Broken LinksNotebooks
# Table of contents
Aidbox FHIR platform documentation
Getting Started
Tutorials
CRUD, Search Tutorials
Bulk API Tutorials
Security & Access Control Tutorials
RBAC
Terminology Tutorials
Validation Tutorials
Upload FHIR Implementation Guide
Aidbox UI
Integration Toolkit Tutorials
Other tutorials
## Overview
Aidbox user portal
Aidbox UI
## Configuration
## API
REST API
CRUD
Search
Custom Search Parameter
SearchParameter types
Search parameters list
Other
Other
Bulk API
Other APIs
Plan API
Provider Directory API
Archive/Restore API
## Modules
Profiling and validation
FHIR Schema Validator
Security & Access Control
Authentication
Access to AidboxUI
External identity providers
Authentication Flows
Access Control
Attribute-based Access Control (ABAC)
Label-based Access Control
SMART on FHIR
SMART Client Authorization
SMART Client Authentication
SMART (deprecated)
SMART on FHIR
Multitenancy
Patient data access API
Audit
Technical reference
Observability
Getting started
Logs
How-to guides
Tutorials
Technical reference
Metrics
How-to guides
Technical reference
Traces
Subscriptions
Aidbox topic-based subscriptions
Aidbox Forms
Aidbox UI Builder
Form creation
How-to guides
Printing forms
Embedding
Aidbox Code Editor (deprecated)
Define extensions
Custom Resources
Migrate to FHIR Schema
Aidbox terminology module
Concept
ValueSet
CodeSystem
Import external terminologies
SQL on FHIR
Integration toolkit
C-CDA / FHIR Converter
List of supported templates
HL7 v2 Integration
Analytics
Email Providers integration
SMARTbox | FHIR API for EHRs
Get started
The B11 Decision Support Interventions
How-to guides
Background information
Other modules
MDM
## Storage
AidboxDB
Other
S3-compatible storages
## Deployment and maintenance
Deploy Aidbox
Run Aidbox on Kubernetes
Backup and Restore
Indexes
## App development
Aidbox SDK
## Reference
Settings reference
Environment variables
Email Providers reference
Aidbox Forms reference
## Deprecated
Deprecated
Zen-related
RPC reference
aidbox
mdm
Aidbox configuration project
Aidbox Configuration project reference
US Core IG
Workflow Engine
Task
Workflow
FHIR conformance Deprecated guides
How to enable US Core IG
Terminology Deprecated Tutorials
zen-lang validator
FHIR topic-based subscriptions
API Reference
🏗️ FHIR Terminology Repository
Create an FTR instance
Entity / Attribute
Other
App Development Deprecated Tutorials
Receive logs from your app
Other Deprecated Tutorials

Settings

This page explains how to configure Aidbox using settings. Settings control how your Aidbox instance behaves and can be managed using Aidbox UI and environment variables.

How settings work

Each setting in Aidbox:

  • Has a unique name that identifies it (like fhir.search.defaultparams.count)
  • Can be configured through the UI or environment variables
  • Includes a description explaining its purpose
  • Maps to a specific environment variable name
  • May have a default value (for example, fhir.search.defaultparams.count defaults to 100)

Setting categories

You can find all settings organized into these categories in the Aidbox UI under the Settings tab:

  • General: Core server configuration options
  • FHIR: Settings specific to FHIR functionality
  • Security and Access Control: Authentication, authorization, audit logging settings
  • Modules: Settings for individual Aidbox modules
  • Web: HTTP server configuration
  • Database: Database connection and connection pool settings
  • Observability: Logging, monitoring, and debugging options
  • Zen: Legacy settings (Note: Will be removed in July 2025)

Setting groups

Some settings have special properties:

  • Sensitive Settings: These contain secure data like passwords and API keys
  • Can only be set using environment variables
  • Example: security.encryptsecret
  • Not editable in the UI
  • Restart Required Settings: Changes to these require an Aidbox server restart
  • Example: db.pool.maximumpoolsize
  • The UI will notify you when a restart is needed

Full details are available in the reference documentation.

Settings precedence

When Aidbox starts up, it determines setting values in this order:

  1. Environment variables (highest priority)
  2. * Take precedence over all other sources
  3. * Cannot be changed using the UI
  4. * Best practice for production environments
  5. 2. User-defined settings in UI
  6. * Applied when no environment variable exists
  7. * Can be changed using the UI
  8. 3. System defaults (lowest priority)
  9. * Built-in values provided by Aidbox
  10. * Used when no other value is specified

This hierarchy provides:

  • Flexible and quick configuration during development via UI
  • Secure, consistent configuration in deployment scripts and CI/CD pipelines via environment variables

Enable runtime settings editing

A user can enable runtime editing of Aidbox settings using the settings.mode in read-write value.

Possible values:

  • readwrite: enables editing Aidbox settings using the UI. This mode disables loading configuration from the Aidbox configuration project (zen).
  • readonly: reads settings values from environment variables and Aidbox settings in readonly mode. This mode disables loading configuration from the Aidbox configuration project (zen).
  • legacy: reads configuration values from the legacy Aidbox configuration project (zen) in readonly mode. This mode exists for backward compatibility. It will be obsolete in July 2025. Read more.

For example, a user can set BOX_SETTINGS_MODE: read-write in the environment variables to enable runtime editing of Aidbox settings.

Starting from March 2025 existing instances will use legacy mode for backward compatibility. All new instances by default will use read-write. Starting from July 2025 legacy option will not be available.

Product-specific settings

In some cases there're specific settings defined in products: Smartbox, Multibox, etc. These settings will have . name format.

Settings reference documentation

You can find a complete list of settings in the reference documentation