SERVICE_NAME=iam-service
LOG_LEVEL=info
LOG_TO_FILE=false
LOG_DIR=./log
LOG_FILE_NAME=iam.log

DATABASE_URL=postgres://iam_service_user:iam_service_password@localhost:5432/iam_service_db
JWT_SECRET=please_replace_with_a_secure_random_string
PORT=3000

# Optional: Scalar/OpenAPI example injection
IAM_DOCS_DEFAULT_TENANT_ID=
IAM_DOCS_DEFAULT_TOKEN=
IAM_DOCS_REQUIRE_TENANT_ID=0
IAM_DOCS_REQUIRE_TOKEN=0

# Optional: second-factor token for sensitive operations (tenant create, app delete)
IAM_SENSITIVE_ACTION_TOKEN=

# Optional: enable second-factor token for password reset (admin path uses this token too)
# (same IAM_SENSITIVE_ACTION_TOKEN header: X-Sensitive-Token)