Token Vault configuration settings

Token Vault configuration settings are stored in the appsettings.json file. This file is located in the <Common Application Data folder> for Token Vault, such as C:\ProgramData\Kofax\TokenVault.

To modify Token Vault configuration settings, log in with your Token Vault administrator credentials and click Settings on the left, and then select the setting category to be configured from the options that appear.

These setting categories include:

  • Server settings

  • Database settings

  • Authentication settings

  • One-time passcode settings

  • Logging settings

By default, when the administrator clicks Settings on the left, the Database settings page appears.

To be able to save the configuration settings into the appsettings.json file and restart the Token Vault windows service by a Token Vault administrator user from the Token Vault UI, the user who runs the Token Vault windows service must have the following privileges:

  • Read and Write permission on the <Common Application Data>\Kofax\TokenVault folder (typically C:\ProgramData\Kofax\TokenVault)

  • 'Start service', 'Stop service' and 'Pause/Continue service' permissions on the Token Vault Windows service

The installer sets these permissions automatically, but when changing the user who runs Token Vault Windows service, these permissions must be set manually.

When the Token Vault is not usable for configuration issues, Token Vault opens in maintenance mode and only configuration settings pages are available. A red triangle-shaped icon with exclamation mark indicates the setting page(s) where the Token Vault administrator must take actions to make Token Vault usable.

In maintenance mode, Token Vault web application is accessible only from the Token Vault server machine using either the http://localhost:8380 URL or the https://localhost:8381 URL (the ports vary according to your configuration). If other users open Token Vault in a browser from their machine, an error page appears with the "Site is temporarily unavailable" error message.

The most frequent conditions when Token Vault starts in maintenance mode are listed below:

  • Immediately after a clean installation, since the database connection parameters are missing.

  • Immediately after an upgrade installation, since the database is required to upgrade.

  • If the database is inaccessible due to any reasons.

  • If the HTTPS certificate configured for Token Vault is expired or has been removed from the Certificate Store (Certificates (Local Computer)\Personal), or the user who runs the Token Vault Windows service has no privileges to use the private key of that certificate.