Patriot Configuration Files
Each of the Patriot component programs has its own configuration file containing application and system settings.
The files are located inside the Patriot install directory for each component, e.g. C:\Program Files (x86)\Patriot Systems Ltd\Patriot Data Service\AppSettings.json
The following headers in this document correspond to sub-sections in the corresponding config files.
The configuration system applies sensible defaults for all of these values. Only settings that you wish to change from the default values need to be included in the config file.
These settings must be put inside the root 'DataService'/'TaskService' section. For example:
{
"DataService": {
"SqlConnection": {
// sql connection settings (see below)
}
}
}
Note: the following types 'string' and 'boolean' refer to text and true/false respectively, both of which should be wrapped in quotation marks.
Most settings can also be updated via the Patriot Configurator utility or from the settings pane on the Patriot client login window.
Data Service Configuration
SqlConnection
Controls how Patriot connects to SQL Server.
| Property | Type | Description |
|---|---|---|
ServerName | string | Name of the SQL Server to connect to. |
IntegratedSecurity | boolean | Indicates whether or not to use Windows Authentication to authenticate to SQL. |
UserName | string | Username to authenticate to SQL. Ignored if 'IntegratedSecurity' is true. |
Password | string | Password to authenticate to SQL. Ignored if 'IntegratedSecurity' is true. |
MaxPoolSize | number | Maximum size of the SQL Connection pool. Must be at least 100. |
Failover | Failover Options | SQL Failover options. |
Failover Options
| Property | Type | Description |
|---|---|---|
FailoverPartner | string | Name of the secondary / failover SQL server, when using SQL Mirroring. |
MultiSubnetFailover | boolean | Indicates if the failover crosses multiple network subnets. Improves recovery time during cluster failover. |
Api
Settings relating to the Patriot REST / Web API. This is typically configured during ICA setup using the Utilities Program. Learn more.
| Property | Type | Description |
|---|---|---|
Port | number | TCP Port where Patriot will listen for API requests. |
TokenSigningKey | string | The Base64-encoded token signing key used to issue API tokens. |
TokenTimeout | TimeSpan | The amount of time that issued API tokens will be valid for, in HH:MM:SS (e.g. 00:01:30 ). |
TokenIdleTimeout | TimeSpan | The amount of time that unused/idle API tokens will be valid for, in HH:MM:SS (e.g. 00:01:00 ). |
TrustedDeviceExpiryDays | number | The number of days that a Trusted Device entry persists in the database (e.g. the amount of time before a user will have to re-register the device; default 180; minimum 7) |
TrustedDeviceRegistrationCacheCapacity | number | The number of entries that can simultaneously exist in the in-memory cache (e.g. the max number of simultaneous in-progress registrations; default 100) |
TrustedDeviceRegistrationCacheDuration | TimeSpan | The duration of a cache entry before auto-removal (e.g. the amount of time a user has to complete registration; default in HH:MM:SS 00:60:00) |
TrustedDeviceChallengeCacheCapacity | number | The number of entries that can simultaneously exist in the in-memory cache (e.g. the max number of simultaneous in-progress device re-authorization attempts; default 100) |
TrustedDeviceChallengeCacheDuration | TimeSpan | The duration of a cache entry before auto-removal (e.g. the amount of time the server has to verify a trusted device; default in HH:MM:SS 00:05:00) |
As of 6.13.2.0, the token's lifetime is the minimum of the TokenTimeout, TrustedDeviceExpiryDays, and the User Expiry (whichever options are present). Learn more about providing ICA access.
The cache capacity settings are to mitigate DDoS-like attacks, as the endpoints are public. It may be useful to increase the values if many users are registering on Plink at the same time.
TrustedDeviceExpiryDays, TrustedDeviceRegistrationCacheCapacity, TrustedDeviceRegistrationCacheDuration, TrustedDeviceChallengeCacheCapacity, and TrustedDeviceChallengeCacheDuration are applicable from Patriot version 6.13.2.0, Plink version 13.2.2.
Signal Logging
Settings for configuring signal logging, particularly the handling of failed signals.
| Property | Type | Description |
|---|---|---|
FaultHandling | Fault Handling Options | Signal fault handling options. |
Fault Handling Options
| Property | Type | Description |
|---|---|---|
BackoffMode | "Constant" / "Exponential" | Delay mode between retries. Constant is the default mode and will standardise all delays to the same time. Exponential will exponentially increase the time between retries. |
Delay | TimeSpan | The amount of time between retries, in HH:MM:SS (default 00:00:01). |
MaxDelay | TimeSpan | The maximum amount of time between retries to avoid Exponential mode growing too long, in HH:MM:SS (default 00:00:30). |
JsonSdk
Settings relating to the legacy Patriot JSON API. Learn more.
| Property | Type | Description |
|---|---|---|
Enabled | boolean | Enables the legacy JSON api. |
Port | number | TCP Port where Patriot will listen for API requests. |
Encrypted | boolean | Enables encryption. |
UserName | string | Valid username required to authenticate requests. |
Password | string | Valid password required to authenticate requests. |
WcfApi
Settings relating to the internal Patriot WCF API, used by the Task Service and Desktop Client to connect.
| Property | Type | Description |
|---|---|---|
Port | number | TCP Port where Patriot will listen for API requests. |
Encrypted | boolean | Enables encryption and authentication. |
Transport | WcfTransportMode | Controls wire protocol for communication. Supported: Tcp (default), or Http |
TokenSigningKey | string | The Base64-encoded token signing key used to issue WCF tokens |
AllowInsecureLoginMethods | boolean | Controls whether insecure login methods like Automatic Windows Username login are allowed |
ApiKeys | Api Key Options | Options for authenticating Task Service connections |
Api Key Options
| Property | Type | Description |
|---|---|---|
Validate | boolean | Controls whether API Keys are validated for incoming Task Service connections |
Keys | Array of Api Key Item | An array of known API keys |
Api Key Item
| Property | Type | Description |
|---|---|---|
ApiKey | string | The API Key that is allowed access |
StorageDirectories
Storage directory location configuration settings. Learn more.
