Agent params

optional arguments: -h, --help show this help message and exit

Admin: --admin Specify the host and port on which to run the administrative server. If not provided, no admin server is made available. [env var: ACAPY_ADMIN] --admin-api-key Protect all admin endpoints with the provided API key. API clients (e.g. the controller) must pass the key in the HTTP header using 'X-API-Key: '. Either this parameter or the '--admin-insecure-mode' parameter MUST be specified. [env var: ACAPY_ADMIN_API_KEY] --admin-insecure-mode Run the admin web server in insecure mode. DO NOT USE FOR PRODUCTION DEPLOYMENTS. The admin server will be publicly available to anyone who has access to the interface. Either this parameter or the '--api-key' parameter MUST be specified. [env var: ACAPY_ADMIN_INSECURE_MODE] --no-receive-invites Prevents an agent from receiving invites by removing the '/connections/receive-invite' route from the administrative interface. Default: false. [env var: ACAPY_NO_RECEIVE_INVITES] --help-link A URL to an administrative interface help web page that a controller user interface can get from the agent and provide as a link to users. [env var: ACAPY_HELP_LINK] --webhook-url Send webhooks containing internal state changes to the specified URL. Optional API key to be passed in the request body can be appended using a hash separator [#]. This is useful for a controller to monitor agent events and respond to those events using the admin API. If not specified, webhooks are not published by the agent. [env var: ACAPY_WEBHOOK_URL] --admin-client-max-request-size ADMIN_CLIENT_MAX_REQUEST_SIZE Maximum client request size to admin server, in megabytes: default 1 [env var: ACAPY_ADMIN_CLIENT_MAX_REQUEST_SIZE]

Debug: --debug Enables a remote debugging service that can be accessed using ptvsd for Visual Studio Code. The framework will wait for the debugger to connect at start-up. Default: false. [env var: ACAPY_DEBUG] --debug-seed Specify the debug seed to use. [env var: ACAPY_DEBUG_SEED] --debug-connections Enable additional logging around connections. Default: false. [env var: ACAPY_DEBUG_CONNECTIONS] --debug-credentials Enable additional logging around credential exchanges. Default: false. [env var: ACAPY_DEBUG_CREDENTIALS] --debug-presentations Enable additional logging around presentation exchanges. Default: false. [env var: ACAPY_DEBUG_PRESENTATIONS] --debug-webhooks Emit protocol state object as webhook. Default: false. [env var: ACAPY_DEBUG_WEBHOOKS] --invite After startup, generate and print a new out-of-band connection invitation URL. Default: false. [env var: ACAPY_INVITE] --connections-invite After startup, generate and print a new connections protocol style invitation URL. Default: false. [env var: ACAPY_CONNECTIONS_INVITE] --invite-label

Discover features: --auto-disclose-features Specifies that the agent will proactively/auto disclose protocols and goal-codes features on connection creation [RFC0557]. [env var: ACAPY_AUTO_DISCLOSE_FEATURES] --disclose-features-list DISCLOSE_FEATURES_LIST Load YAML file path that specifies which features to disclose. [env var: ACAPY_DISCLOSE_FEATURES_LIST]

General: --arg-file ARG_FILE Load aca-py arguments from the specified file. Note that this file must be in YAML format. --plugin Load as external plugin module. Multiple instances of this parameter can be specified. [env var: ACAPY_PLUGIN] --block-plugin Block plugin module from loading. Multiple instances of this parameter can be specified. [env var: ACAPY_BLOCKED_PLUGIN] --plugin-config PLUGIN_CONFIG Load YAML file path that defines external plugin configuration. [env var: ACAPY_PLUGIN_CONFIG] -o [ ...], --plugin-config-value [ ...] Set an arbitrary plugin configuration option in the format KEY=VALUE. Use dots in KEY to set deeply nested values, as in "a.b.c=value". VALUE is parsed as yaml. --storage-type Specifies the type of storage provider to use for the internal storage engine. This storage interface is used to store internal state. Supported internal storage types are 'basic' (memory) and 'indy'. The default (if not specified) is 'indy' if the wallet type is set to 'indy', otherwise 'basic'. [env var: ACAPY_STORAGE_TYPE] -e [ ...], --endpoint [ ...] Specifies the endpoints to put into DIDDocs to inform other agents of where they should send messages destined for this agent. Each endpoint could be one of the specified inbound transports for this agent, or the endpoint could be that of another agent (e.g. 'https://example.com/agent-endpoint') if the routing of messages to this agent by a mediator is configured. The first endpoint specified will be used in invitations. The endpoints are used in the formation of a connection with another agent. [env var: ACAPY_ENDPOINT] --profile-endpoint Specifies the profile endpoint for the (public) DID. [env var: ACAPY_PROFILE_ENDPOINT] --universal-resolver [] Enable resolution from a universal resolver. [env var: ACAPY_UNIVERSAL_RESOLVER] --universal-resolver-regex [ ...] Regex matching DIDs to resolve using the unversal resolver. Multiple can be specified. Defaults to a regex matching all DIDs resolvable by universal resolver instance. [env var: ACAPY_UNIVERSAL_RESOLVER_REGEX] --universal-resolver-bearer-token [] Bearer token if universal resolver instance requires authentication. [env var: ACAPY_UNIVERSAL_RESOLVER_BEARER_TOKEN]

