| Full name | Key name | Portal | Handler | Manager |
| Activate auto accept timer | activeTimer | ✔ | | |
| Apache authentication level | apacheAuthnLevel | ✔ | | |
| Choice modules | authChoiceModules | ✔ | | |
| Choice URL parameter | authChoiceParam | ✔ | | |
| Authentication backend | authentication | ✔ | | |
| LDAP authentication search filter | AuthLDAPFilter | ✔ | | |
| CAS authentication level | CAS_authnLevel | ✔ | | |
| CAS CA file | CAS_CAFile | ✔ | | |
| CAS force gateway authentication | CAS_gateway | ✔ | | |
| CAS PGT temporary file | CAS_pgtFile | ✔ | | |
| CAS proxied services | CAS_proxiedServices | ✔ | | |
| CAS force authentication renewal | CAS_renew | ✔ | | |
| CAS server URL | CAS_url | ✔ | | |
| CAS attribute for login | casAttr | ✔ | | |
| CAS access control policy | casAccessControlPolicy | ✔ | | |
| CAS Session backend | casStorage | ✔ | | |
| CAS Session backend options | casStorageOptions | ✔ | | |
| CDA activation | cda | ✔ | ✔ | |
| Configuration backend | configStorage | ✔ | ✔ | ✔ |
| Cookie expiration | cookieExpiration | ✔ | ✔ | |
| Name of the cookie | cookieName | ✔ | ✔ | |
| Custom functions | customFunctions | ✔ | ✔ | ✔ |
| Custom SOAP Services | CustomSOAPServices | ✔ | | |
| DBI Connection chain | dbiAuthChain | ✔ | | |
| DBI Login column | dbiAuthLoginCol | ✔ | | |
| DBI authentication level | dbiAuthnLevel | ✔ | | |
| DBI Connection password | dbiAuthPassword | ✔ | | |
| DBI Password column | dbiAuthPasswordCol | ✔ | | |
| DBI Password hash | dbiAuthPasswordHash | ✔ | | |
| DBI Authentication table | dbiAuthTable | ✔ | | |
| DBI Connection user | dbiAuthUser | ✔ | | |
| DBI Mail column | dbiPasswordMailCol | ✔ | | |
| DBI UserDB connection chain | dbiUserChain | ✔ | | |
| DBI UserDB connection password | dbiUserPassword | ✔ | | |
| DBI UserDB table | dbiUserTable | ✔ | | |
| DBI UserDB connection user | dbiUserUser | ✔ | | |
| Main DNS domain | domain | ✔ | ✔ | |
| Attributes exported in SOAP | exportedAttr | ✔ | | |
| Headers sent | exportedHeaders | | ✔ | |
| Attributes from user backend | exportedVars | ✔ | | |
| Session backend | globalStorage | ✔ | ✔ | |
| Session backend options | globalStorageOptions | ✔ | ✔ | |
| Rule for session granting | grantSessionRule | ✔ | | |
| Local groups | groups | ✔ | | |
| Force HTTPS in redirection | https | | ✔ | |
| LDAP authentication level | ldapAuthnLevel | ✔ | | |
| LDAP search base | ldapBase | ✔ | | |
| LDAP change password as user | ldapChangePasswordAsUser | ✔ | | |
| LDAP main search filter | LDAPFilter | ✔ | | |
| LDAP groups member attribute | ldapGroupAttributeName | ✔ | | |
| LDAP group link attribute name | ldapGroupAttributeNameGroup | ✔ | | |
| LDAP groups name attribute | ldapGroupAttributeNameSearch | ✔ | | |
| LDAP groups member link value | ldapGroupAttributeNameUser | ✔ | | |
| LDAP groups base | ldapGroupBase | ✔ | | |
| LDAP groups objectClass | ldapGroupObjectClass | ✔ | | |
| LDAP activate recursive groups | ldapGroupRecursive | ✔ | | |
| LDAP Port | ldapPort | ✔ | | |
| LDAP password policy control | ldapPpolicyControl | ✔ | | |
