Config Options

View Source (src/ServerConfig.ts)

The Express Server package allows you to change many behaviors of the server or override the default modules, mappings and implementations in use.

Following is a basic template that you may use to kickstart your server application development.

For a full overview of available options, please take a look at the ServerConfig interface.

import ResourceServer, { ServerConfig, Event, Events, Notifications, Storage, Datasource } from "@ssofy/express-server";
import mysql from "mysql2/promise";

// Database Connection
const pool = mysql.createPool({
    host: 'localhost',
    port: 6636,
    user: 'root',
    password: '123456',
    database: 'db',
    waitForConnections: true,
    connectionLimit: 10,
    maxIdle: 10,
    idleTimeout: 60000,
    queueLimit: 0,
    enableKeepAlive: true,
    keepAliveInitialDelay: 0

// Optional Event Channel
const nodeChannel = new Events.NodeEventChannel;

// Server Config
const serverConfig: ServerConfig = {
    secret: <string>process.env.SECRET,
    connection: new Datasource.MySQLPoolConnection(pool),
    mockMode: false,
    events: {
        channels: [
    otp: {
        storage: new Storage.MemoryStorage(),
        vars: {
            brand: 'SSOfy',
        notifiers: [
            new Notifications.ConsoleNotifier(Notifications.Channel.SMS, 'Test'),
    authentication: {
        methods: {
            username: true,
            email: true,
            phone: true,
            token: true,
            otp: true,
            social: true,
        passwordless: true,
    user: {
        schema: 'users',
    socialLink: {
        schema: 'user_social_links',
    data: {
        clients: [
                id: 'test',
                name: 'Test',
                secret: 'test',
                redirect_uris: ['*'],
        scopes: [
                id: '*',
                title: 'Everything',

// Optionally Listen to events
nodeChannel.subscribe(Event.OTPSent, (event: string, message?: any) => {
    console.log(`{[Event] ${event}:`, message);

The secret is required for verifying the signature of incoming requests as well as generating signed responses.

Obtain the secret from the panel's Application Profile page.

📌 Info

Learn more about the SSOfy's Sign and Verify process.

The connection property specifies which Datasource Connection to use to connect to the database.

The mockMode property when set to true, server serves mock data instead of real data from database. Useful for test and debugging.

By default, all resource server endpoints are available under /external/ssofy/ prefix. However, the prefix can be configured in routePrefix property. Set the cache driver for OTP Code storage.

otp.notifiers: Notifications Notifiers.

events.channels: Choose what Event Channels to use for publishing server events.

user.columns: SDK will default to column names similar to OpenID standard claims:

  • id
  • hash
  • name
  • display_name
  • picture
  • username
  • email
  • email_verified
  • phone
  • phone_verified
  • password
  • metadata

If your column names differ, you can configure them here to map to your customized column names.

user.schema: The schema name (table name in RDBMS) or the ORM object of the user's entity depending on the Datasource Connection in use.

user.filter: The user filter to use to limit the user data. Read the UserFilter page for details.

user.transformer: The user transformer to use to convert between the actual user data and SDK's UserEntity Read the UserTransformer page for details.

socialLink.columns: SDK will default to the following column names:

  • provider
  • identifier
  • user_id

If your column names differ, you can configure them here to map to your customized column names.

socialLink.schema: The schema name (table name in RDBMS) or the ORM object of the social link's entity depending on the Datasource Connection in use.

The default Repository implementation reads the scopes and clients configuration from this section of the configuration file. However, for more complicated scenarios, such as reading from a database, you may consider overriding the ClientRepository and ScopeRepository with your own custom repository implementations.

data.scopes: Configure an array of ScopeEntity.

data.clients: Configure an array of ClientEntity.

ssofy Knowledge Base
At our core, we believe that staying up-to-date with the latest trends and advancements in Authentication and related areas is essential. That's why we take great pride in keeping you informed with the latest insights, updates, and news in this rapidly evolving landscape.

Do you need support?
SSOfy is by Cubelet Ltd.
Copyright © 2024 Cubelet Ltd. All rights reserved.