Revocation: --tails-server-base-url Sets the base url of the tails server in use. [env var: ACAPY_TAILS_SERVER_BASE_URL] --tails-server-upload-url Sets the base url of the tails server for upload, defaulting to the tails server base url. [env var: ACAPY_TAILS_SERVER_UPLOAD_URL] --notify-revocation Specifies that aca-py will notify credential recipients when revoking a credential it issued. [env var: ACAPY_NOTIFY_REVOCATION] --monitor-revocation-notification Specifies that aca-py will emit webhooks on notification of revocation received. [env var: ACAPY_MONITOR_REVOCATION_NOTIFICATION] --anoncreds-legacy-revocation {accept,reject} Specify the handling of older proofs of non-revocation for anoncreds credentials. Values are 'accept' or 'reject'. [env var: ACAPY_ANONCREDS_LEGACY_REVOCATION]

Ledger: --ledger-pool-name Specifies the name of the indy pool to be opened. This is useful if you have multiple pool configurations. [env var: ACAPY_LEDGER_POOL_NAME] --genesis-transactions Specifies the genesis transactions to use to connect to a Hyperledger Indy ledger. The transactions are provided as string of JSON e.g. '{"reqSignature":{},"txn":{"data":{"d... }}}' [env var: ACAPY_GENESIS_TRANSACTIONS] --genesis-file Specifies a local file from which to read the genesis transactions. [env var: ACAPY_GENESIS_FILE] --genesis-url Specifies the url from which to download the genesis transactions. For example, if you are using 'von- network', the URL might be 'http://localhost:9000/genesis'. Genesis transactions URLs are available for the Sovrin test/main networks. [env var: ACAPY_GENESIS_URL] --no-ledger Specifies that aca-py will run with no ledger configured. This must be set if running in no-ledger mode. Overrides any specified ledger or genesis configurations. Default: false. [env var: ACAPY_NO_LEDGER] --read-only-ledger Sets ledger to read-only to prevent updates. Default: false. [env var: ACAPY_READ_ONLY_LEDGER] --ledger-keepalive LEDGER_KEEPALIVE Specifies how many seconds to keep the ledger open. Default: 5 [env var: ACAPY_LEDGER_KEEP_ALIVE] --ledger-socks-proxy Specifies the socks proxy (NOT http proxy) hostname and port in format 'hostname:port'. This is an optional parameter to be passed to ledger pool configuration and ZMQ in case if aca-py is running in a corporate/private network behind a corporate proxy and will connect to the public (outside of corporate network) ledger pool [env var: ACAPY_LEDGER_SOCKS_PROXY] --genesis-transactions-list Load YAML configuration for connecting to multiple HyperLedger Indy ledgers. [env var: ACAPY_GENESIS_TRANSACTIONS_LIST] --accept-taa Specify the acceptance mechanism and taa version for which to accept the transaction author agreement. If not provided, the TAA must be accepted through the TTY or the admin API. [env var: ACAPY_ACCEPT_TAA]

Logging: --log-config Specifies a custom logging configuration file [env var: ACAPY_LOG_CONFIG] --log-file [] --log-file enables writing of logs to file, if a value is provided then it uses that as log file location, otherwise the default location in log config file is used. [env var: ACAPY_LOG_FILE] --log-level Specifies a custom logging level as one of: ('debug', 'info', 'warning', 'error', 'critical') [env var: ACAPY_LOG_LEVEL]

