Configuration File Settings for Spotfire Automation Services

These tables provide information about the configuration files for Spotfire Automation Services and its interactions with Spotfire Server and Spotfire Automation Services using APIs.

Table 1. Spotfire.Dxp.Worker.Automation.config This configuration file is used for configurations that are specific to Spotfire Automation Services.
Setting	Default value	Description
/Spotfire.Dxp.Automation.Framework/security/allowedFilePaths@allowAll	`True`	By default, Spotfire Automation Services tasks can read files from, and write files to any directory in the file system. Set this to `False` to allow only tasks to read from, and write to, directories specified in the \<allowedFilePaths> section.
/spotfire.dxp.automation.tasks/smtp - SMTP Configuration	Not enabled	An SMTP server can be set up to use TLS (`useTls`) or different methods of authentication.
/Spotfire.Dxp.Automation.Framework/allowedFilePaths	All paths are allowed	By default, Spotfire Automation Services tasks can read files from, and write files to, any directory in the file system. Set this to `False` to allow only tasks to read from, and write to, directories specified in the <allowedFilePaths> section. (Not to be confused with <allowedFilePaths> in Spotfire.Dxp.Worker.Core.config.)

Table 2. Spotfire.Dxp.Worker.Core.config This configuration file specifies settings for the service's communication with the Spotfire Server, and if sections in configuration files should be encrypted.
Setting	Default value	Description
/cryptography@encryptConfigurationSections	`true`	Set to `true` to encrypt sections of configuration files containing sensitive information.
/cryptography@DataProtectionConfigurationProvider	`DataProtectionConfigurationProvider`	On Windows: By default the `DataProtectionConfigurationProvider` uses Windows Data Protection API (DPAPI) to encrypt sections of the configuration with a machine-specific secret key which means that the encrypted sections can only be decrypted from the same machine as the service is running on. See Encrypting Configuration Information Using Protected Configuration for more information. On Linux: Our own provider is used.

Table 3. Spotfire.Dxp.Worker.Host.exe.config or Spotfire.Dxp.Worker.Host.dll.configSpotfire.Dxp.Worker.Host.exe.config is the configuration file for both Spotfire Web Player and Spotfire Automation Services on Windows. When running on Linux, the config file is called Spotfire.Dxp.Worker.Host.dll.config. See Spotfire.Dxp.Worker.Host.exe.config file and Spotfire.Dxp.Worker.Host.dll.config help for more information.
Setting	Default value	Description
/Spotfire.Dxp.Internal.Properties.Settings/AllowedTlsVersions	`Tls, Tls11, Tls12`	Determines which versions of the TLS security protocol are allowed. Specify the values separated by a comma ",". For information about the possible values for this setting, refer to the .NET enum `SecurityProtocolType`. If you leave the value for this setting blank, the allowed TLS versions are set to `SystemDefault`. If you remove the setting from the configuration file, the allowed TLS versions are set to the default value.
/Spotfire.Dxp.Data.Properties.Settings/AllowedFilePaths	Empty	A list of directories that Spotfire Web Player or Spotfire Automation Services are allowed to use as file data sources. Add only approved network shares or other paths that contain files that should be possible to load in a Spotfire file. For security reasons you should not add entire drive letters such as C:\ because that would allow Spotfire users to read local files from the Spotfire Web Player service. Note: The names are checked in a case-insensitive manner.
/system.net/defaultProxy		On Windows: If the Spotfire Web Player or Spotfire Automation Services should use a proxy server to reach internal and external networks, one can be enabled in this file.