| Property | Type | Description |
|---|---|---|
LocalStorageDirectory | string | Local Storage directory where the service stores local files not stored in the database. |
Archiving
Settings relating to archiving of old data to reduce storage requirements. Learn more.
| Property | Type | Description |
|---|---|---|
Enabled | boolean | Indicates if archive database is enabled. |
SignalArchivingRateLimit | number | The maximum expected average signal logging rate per client per day. In rare cases this may need to be increased via the dataservice config file. |
Ulc
Settings relating to ULC compliance.
| Property | Type | Description |
|---|---|---|
SerialNo | string | ULC Serial Number. |
Telemetry
| Property | Type | Description |
|---|---|---|
PerformanceCounters | Performance Counter Options | Windows Performance Counter export options. |
OpenTelemetry | OpenTelemetry Options | OpenTelemetry export options. |
Performance Counter Options
Settings for exporting system statistics to Windows Performance Counters. Learn more.
| Property | Type | Description |
|---|---|---|
Enabled | boolean | Indicates whether or not performance counter data should be emitted (default: true). |
OpenTelemetry Options
Settings for exporting system statistics via OpenTelemetry. Learn more.
| Property | Type | Description |
|---|---|---|
SendMetrics | boolean | Indicates whether or not metrics should be sent. |
Endpoint | Uri | Destination server to which the exporter is going to send telemetry. |
Protocol | OtlpExportProtocol | Supported: Grpc (default) or HttpProtobuf. |
Headers | string | Optional headers to include in request (eg. api key). |
TimeoutMilliseconds | number | The max waiting time (in milliseconds) for the backend to process each batch. Defaults to 10,000ms. |
Task Service Configuration
ConnectionSettings
Data service details (server, port, encryption settings).
| Property | Type | Description |
|---|---|---|
ServerName | string | Host name or IP address of the Patriot Data Service server to connect to. |
ServerPort | number | Port of the Patriot Data server to connect to. |
EncryptionEnabled | boolean | Indicates whether or not encryption is enabled. |
AlternateAuthentication | Alternate Authentication Options | Ignored unless 'Encryption' setting is enabled. |
Transport | WcfTransportMode | Controls wire protocol for communication. Supported: Tcp (default), or Http |
ApiKey | string | The API Key sent to the server to authenticate requests |
Alternate Authentication Options
These settings are ignored unless the 'Encryption' setting is enabled. Learn more.
| Property | Type | Description |
|---|---|---|
Enabled | boolean | Indicates whether alternate authentication is enabled. |
Domain | string | Domain used for alternate authentication. |
User | string | Valid user required to authenticate requests. |
Password | string | Valid password required to authenticate requests. |
BackupConnectionSettings
Alternative addresses to connect to data service. Learn more.
| Property | Type | Description |
|---|---|---|
AutomaticFailOver | boolean | Indicates whether automatic failover is enabled. |
BackupServerName | string | Name of the backup / failover Patriot server. |
AutomaticFailBackTime | TimeSpan | Timespan determining when to swap to backup server, in HH:MM:SS (e.g. 00:02:00 ). |
AlternatePrimary1 | Endpoint Options | First alternate primary database server. |
AlternatePrimary2 | Endpoint Options | Second alternate primary database server. |
AlternateBackup1 | Endpoint Options | First alternate backup database server. |
AlternateBackup1 | Endpoint Options | Second alternate backup database server. |
Endpoint Options
| Property | Type | Description |
|---|---|---|
Address | string | Hostname or IP address e.g. patriotserver or 192.168.1.100. |
Port | number | IP Port number. |
StorageDirectories
Local storage directory where the task service stores its files.
| Property | Type | Description |
|---|---|---|
LocalStorageDirectory | string | Path to the directory. |
Patriot Client Configuration
The Patriot client configuration is stored in PatriotV6Client.exe.config in the Patriot client installation directory.
Typically this is C:\Program Files (x86)\Patriot Systems\Patriot Version 6 Client\PatriotV6Client.exe.config
All Patriot client settings are in a list within the <applicationSettings> element. Missing settings can be added by adding a new <setting> item to the list
<setting name="MyNewSetting" serializeAs="String">
<value>MySettingValue</value>
</setting>
| Property | Description |
|---|---|
ServiceComputerName | Host name or IP address of the primary Patriot Data Service |
BackupServiceName | Host name or IP address of the backup Patriot Data Service |
UsePrimaryServer | True: Connect to ServiceComputerName. False: Connect to BackupServiceName |
ServicePortNo | TCP Port to use when connecting to Data Service |
ServiceTransport | Wire Protocol to use when communicating with Data Service. Supported: Tcp or Http |
UseEncryption | Indicates whether or not encryption is enabled. Learn more. |
UseAlternateAuthentication | Indicates whether alternate authentication is enabled |
AuthenticationDomain | Domain used for alternate authentication |
AuthenticationUser | User used for alternate authentication |
WebSocketServerPort | Desktop API Dialler listen port. Learn More |
WebSocketApiKey | Desktop API Dialler Api Key. Learn More |
DiallerType | Preferred phone dialler to use, when multiple diallers are available |
WebSocketClientDiallerUrl | Websocket Client Dialler Server URL. Learn More |
WebSocketClientDiallerConfig | Websocket Client Dialler Configuration. Learn More |