Security configuration variables

Variable Type Default Value Description

d2l.Security.Api.EnableApi

Org

ON

Central switch for all of API.

d2l.Security.Api.OrgAdminsCanRegisterApps

Org

ON

Determines if organization administrators can register, edit, or delete Brightspace API applications using the Manage Extensibility tool. If turned off, only D2L Support and instance administrators can manage applications. This is useful if you want to implement a process where organization administrators must submit new applications for approval. Once an application is approved, an instance administrator can register the application on behalf of the organization administrator.

d2l.Security.Api.Sync.LmsId

Org

valence.desire2learn.com

ID for the central application provisioning service.

d2l.Security.Api.TokenTimeout

Org

-1

Timeout for long-lived tokens in API calls in seconds.

d2l.Security.BypassDateCheck

Org

OFF

Display the names of courses in the My Courses widget even if the course has not started yet or has already completed.

d2l.Security.ContentApplySandbox Org OFF

Applies the sandboxing attribute to HTML content files if you have selected the Enable Content Sandboxing option in the Course Offering Information area of an Organization Unit.

d2l.Security.ContentSandboxDefault OrgUnit Type OFF Sets the default status of the Enable Content Sandboxing check box for all org units in Course Offering Information area that do not have specific overrides. This configuration variable enables administrators to specify that all courses should have sandboxed content, and specifically opt out certain org units, if applicable.

d2l.Security.DisableScriptCookies

Org

OFF

Controls whether cookies used by scripts are disabled.

d2l.Security.HasOrgUnitDate
Restrictions

Org

ON

Determines whether org units have start/end date restrictions.

d2l.Security.Policies.Allow
Autocomplete

Org

OFF

Allows browser autocomplete for credentials.

d2l.Security.WidgetsApplySandbox Org OFF

Applies the sandbox attribute to any widget where Widget Is Sandboxed is selected in the Edit Widget Properties area.

For existing clients, this configuration variable is OFF by default. When the configuration variable is OFF, the permission and workflow to apply sandboxing is visible, but the actual sandbox attribute is not applied; scripts execute as they did previously.

All new widgets have the Widget Is Sandboxed attribute set to OFF in the Edit Widget Properties dialog box. When the Security.WidgetsApplySandbox configuration variable is enabled, the sandbox attribute is applied as appropriate, and all new widgets have the Widget Is Sandboxed setting automatically turned on in the Edit Widget Properties area.

Note: When the Security.WidgetsApplySandbox configuration variable is on, users without the Manage Widget Security permission can no longer edit a widget that is not sandboxed.