#---------------------------------------------------------------# #--------------------REST CONFIGURATIONS------------------------# #---------------------------------------------------------------# # These configs are used by the RESTv7 module # #---------------------------------------------------------------# # Allowed Cross-Origin-Resource-Sharing (CORS) origins (in "Access-Control-Allow-Origin" header). # Only these origins (client URLs) can successfully authenticate with your REST API. # Defaults to ${dspace.ui.url} if unspecified (as the UI must have access to the REST API). # Multiple allowed origin URLs may be comma separated. Wildcard value (*) is NOT SUPPORTED. # (Requires reboot of servlet container, e.g. Tomcat, to reload) rest.cors.allowed-origins = ${dspace.ui.url} # Whether or not to allow credentials (e.g. cookies) sent by the client/browser in CORS # requests (in "Access-Control-Allow-Credentials" header). # For DSpace, we default this to "true" to support external authentication via Shibboleth (and similar). # However, if any of the "allowed-origins" above are *not* trusted, you may choose to set this to "false" # for additional security. Defaults to "true" if unspecified. # (Requires reboot of servlet container, e.g. Tomcat, to reload) rest.cors.allow-credentials = true # This property determines the max embeddepth for a FullProjection. This is also used by the SpecificLevelProjection # as a fallback in case the property is defined on the bean rest.projections.full.max = 2 # This property determines the max embed depth for a SpecificLevelProjection rest.projection.specificLevel.maxEmbed = 5 # This property determines the max amount of rest operations that can be performed at the same time, for example when # batch removing bitstreams. The default value is set to 1000. rest.patch.operations.limit = 1000 # Define which configuration properties are exposed through the http:///api/config/properties/ # rest endpoint. If a rest request is made for a property which exists, but isn't listed here, the server will # respond that the property wasn't found. This property can be defined multiple times to allow access to multiple # configuration properties. # (Requires reboot of servlet container, e.g. Tomcat, to reload) rest.properties.exposed = plugin.named.org.dspace.curate.CurationTask rest.properties.exposed = google.analytics.key rest.properties.exposed = versioning.item.history.include.submitter rest.properties.exposed = researcher-profile.entity-type rest.properties.exposed = orcid.application-client-id rest.properties.exposed = orcid.authorize-url rest.properties.exposed = orcid.scope rest.properties.exposed = orcid.disconnection.allowed-users rest.properties.exposed = registration.verification.enabled rest.properties.exposed = websvc.opensearch.enable rest.properties.exposed = websvc.opensearch.svccontext rest.properties.exposed = websvc.opensearch.shortname rest.properties.exposed = websvc.opensearch.autolink rest.properties.exposed = submit.type-bind.field rest.properties.exposed = google.recaptcha.key.site rest.properties.exposed = google.recaptcha.version rest.properties.exposed = google.recaptcha.mode rest.properties.exposed = cc.license.jurisdiction rest.properties.exposed = identifiers.item-status.register-doi rest.properties.exposed = authentication-password.domain.valid rest.properties.exposed = coar-notify.enabled rest.properties.exposed = ldn.notify.inbox rest.properties.exposed = handle.canonical.prefix