We're updating some of our product names. K2 Five is now Nintex Automation. You may see both product names in our help pages while we make this change.

Forms STS web.config File Settings

The following table lists the settings available in the FormsSTS web.config file. You should contact support before making any changes to these settings.

Node	Change permitted?	Description	Example Value
General Settings
Copy webpages:Version `<add key="webpages:Version" value="2.0.0.0" />`	No
Copy webpages:Enabled `<add key="webpages:Enabled" value="false" />`	No
Copy PreserveLoginUrl `<add key="PreserveLoginUrl" value="true" />`	No
Copy ClientValidationEnabled `<add key="ClientValidationEnabled" value="true" />`	No
Copy UnobtrusiveJavaScriptEnabled `<add key="UnobtrusiveJavaScriptEnabled" value="true" />`	No
The following five entries are used to authenticate against the default asp.net membership provider
Copy UseAspNetMembershipProvider `<add key="UseAspNetMembershipProvider" value="False" />`	No
Copy IssuerName `<add key="IssuerName" value="FormsSTS" />`	Set by default and should not need to be changed	The Issuer name for the K2 Forms STS as configured in the Claims configuration
Copy Thumbprint `<add key="Thumbprint" value="A610A58E165BAE111C7CCF6B6EDDC0306571BC3C" />`	Set by default and should not need to be changed	The Forms STS issuer thumbprint. The K2 Server checks to make sure it trusts an issuer by validating the thumbprint it has configured for the issuer against that issuer's certificate used to sign the token.
Copy SessionTokenLifetime `<add key="SessionTokenLifetime" value="28800" />`		The SessionTokenLifetime controls how many seconds the session token remains valid. This is normally set to around 8 hours (28800 seconds). This value can not be larger than 86400 (1 day)
Copy MaximumTokenLifetime `<add key="MaximumTokenLifetime" value="28800" />`	No	This config value currently has no effect
SmatForms App Settings
Copy HostName `<add key="HostName" value="SA-LABSDLX" />`	Yes	This config value controls which host machine the STS connects to, to retrieve and store information as well as authenticated users.	The hostname or ip address of the K2 Host Server machine
Copy HostPort `<add key="HostPort" value="5555" />`	Yes	This config value is used to specify which port to use for K2 host server communication.	The port number that host server is configured to listen on.
Copy WorkflowPort `<add key="WorkflowPort" value="5252" />`	Yes	This config value is used to specify which port to use for K2 workflow server communication.	The port number that the K2 workflow server is configured to listen on.
Copy DefaultAuthData `<add key="DefaultAuthData" value="" />`	No	This config value should not be used and is legacy for UserProviders that needed a AuthData value for authentication.
Copy DefaultSecurityLabel `<!--<add key="DefaultSecurityLabel" value="K2"/>-->`	Yes	The DefaultSecurityLabel is used when none is specified. Leave blank or missing to use the URM default security label.
Copy SecurityLabels `<!--<add key="SecurityLabels" value="K2;K2SQL"/>-->`	Yes	SecurityLabels that are available. Leave blank or missing to use the all URM security labels.	Semi-colon separated list.
Copy IntegratedSecurityLabels `<!--<add key="IntegratedSecurityLabels" value="K2"/>-->`	Yes	SecurityLabels that use integrated security	Semi-colon separated list.
Copy ExcludedSecurityLabels `<add key="ExcludedSecurityLabels" value="SP" />`	Yes	SecurityLabels that should be excluded when authenticating users. Used if very specific security labels should be used or not used by the Forms STS (for example don’t allow users to log in with their windows credentials on the forms sts)	Semi-colon separated list.
Advanced Connection settings
Copy Forms.UseConnectionPerRequest `<!--<add key="Forms.UseConnectionPerRequest" value="true"/>-->`	No	These settings are for advanced scenarios and testing purposes – do not change them as they may have grave performance and stability impacts.
Copy Forms.UseConnectionPooling `<!--<add key="Forms.UseConnectionPooling" value="true"/>-->`	No
Copy Forms.MinConnectionPoolSize `<!--<add key="Forms.MinConnectionPoolSize" value="0"/>-->`	No
Copy Forms.MaxConnectionPoolSize `<!--<add key="Forms.MaxConnectionPoolSize" value="0"/>-->`	No
Copy Forms.AuthenticationCookie.Name `<!--<add key="Forms.AuthenticationCookie.Name" value=".K2AUTH"/>-->`	No
Copy Forms.AuthenticationCookie.Duration `<!--<add key="Forms.AuthenticationCookie.Duration" value="0"/>-->`	No
Copy Forms.Web.Cache.TraceEnabled `<add key="Forms.Web.Cache.TraceEnabled" value="false" />`	No
<!-- Site Session Expiration Handling settings -->
Copy MultiLoopCheckTimeoutInterval `<add key="MultiLoopCheckTimeoutInterval" value="5" />`	Yes	Used to detect redirect loops that may occur when there is problem during authentication. A user may visit the STS a maximum of five times in the interval specified by the configuration setting.
Copy SecurityLabel.K2SQL.Methods `<!--<add key="SecurityLabel.K2SQL.Methods" value="5;7" />-->`	No	This config value is specified per security label and lists the methods that are used to authenticate the user against K2 Host Server with the credentials supplied on the login form.	A semi-colon separated list of numbers 1-8.