayoutBundle:Layout/php

                # Example:
                - 'MyBundle:Layout/php'
        twig:
            enabled:              true
            resources:

                # Default:
                - OroLayoutBundle:Layout:div_layout.html.twig

                # Example:
                - 'MyBundle:Layout:blocks.html.twig'

    # Enable layout debug mode. Allows to switch theme using request parameter _theme.
    debug:                '%kernel.debug%'

    # The identifier of the theme that should be used by default
    active_theme:         ~

oro_locale

The default configuration for extension with alias “oro_locale”:

oro_locale:
    formatting_code:      en
    language:             en

oro_message_queue

The default configuration for extension with alias “oro_message_queue”:

oro_message_queue:

    # List of available transports with their configurations.
    transport:

        # DBAL transport configuration.
        dbal:
            connection:           message_queue
            table:                oro_message_queue
            pid_file_dir:         /tmp/oro-message-queue
            consumer_process_pattern: ':consume'
            polling_interval:     1000

        # AMQP transport configuration.
        amqp:
            host:                 localhost
            port:                 5672
            user:                 guest
            password:             guest
            vhost:                /

    # Consumption client configuration.
    client:
        traceable_producer:   false
        prefix:               oro
        router_processor:     oro_message_queue.client.route_message_processor
        router_destination:   default
        default_destination:  default
        default_topic:        default

        # Redelivery message extension configuration.
        redelivery:

            # If redelivery enabled than new copied message will be published
            # to message broker and old one will be REJECTED when error
            # was occurred during message processing.
            enabled:              true

            # Time through which message will be re-published to the broker,
            # old one will be REJECTED immediately.
            delay_time:           10

    # A list of services that must not be removed from the container once the message is processed.
    persistent_services:  []

    # A list of processors that must not be removed from the container once the message is processed.
    persistent_processors: []

    # A list of topics that should always be processed without a security context.
    security_agnostic_topics: []

    # A list of processors that should always be processed without a security context.
    security_agnostic_processors: []
    consumer:

        # Consumer heartbeat update period in minutes. To disable the checks, set this option to 0
        heartbeat_update_period: 15

    # The maximum time for a unique job execution.
    # If a job is still running longer than that,
    # it is possible to create a new copy of a unique job (with the same name).
    # The old job is marked as "stale" in this case.
    time_before_stale:

        # Examples:
        # default:           X
        # jobs:              { '# some_job_type_name': 'Y' }

        # The number of seconds of inactivity to qualify a job as stale.
        # If this attribute is not set or set to -1, jobs will never be qualified as stale.
        # It means that if a unique job is not properly removed after it is finished,
        # it will be blocking other jobs of that type until it is manually interrupted.
        default:              ~

        # The number of seconds of inactivity to qualify jobs of this type as stale.
        # To disable staling jobs for the given job type, set this option to -1.
        # The key can be a whole job name or a part of it from the beginning of string to any "."
        jobs:

            # Examples:
            # bundle_name.processor_name.entity_name.user: X
            # bundle_ name.processor_name.entity_name: 'Y'
            # bundle_name.processor_name: Z

            # Prototype
            job_name:             ~

oro_microsoft_sync

The default configuration for extension with alias “oro_microsoft_sync”:

oro_microsoft_sync:

    # The period in days data should be synchronized with Microsoft 365.
    sync_period:          730

    # The configuration of the storage for synchronization related data.
    storage:

        # The service ID of the driver that should be used to store deleted entities.
        deleted_entities_driver: oro_microsoft_sync.storage_driver.dbal

oro_multi_host

The default configuration for extension with alias “oro_multi_host”:

oro_multi_host:

    # Determines whether multi-host operations are enabled.
    enabled:              false

    # The configuration of the driver to execute multi-host operations.
    driver:

        # The service ID of the driver.
        service:              ~

        # The driver options.
        options:

            # Prototype
            name:                 ~

    # The configuration of multi-host operations.
    operations:

        # Prototype
        name:

            # The maximum number of seconds that the driver can wait till an operation status is changed by a server that processes the operation.
            timeout:              60

    # The number of days multi-host operations are stored in the system.
    operation_lifetime:   180

oro_navigation

The default configuration for extension with alias “oro_navigation”:

oro_navigation:

