---
theme: 'auto'
server:
  address: 'tcp://127.0.0.1:9071/' # port 9071, default would collide with another service
  endpoints:
    <<< see below >>>
log:
    <<< see below >>>
telemetry:
  metrics:
    enabled: false
totp:
  disable: false
webauthn:
  disable: false
identity_validation:
  reset_password:
    jwt_secret: '<<< put a good secret here >>>>'
authentication_backend:
    <<< see below >>>
password_policy:
  standard:
    enabled: false
    min_length: 8
    max_length: 0
    require_uppercase: true
    require_lowercase: true
    require_number: true
    require_special: true
  zxcvbn:
    enabled: false
    min_score: 3
privacy_policy:
  enabled: false
  require_user_acceptance: false
  policy_url: ''
access_control:
    <<< see below >>>
session:
  secret: '<<< another, different, secret here >>>>'
  cookies:
    -
      domain: 'mydomain.com'
      authelia_url: 'https://login.mydomain.com'
      default_redirection_url: 'https://mydomain.com'
  name: 'authelia_session'
  same_site: 'lax'
  inactivity: '5m'
  expiration: '14h'
  remember_me: '1M'

storage:
  <<< see below >>>

notifier:
  <<< see below >>>

identity_providers:
  oidc:
    <<< see below >>>
...