Those settings allows to override default service startup user.
No Additional Propertiesuser name as it should be passed to sc.exe
".\\username"
"HOSTNAME\\username"
"DOMAIN\\username"
Maximum number of CPU that asynchronous solver will be allowed to use
Value must be greater or equal to 2
Maximum memory that asynchronous solver will be allowed to use
Value must be greater or equal to 2048
This section contains configuration options for the ∞Directory API. Can be omitted to install only an ∞Proxy.
No Additional PropertiesDisables API key.
The ∞Directory API key used to call administration API endpoints. It must not contain any blank characters. This key will be used as the password for the 'infinite' user for Basic HTTP authorization.
Must be at least 1 characters long
Local bind port used by the ∞Directory API implementation.
Value must be greater or equal to 1 and lesser or equal to 65535
Defines which traffic will be allowed on the public_url in addition to the standard client traffic.
All items must be unique
No Additional ItemsThis section contains general installation parameters.
No Additional PropertiesBackend base URL used for communication between the ∞Directory and the ∞Proxy. The port must be explicited, and the URL written without the /directory or /proxy postfix. Hostname should be in lowercase.
^https?:\/\/[^@\/A-Z]+?:[0-9]+(\/[^\/]+)*$
(Windows only) Base folder were all the software binaries will be installed.
If set, Docker containers will not be created.
Install 3D Juump Infinite using Docker. When using Docker deployment, some settings will be ignored.
If set use Minio as implementation for the directory filer instead of the file system. This is discouraged for a single machine Directory.
Defines which HTTP proxy should be used during installation.
Must match regular expression:^https?:\/\/.*
Define which HTTPS proxy should be used during installation.
Must match regular expression:^https?:\/\/.*
Base folder that will contain the data of databases and services.
Must be at least 1 characters long
(Linux only) Url of the APT repository, please contact your provider to get one.
Loki URL on which the service logs will be posted. The POST body will be a gziped json, as described in the push specification of Grafana Loki: https://grafana.com/docs/loki/latest/api/#post-lokiapiv1push.
Must match regular expression:^https?:\/\/.*
Certificate file for this server. If empty, a self-signed certificate will be generated. Note that this certificate will be copied locally.
Set this value to a .crt root certificate file to enable mutual authentication (mutual TLS). When enabled, each connection to the ∞Directory/∞Proxy will have to present a valid certificate. This option cannot be enabled with self-signed certificates.
Private key associated to the server certificate file. If empty, a self-signed certificate will be generated. Note that this certificate will be copied locally.
Public base URL of the ∞Directory and/or ∞Proxy. Should be accessible by clients. The port must be explicited, and the URL written without the /directory or /proxy postfix. Hostname should be in lowercase.
^https:\/\/[^@\/A-Z]+?:[0-9]+?(\/[^\/]+)*$
User and group that will own data folders.
Must match regular expression:^.+:.+$
Set this value to true and all connections between the servers (∞Directory and ∞Proxy) will check the legitimity/validity of the TLS certificate during connections. Invalid certificates will prevent these elements from communicating. You will need to include the IPv4 address and the hostname of the server in each certificate. DANGER: Invalid certificates will prevent elements from communicating.
common OpenID connect settings
No Additional PropertiesOpenID Provider configuration url (https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest)
Must match regular expression:^https:\/\/([^\/]*?)\/.*$
Must be at most 1024 characters long
http configuration for calls to calls to the OpenID server
No Additional PropertiesUse global configuration
file path to client PEM certificate
Must be at least 1 characters long
file path to client PEM private key
Must be at least 1 characters long
private key password if any
file path to client P12 certificate
Must be at least 1 characters long
private key password if any
Disable use of certificate
Use global configuration
Enforce use of provided http proxy for http calls
Must match regular expression:^https?:\/\/.*$
Must be at most 1024 characters long
Disable use of any http proxy for http calls
Enforce use of the automatic http proxy configuration from the system for http calls
Use global configuration
Set this value to false to disable ssl peer verification
No OAuth2 configuration for machine to machine communication, http.m2m_bearer will be disabled and api key will be used.
