===== Server settings =====

In this section, various aspects of the server behavior can be configured and controlled. 

{{:settings_srv_menu.png?200|}}
==== Email settings ====
Change settings about the email's sent by PMA.core

^ Setting ^ Description ^
|Use Two Factor Authentication | Whether to enable two factor authentication for logging in |
|The name of the two factor authentication | The name of the keys generated for two factor authenticated|
|Email Address| The email present in all emails sent by PMA.core|
|Send emails using| Whether to sent emails using the SendGrid service or by a mail server|
|SendGrid Api Key| The api key to authenticate against SendGrid service |

{{::settings_srv_email.png?400|}}

=== Mail log ===
A subsection of the [[report_events|events page]] showing only mail entries

{{::settings_srv_email_log.png?400|}}

==== User settings ====
Settings regarding the user and password management 
^ Setting ^ Description ^
|Max invalid login attempts before lock out}| The max invalid login attempts allowed for a user. Use 0 to never lockout |
|Automatically lift lock out after (seconds)| Automatically lift lock out after (seconds) |
|Allow duplicate emails| Whether the system can allow users with the same email but different username |
|Force change password after days| Require users to change password after the specified amount of days |
|Password must be different from the last used | Require users to not use the same password twice |

{{::settings_srv_user.png?400|}}

==== Password generation ====
Settings about the automatic generator of passwords in the [[minimal_user_management|Users -> Create]] page 
^ Setting ^ Description ^
|Case| The type of the letters case|
|Length| The lenght of the generated password|
|Include letters| Whether to include letters|
|Include numbers| Whether to include numbers|
|Include special characters| Whether to include special characters like !@#$ etc|

{{::settings_srv_password.png?400|}}

==== LDAP settings ====
Shows the list of configured LDAP servers used for authentication by PMA.core. You can also delete,update and create new LDAP server settings

{{::settings_srv_ldap.png?400|}}

=== Add new LDAP server ===
Clicking the //Add new LDAP server// button will take you to the page to fill the required info to add a new LDAP server that will be used for authentication by PMA.core.

^ Setting ^ Description ^
|LDAP Server| The LDAP server url|
|LDAP distinguished name| The distinguish name of the LDAP directory to connect to |
|Username| The username for authentication against the LDAP server|
|Password | The password for authentication against the LDAP server|
{{::settings_srv_ldap_new.png?400|}}

==== OAuth settings === 
Shows the list of configured OAuth servers used for authentication by PMA.core. You can also delete,update and create new OAuth server settings

^ Setting ^ Description ^
| OAuth callback url| The callback url required by OAuth authentication protocol by third party applications using PMA.core for authentication|

{{::settings_srv_oauth.png?400|}}

=== Add new OAuth server ===
Clicking the //Add new OAuth Server// button will take you to the page to fill the required info to add a new OAuth server that will be used for authentication by PMA.core. 
PMA.core uses the **Browser Flow** protocol for authentication as described the OAuth 2.0. For more information see [[https://oauth.net/2/|OAuth2.0]]

^ Setting ^ Description ^
|Name| The name of the OAuth server|
|Public Key| The public key for authenticating against OAuth server |
|User Id claim|The claim that contains the user id|
|Auth Url|The url used for Auth by the OAuth provider|
|Token Url|The url used for tokean access by the OAuth provider|
|Client Id|The client Id for PMA.core as configured in the OAuth provider|
|Client Secret |The client secret for the corresponding client id|

{{::settings_srv_oauth_new.png?400|}}

==== Installation history ====
Shows a brief history of version changes and updates to the PMA.core server
{{::settings_srv_installation.png?400|}}