| LDAP password encoding | ldapPwdEnc | ✔ | | |
| LDAP binary attributes | ldapRaw | ✔ | | |
| LDAP server or Net::LDAP connexion string | ldapServer | ✔ | | |
| LDAP extended SetPassword modify | ldapSetPassword | ✔ | | |
| LDAP timeout | ldapTimeout | ✔ | | |
| LDAP version | ldapVersion | ✔ | | |
| LDAP modify password reset attribute | ldapUsePasswordResetAttribute | ✔ | | |
| LDAP password reset attribute name | ldapPasswordResetAttribute | ✔ | | |
| LDAP password reset attribute true value | ldapPasswordResetAttributeValue | ✔ | | |
| Cache backend | localStorage | ✔ | ✔ | ✔ |
| Local cache | localStorage | ✔ | ✔ | ✔ |
| Cache backend options | localStorageOptions | ✔ | ✔ | ✔ |
| Local cache parameters | localStorageOptions | ✔ | ✔ | ✔ |
| Access rules | locationRules | | ✔ | |
| Macros | macros | ✔ | | |
| Body for password mail | mailBody | ✔ | | |
| Body for confirmation mail | mailConfirmBody | ✔ | | |
| Subject for confirmation mail | mailConfirmSubject | ✔ | | |
| Mail From address | mailFrom | ✔ | | |
| Reply address | mailReplyTo | ✔ | | |
| Mail charset | mailCharset | ✔ | | |
| LDAP mail search filter | mailLDAPFilter | ✔ | | |
| Subject for password mail | mailSubject | ✔ | | |
| Mail reset request timeout | mailTimeout | ✔ | | |
| URL for mail reset | mailUrl | ✔ | | |
| Session key containing email address | mailSessionKey | ✔ | | |
| Manager menu organization | managerCss | | | ✔ |
| Manager theme | managerCssTheme | | | ✔ |
| LDAP Bind DN | managerDn | ✔ | | |
| LDAP Bind Password | managerPassword | ✔ | | |
| Manager skin | managerSkin | | | ✔ |
| Manager tree autoClose | managerTreeAutoClose | | | ✔ |
| Manager tree JQuery CSS file | managerTreeJqueryCss | | | ✔ |
| Multi overridden parameters | multi | ✔ | | |
| Multi values separator | multiValuesSeparator | ✔ | ✔ | ✔ |
| Notification activation | notification | ✔ | | ✔ |
| Notification backend | notificationStorage | ✔ | | ✔ |
| Notification backend options | notificationStorageOptions | ✔ | | ✔ |
| Notification uid for all users | notificationWildcard | ✔ | | ✔ |
| Display deleted sessions | notifyDeleted | ✔ | | |
| Display other sessions | notifyOther | ✔ | | |
| Null authentication level | nullAuthnLevel | ✔ | | |
| OpenID authentication level | openIdAuthnLevel | ✔ | | |
| OpenID allowed domains | openIdIDPList | ✔ | | |
| OpenID secret token | openIdSecret | ✔ | | |
| Password backend | passwordDB | ✔ | | |
| Force port in redirection | port | | ✔ | |
| Portal URL | portal | ✔ | ✔ | |
| Anti frame protection | portalAntiFrame | ✔ | | |
| Allow form autocompletion | portalAutocomplete | ✔ | | |
| Display applications list | portalDisplayAppslist | ✔ | | |
| Display change password module | portalDisplayChangePassword | ✔ | | |
| Display logout module | portalDisplayLogout | ✔ | | |
| Display reset password form | portalDisplayResetPassword | ✔ | | |
| Open links in new window | portalOpenLinkInNewWindow | ✔ | | |
| Require old password (change) | portalRequireOldPassword | ✔ | | |
| Skin name | portalSkin | ✔ | | |
| User name session field | portalUserAttr | ✔ | | |