Configure OAuth2 machine to machine identification using OpenID Connect client credentials flow. See http.m2m_bearer authentication method. Those settings will be used to acquire a token and to validate received tokens.
No Additional Propertiesspecifies additional query parameters that should be added to oidc endpoint calls
No Additional Propertiesadditional query parameters for token_endpoint
No Additional PropertiesAll properties whose name matches the following regular expression must respect the following conditions
Property name regular expression:^(?!scope$).*$
Additional scope string that will be passed to the OpenID server on the token call to obtain and access_token. infinite.* scopes will be added automatically.
Must match regular expression:^(()|([\x21\x23-\x5B\x5d-\x7e]+)( [\x21\x23-\x5B\x5d-\x7e]+)*)$
Must be at least 0 characters long
Must be at most 1024 characters long
List of algorithm that will be allowed for JWT (idtoken and accesstoken) delivered by the OpenID server
All items must be unique
No Additional ItemsOpenID application id
Must be at least 1 characters long
OpenID application secret
Must be at least 1 characters long
audience (aud) value is assumed to contain client_id.
disable aud field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens aud field.
Must be at least 1 characters long
list of potential aud field values. At least one should be equal to access tokens aud field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens aud field.
Must be at least 1 characters long
Authorized party (azp) value is assumed to contain client_id
disable azp field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
list of accepted azp values, at least one should be contained in access tokens azp field
Must contain a minimum of 1 items
Must contain a maximum of 32 items
All items must be unique
No Additional ItemsMust be at least 1 characters long
issuer (iss) value will be retrieved from configuration endpoint.
disable iss field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens iss field.
Must be at least 1 characters long
list of potential iss field values. At least one should be equal to access tokens iss field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens iss field.
Must be at least 1 characters long
configure user identification and session access token using OpenID Connect code flow
No Additional Propertiesspecifies additional query parameters that should be added to oidc endpoint calls
No Additional Propertiesadditional query parameters for revocation_endpoint
Each additional property must conform to the following schema
Type: stringadditional query parameters for token_endpoint
No Additional PropertiesAll properties whose name matches the following regular expression must respect the following conditions
Property name regular expression:^(?!scope$).*$
Additional scope string that will be passed to the OpenID server to obtain access_token that will be passed to the client
Must match regular expression:^(()|([\x21\x23-\x5B\x5d-\x7e]+)( [\x21\x23-\x5B\x5d-\x7e]+)*)$
Must be at least 0 characters long
Must be at most 1024 characters long
Additional scope string that will be passed to the OpenID server on the authorize call to obtain first idtoken and accesstoken that will be passed to authentication_webhook
Must match regular expression:^(()|([\x21\x23-\x5B\x5d-\x7e]+)( [\x21\x23-\x5B\x5d-\x7e]+)*)$
Must be at least 0 characters long
Must be at most 1024 characters long
List of algorithm that will be allowed for JWT (idtoken and accesstoken) delivered by the OpenID server
All items must be unique
No Additional ItemsNo authentication webhook
Define authentication webhook that will be called on each user identification
No Additional Propertieshttp configuration for calls to calls to the authentication webhook
No Additional PropertiesUse global configuration
file path to client PEM certificate
Must be at least 1 characters long
file path to client PEM private key
Must be at least 1 characters long
private key password if any
file path to client P12 certificate
Must be at least 1 characters long
private key password if any
Disable use of certificate
Use global configuration
Enforce use of provided http proxy for http calls
Must match regular expression:^https?:\/\/.*$
Must be at most 1024 characters long
Disable use of any http proxy for http calls
Enforce use of the automatic http proxy configuration from the system for http calls
Use global configuration
Set this value to false to disable ssl peer verification
^https:\/\/.*$
Must be at most 1024 characters long
OpenID application id
Must be at least 1 characters long
OpenID application secret
Must be at least 1 characters long
set to null if HS* sign algorithm are not allowed
OpenID secret for HS* sign algorithm, only supported of id_token. If not null HS256, HS384 and HS512 alg will be accepted.