    # The prefix in the name of the file with a list of js routes.
    js_routing_filename_prefix: ''

oro_notification

The default configuration for extension with alias “oro_notification”:

oro_notification:

    # List of notification events.
    events:               []

oro_oauth2_server

The default configuration for extension with alias “oro_oauth2_server”:

oro_oauth2_server:
    authorization_server:

        # The lifetime in seconds of the access token.
        access_token_lifetime: 3600

        # The lifetime in seconds of the refresh token.
        refresh_token_lifetime: 18144000

        # The lifetime in seconds of the authorization code.
        auth_code_lifetime:   600

        # Determines if the refresh token grant is enabled.
        enable_refresh_token: true

        # Determines if the authorization code grant is enabled.
        enable_auth_code:     true

        # The full path to the private key file that is used to sign JWT tokens. How to generate a private key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys.
        private_key:          '%kernel.project_dir%/var/oauth_private.key' # Example: /var/oauth/private.key

        # The string that is used to encrypt refresh token and authorization token payload. How to generate an encryption key: https://oauth2.thephpleague.com/installation/#string-password.
        encryption_key:       '%secret%'

        # The configuration of CORS requests.
        cors:

            # The amount of seconds the user agent is allowed to cache CORS preflight requests.
            preflight_max_age:    600

            # The list of origins that are allowed to send CORS requests.
            allow_origins:

                # Examples:
                - 'https://foo.com'
                - 'https://bar.com'
    resource_server:

        # The full path to the public key file that is used to verify JWT tokens. How to generate a public key: https://oauth2.thephpleague.com/installation/#generating-public-and-private-keys.
        public_key:           '%kernel.project_dir%/var/oauth_public.key' # Example: /var/oauth/public.key

        # The list of security firewalls for which OAuth 2.0 authorization should be enabled.
        oauth_firewalls:      []

oro_paypal

The default configuration for extension with alias “oro_paypal”:

oro_paypal:
    allowed_ips:          []

oro_report

The default configuration for extension with alias “oro_report”:

oro_report:
    dbal:

        # The name of DBAL connection that should be used to execute report queries.
        connection:           ~

        # The list of name prefixes for datagrids that are reports and should use the DBAL connection configured in the "connection" option.
        datagrid_prefixes:

            # Example:
            - acme_report_

oro_security

The default configuration for extension with alias “oro_security”:

oro_security:
    csrf_cookie:
        cookie_secure:        auto # One of true; false; "auto"
        cookie_httponly:      false
        cookie_samesite:      null # One of null; "lax"; "strict"; "none"
    login_target_path_excludes: []

oro_task

The default configuration for extension with alias “oro_task”:

oro_task:

    # Indicates whether My Tasks should be visible in My Calendar or not
    my_tasks_in_calendar: true

oro_theme

The default configuration for extension with alias “oro_theme”:

oro_theme:
    themes:

        # Prototype
        name:
            label:                ~
            logo:                 ~
            icon:                 ~
            screenshot:           ~

            # Defines whether Theme supports RTL and additional *.rtl.css have to be build
            rtl_support:          ~
    active_theme:         ~

oro_translation

The default configuration for extension with alias “oro_translation”:

oro_translation:
    js_translation:
        domains:

            # Defaults:
            - jsmessages
            - validators
        debug:                true
    translation_service:
        apikey:               ''
    package_names:        []
    debug_translator:     false
    locales:              []
    default_required:     true
    manager_registry:     doctrine
    templating:           'OroTranslationBundle::default.html.twig'

oro_user

The default configuration for extension with alias “oro_user”:

oro_user:
    reset:
        ttl:                  86400
    privileges:

        # Prototype
        name:
            label:                ~
            view_type:            ~
            types:                []
            field_type:           ~
            fix_values:           ~
            default_value:        ~
            show_default:         ~

oro_user_pro

The default configuration for extension with alias “oro_user_pro”:

oro_user_pro:

    # Duration (in minutes) of the period when the email notifications about user deactivation will not be sent if user continues trying to log in with invalid credentials.
    auto_deactivate_emails_delay: 1440