| Protection scheme | protection | | ✔ | ✔ |
| Regular expression for random password | randomPasswordRegexp | ✔ | | |
| Delay between check of local configuration | reloadTime | | ✔ | |
| Remote cookie name | remoteCookieName | ✔ | | |
| Proxy cookie name | remoteCookieName | ✔ | | |
| Remote Session backend | remoteGlobalStorage | ✔ | | |
| Remote Session backend options | remoteGlobalStorageOptions | ✔ | | |
| Remote portal | remotePortal | ✔ | | |
| SAML Session backend | samlStorage | ✔ | | |
| SAML Session backend options | samlStorageOptions | ✔ | | |
| Cookie security | securedCookie | ✔ | ✔ | |
| Delete other session if IP differs | singleIP | ✔ | | |
| Delete other session | singleSession | ✔ | | |
| Do not allow several users for 1 IP | singleUserByIP | ✔ | | |
| SMTP server | SMTPServer | ✔ | | |
| SMTP user | SMTPAuthUser | ✔ | | |
| SMTP password | SMTPAuthPass | ✔ | | |
| SOAP activation | Soap | ✔ | | |
| Proxy portal URL | soapAuthService | ✔ | | |
| Proxy session SOAP end point | soapSessionService | ✔ | | |
| SSL authentication level | SSLAuthnLevel | ✔ | | |
| SSL map with LDAP attribute | SSLLDAPField | ✔ | | |
| SSL force SSL authentication | SSLRequire | ✔ | | |
| SSL user field in certificate | SSLVar | ✔ | | |
| Status module activation | status | | ✔ | |
| Store password in session | storePassword | ✔ | | |
| Sympa mail session key | sympaMailKey | ✔ | | |
| Sympa shared secret | sympaSecret | ✔ | | |
| Syslog facility | syslog | ✔ | | |
| Session lifetime for cronjob | timeout | ✔ | | |
| Trusted domains | trustedDomains | ✔ | | |
| Twitter application name | twitterAppName | ✔ | | |
| Twitter authentication level | twitterAuthnLevel | ✔ | | |
| Twitter application key | twitterKey | ✔ | | |
| Twitter application secret | twitterSecret | ✔ | | |
| User backend | userDB | ✔ | | |
| Use redirect on error | useRedirectOnError | | ✔ | |
| Use Safe Jail | useSafeJail | ✔ | ✔ | |
| DBI Pivot from user table | userPivot | ✔ | | |
| Use XForwardedFor for IP | useXForwardedForIP | ✔ | | ✔ |
| Data to store as REMOTE_USER (used also in Apache logs) | whatToTrace | ✔ | ✔ | |
| Zimbra account session key | zimbraAccountKey | | ✔ | |
| Zimbra account type | zimbraBy | | ✔ | |
| Zimbra preauthentication key | zimbraPreAuthKey | | ✔ | |
| Zimbra local SSO URL pattern | zimbraSsoUrl | | ✔ | |
| Zimbra preauthentication URL | zimbraUrl | | ✔ | |
| Yubikey client ID | yubikeyClientID | ✔ | | |
| Yubikey secret key | yubikeySecretKey | ✔ | | |
| Yubikey public ID size | yubikeyPublicIDSize | ✔ | | |
| Yubikey authentication level | yubikeyAuthnLevel | ✔ | | |
| Hide old password in reset form | hideOldPassword | ✔ | | |
| Secure Token allow requests in error | secureTokenAllowOnError | | ✔ | |
| Secure Token attribute | secureTokenAttribute | | ✔ | |
| Secure Token expiration | secureTokenExpiration | | ✔ | |
| Secure Token header | secureTokenHeader | | ✔ | |
| Secure Token Memcached servers | secureTokenMemcachedServers | | ✔ | |
| Secure Token protected URLs | secureTokenUrls | | ✔ | |
| Cookie Javascript protection | httpOnly | ✔ | ✔ | |