Must be at least 0 characters long
Allows to copy and optionally remap id_token extra fields (except some sensitive ones) to standard fields to customize user information display. Object keys are extra field name to copy
No Additional PropertiesAll properties whose name matches the following regular expression must respect the following conditions
Property name regular expression:^(?!client_id$|nonce$|aud$|azp$|exp$|iat$|nbf$|acr$|iss$).*$
remap target field name.
only copy
audience (aud) value is assumed to contain client_id.
disable aud field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens aud field.
Must be at least 1 characters long
list of potential aud field values. At least one should be equal to access tokens aud field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens aud field.
Must be at least 1 characters long
Authorized party (azp) value is assumed to contain client_id
disable azp field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
list of accepted azp values, at least one should be contained in access tokens azp field
Must contain a minimum of 1 items
Must contain a maximum of 32 items
All items must be unique
No Additional ItemsMust be at least 1 characters long
issuer (iss) value will be retrieved from configuration endpoint.
disable iss field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens iss field.
Must be at least 1 characters long
list of potential iss field values. At least one should be equal to access tokens iss field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens iss field.
Must be at least 1 characters long
Enable use of Proof Key for Code Exchange (rfc7636) (https://tools.ietf.org/html/rfc7636)
Enable use of accesstoken (OpendID server should also return a refreshtoken) delivered by OpenID server to protect ∞Directory and ∞Proxy api calls from client applications (http.session_bearer security scheme). If disabled, tokens delivered by the Directory will be used.
Define which field of id token will be used as user unique id.
oidc : sub of OpenId id
email : user email /!\ email should not be reused later for an other user
azureoid : Azure AD user object id
common OpenID connect settings
No Additional PropertiesOpenID Provider configuration url (https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest)
Must match regular expression:^https:\/\/([^\/]*?)\/.*$
Must be at most 1024 characters long
http configuration for calls to calls to the OpenID server
No Additional PropertiesUse global configuration
file path to client PEM certificate
Must be at least 1 characters long
file path to client PEM private key
Must be at least 1 characters long
private key password if any
file path to client P12 certificate
Must be at least 1 characters long
private key password if any
Disable use of certificate
Use global configuration
Enforce use of provided http proxy for http calls
Must match regular expression:^https?:\/\/.*$
Must be at most 1024 characters long
Disable use of any http proxy for http calls
Enforce use of the automatic http proxy configuration from the system for http calls
Use global configuration
Set this value to false to disable ssl peer verification
No OAuth2 configuration for machine to machine communication, http.m2m_bearer will be disabled and api key will be used.
Configure OAuth2 machine to machine identification using OpenID Connect client credentials flow. See http.m2m_bearer authentication method. Those settings will be used to acquire a token and to validate received tokens.
No Additional Propertiesspecifies additional query parameters that should be added to oidc endpoint calls
No Additional Propertiesadditional query parameters for token_endpoint
No Additional PropertiesAll properties whose name matches the following regular expression must respect the following conditions
Property name regular expression:^(?!scope$).*$
Additional scope string that will be passed to the OpenID server on the token call to obtain and access_token. infinite.* scopes will be added automatically.
Must match regular expression:^(()|([\x21\x23-\x5B\x5d-\x7e]+)( [\x21\x23-\x5B\x5d-\x7e]+)*)$
Must be at least 0 characters long
Must be at most 1024 characters long
List of algorithm that will be allowed for JWT (idtoken and accesstoken) delivered by the OpenID server
All items must be unique
No Additional ItemsOpenID application id
Must be at least 1 characters long
OpenID application secret
Must be at least 1 characters long
audience (aud) value is assumed to contain client_id.
disable aud field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens aud field.
Must be at least 1 characters long
list of potential aud field values. At least one should be equal to access tokens aud field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens aud field.
