Get Global Configs
Gets every global config key and value applied across the system. Sensitive keys (SMTP password, LDAP bind password) are returned as ********.
Required Permissions
Requires the Master role.
HTTP Request
GET /api/sonar/global-configs
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
https://HOSTNAME/api/sonar/global-configs
Success Response
{
"global_configs": {
"smtp_host": "smtp.example.com",
"smtp_port": "25",
"smtp_pass": "********",
"ldap_host": "ldap.example.com",
"ldap_bind_password": "********",
"min_password_len": "8",
"max_password_len": "64"
}
}
- global_configs (Map): Global config key/value pairs.
The global config keys are categorized as follows.
System
| Key | Description |
|---|
| api_key | API key |
| version | System version |
| web_endpoint | Web console endpoint |
| experimental | Whether experimental features are enabled |
| browser_title | Browser tab title |
| app_menu_path | App menu path |
| app_menu_height | App menu height |
| login_path | Login page path |
| login_logo_width | Login page logo width |
| login_logo_height | Login page logo height |
| menu_logo_width | Menu logo width |
| menu_logo_height | Menu logo height |
| index_path | Index path |
Authentication and Session
| Key | Description |
|---|
| trust_host_count | Number of trusted hosts |
| block_concurrent_admin | Whether concurrent admin login is blocked |
| block_concurrent_login | Whether concurrent user login is blocked |
| inactive_account_period | Inactive account period (days) |
| min_password_len | Minimum password length |
| max_password_len | Maximum password length |
| password_complexity | Password complexity policy |
LDAP
| Key | Description |
|---|
| ldap_host | LDAP server host |
| ldap_port | LDAP server port |
| ldap_user_prefix | User DN prefix |
| ldap_user_suffix | User DN suffix |
| ldap_timeout | LDAP connection timeout (ms) |
| ldap_user_base_dn | User search base DN |
| ldap_bind_dn | Bind DN |
| ldap_bind_password | Bind password (masked in response) |
| ldap_user_search_filter | User search filter |
| external_auth_fail_policy | Policy on external authentication failure |
SMTP
| Key | Description |
|---|
| smtp_host | SMTP server host |
| smtp_port | SMTP server port |
| smtp_protocol | SMTP protocol |
| smtp_user | SMTP user account |
| smtp_pass | SMTP password (masked in response) |
| smtp_from | Sender mail address |
| smtp_proxy | SMTP proxy configuration |
ISAC
| Key | Description |
|---|
| isac_url | ISAC service URL |
| isac_api_key | ISAC API key |
Explanation
| Key | Description |
|---|
| explanation_period | Explanation retention period |
| explanation_token_expiry | Explanation token expiry |
| explanation_req_mail_cc | CC recipients on explanation request mail |
| explanation_req_remind | Explanation request reminder interval |
| explanation_url_alias | Explanation URL alias |
| explanation_submit_expiry | Explanation submission deadline |
| explanation_requester_name | Display name of the explanation requester |
| max_explanation_log_count | Maximum number of evidence logs |
| self_explanation | Whether self-explanation is allowed |
Asset IP
| Key | Description |
|---|
| ip_custom_fields | Asset IP custom fields |
| ip_search_popup | Whether the asset IP search popup is enabled |
Lifecycle
| Key | Description |
|---|
| lifecycle_rollover_schedule | Lifecycle rollover schedule |
| lifecycle_throttle_step | Lifecycle processing step |
Object Storage
| Key | Description |
|---|
| objectstorage_s3sdk_connection_timeout | S3 SDK connection timeout (ms) |
| objectstorage_s3sdk_minimum_throughput_timeout | S3 SDK minimum throughput timeout (ms) |
| objectstorage_s3sdk_target_throughput_in_gbps | S3 SDK target throughput (Gbps) |
| objectstorage_input_stream_buffer_size_in_bytes | Input stream buffer size (bytes) |
MITRE ATT&CK
| Key | Description |
|---|
| mitre_dashboard_highlight_time | MITRE dashboard highlight duration (ms) |
Other
| Key | Description |
|---|
| use_auditor_token | Whether the auditor token is used |
| use_ncsc_threatcon | Whether the cyber crisis alert level is used |
| ai_assistant_plain | Whether AI assistant runs in plain mode |
| time_picker_default_hour | Default hour for the time picker |
| confirm_ticket_approve_status_change | Whether to confirm status change on ticket approval |
| table_usage_reload_interval | Table usage reload interval |
| behavior_profile_sync_max_jitter | Maximum jitter for behavior profile sync |
| etir_ticket_score_threshold | E-TIR ticket score threshold |
| sso_hosts | List of allowed SSO hosts |
| disk_usage_ignore_partitions | Partitions to exclude from disk usage calculation |
Error Responses
Permission denied
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "no-permission"
}