Must be at least 1 characters long
Authorized party (azp) value is assumed to contain client_id
disable azp field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
list of accepted azp values, at least one should be contained in access tokens azp field
Must contain a minimum of 1 items
Must contain a maximum of 32 items
All items must be unique
No Additional ItemsMust be at least 1 characters long
issuer (iss) value will be retrieved from configuration endpoint.
disable iss field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens iss field.
Must be at least 1 characters long
list of potential iss field values. At least one should be equal to access tokens iss field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens iss field.
Must be at least 1 characters long
List of algorithm that will be allowed for JWT (idtoken and accesstoken) delivered by the OpenID server
All items must be unique
No Additional Itemsaudience (aud) value is assumed to contain client_id.
disable aud field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens aud field.
Must be at least 1 characters long
list of potential aud field values. At least one should be equal to access tokens aud field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens aud field.
Must be at least 1 characters long
Authorized party (azp) value is assumed to contain client_id
disable azp field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
list of accepted azp values, at least one should be contained in access tokens azp field
Must contain a minimum of 1 items
Must contain a maximum of 32 items
All items must be unique
No Additional ItemsMust be at least 1 characters long
issuer (iss) value will be retrieved from configuration endpoint.
disable iss field validation. Not recommanded but could be usefull when dealing with a weird oidc server.
Specific value:false
value that should be contained in access tokens iss field.
Must be at least 1 characters long
list of potential iss field values. At least one should be equal to access tokens iss field.
Must contain a minimum of 1 items
Must contain a maximum of 16 items
value that should be contained in access tokens iss field.
Must be at least 1 characters long
Enable use of accesstoken (OpendID server should also return a refreshtoken) delivered by OpenID server to protect ∞Directory and ∞Proxy api calls from client applications (http.session_bearer security scheme). If disabled, tokens delivered by the Directory will be used.
Defines the local PostgreSQL server configuration.
No Additional PropertiesPostgreSQL login for the super user role used by the Infinite services to log into the PostgreSQL cluster.
Must be at least 1 characters long
Amount of memory allocated to PostgreSQL.
Value must be greater or equal to 512 and lesser or equal to 65536
PostgreSQL password for the super user role used by the Infinite services to log into the PostgreSQL cluster. /!\ This password should be strong, and must not contain any blank characters.
Must be at least 1 characters long
Port number of the PostgreSQL service
Value must be greater or equal to 1 and lesser or equal to 65535
This section contains configuration options for the ∞Proxy API. Can be omitted to install only a ∞Directory.
No Additional PropertiesThe ∞Directory API key used to call administration API endpoints. It must not contain any blank characters. This key will be used as the password for the 'infinite' user for Basic HTTP authorization.
Must be at least 1 characters long
Backend base URL used for communications with the ∞Directory. The port must be explicited, and the URL written without the /directory postfix.
^https?:\/\/[^@\/A-Z]+?(:[1-9][0-9]{0,4})(\/[^\/]+)*(?<!\/directory)$
Amount of memory allocated to ElasticSearch.
Value must be greater or equal to 1024 and lesser or equal to 65536
Port number of the ElasticSearch service.
Value must be greater or equal to 1 and lesser or equal to 65535
(Linux only) ElasticSearch depends on Java. On Linux, there are 2 viable options to get Java: OpenJDK (https://openjdk.java.net/) and Oracle Java (https://www.oracle.com/technetwork/java/index.html). Set this variable to true to use the Oracle version, but you will have to install it manually, and accept the Oracle Java terms and conditions during the installation.
Disables API key.
The ∞Proxy API key used to call administration API endpoints. It must not contain any blank characters. This key will be used as the password for the 'infinite' user for Basic HTTP authorization.
Must be at least 1 characters long
Local bind port used by the ∞Proxy API implementation.
Value must be greater or equal to 1 and lesser or equal to 65535
This option only applies to Windows deployment. Select which openglprovider will be used for AsyncJobSolver. If auto, install script will try to guess the best choice.