Protocol: --auto-ping-connection Automatically send a trust ping immediately after a connection response is accepted. Some agents require this before marking a connection as 'active'. Default: false. [env var: ACAPY_AUTO_PING_CONNECTION] --auto-accept-intro-invitation-requests Automatically accept introduction invitations. Default: false. [env var: ACAPY_AUTO_ACCEPT_INTRO_INVITATION_REQUESTS] --invite-base-url Base URL to use when formatting connection invitations in URL format. [env var: ACAPY_INVITE_BASE_URL] --monitor-ping Send a webhook when a ping is sent or received. [env var: ACAPY_MONITOR_PING] --monitor-forward Send a webhook when a forward is received. [env var: ACAPY_MONITOR_FORWARD] --public-invites Send invitations out using the public DID for the agent, and receive connection requests solicited by invitations which use the public DID. Default: false. [env var: ACAPY_PUBLIC_INVITES] --requests-through-public-did Allow agent to receive unsolicited connection requests, using the public DID for the agent. Default: false. [env var: ACAPY_REQUESTS_THROUGH_PUBLIC_DID] --timing Include timing information in response messages. [env var: ACAPY_TIMING] --timing-log Write timing information to a given log file. [env var: ACAPY_TIMING_LOG] --trace Generate tracing events. [env var: ACAPY_TRACE] --trace-target Target for trace events ("log", "message", or http endpoint). [env var: ACAPY_TRACE_TARGET] --trace-tag Tag to be included when logging events. [env var: ACAPY_TRACE_TAG] --trace-label Label (agent name) used logging events. [env var: ACAPY_TRACE_LABEL] --preserve-exchange-records Keep credential and presentation exchange records after exchange has completed. [env var: ACAPY_PRESERVE_EXCHANGE_RECORDS] --emit-new-didcomm-prefix Emit protocol messages with new DIDComm prefix; i.e., 'https://didcomm.org/' instead of (default) prefix 'did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/'. Forced to true as the old prefix must never be used. [env var: ACAPY_EMIT_NEW_DIDCOMM_PREFIX] --emit-new-didcomm-mime-type Send packed agent messages with the DIDComm MIME type as of RFC 0044; i.e., 'application/didcomm-envelope- enc' instead of 'application/ssi-agent-wire'. Forced to true as the old MIME type must never be used. [env var: ACAPY_EMIT_NEW_DIDCOMM_MIME_TYPE] --exch-use-unencrypted-tags Store tags for exchange protocols (credential and presentation) using unencrypted rather than encrypted tags [env var: ACAPY_EXCH_USE_UNENCRYPTED_TAGS]

Start-up: --auto-provision If the requested profile does not exist, initialize it with the given parameters. [env var: ACAPY_AUTO_PROVISION]

Transport: -it , --inbound-transport REQUIRED. Defines the inbound transport(s) on which the agent listens for receiving messages from other agents. This parameter can be specified multiple times to create multiple interfaces. Built-in inbound transport types include 'http' and 'ws'. However, other transports can be loaded by specifying an absolute module path. [env var: ACAPY_INBOUND_TRANSPORT] -ot , --outbound-transport REQUIRED. Defines the outbound transport(s) on which the agent will send outgoing messages to other agents. This parameter can be passed multiple times to supoort multiple transport types. Supported outbound transport types are 'http' and 'ws'. [env var: ACAPY_OUTBOUND_TRANSPORT] -l

Mediation invitation: --mediator-invitation Connect to mediator through provided invitation and send mediation request and set as default mediator. [env var: ACAPY_MEDIATION_INVITATION] --mediator-connections-invite Connect to mediator through a connection invitation. If not specified, connect using an OOB invitation. Default: false. [env var: ACAPY_MEDIATION_CONNECTIONS_INVITE]

Mediation: --open-mediation Enables automatic granting of mediation. After establishing a connection, if enabled, an agent may request message mediation and be granted it automatically, which will allow the mediator to forward messages on behalf of the recipient. See aries-rfc:0211. [env var: ACAPY_MEDIATION_OPEN] --default-mediator-id Set the default mediator by ID [env var: ACAPY_DEFAULT_MEDIATION_ID] --clear-default-mediator Clear the stored default mediator. [env var: ACAPY_CLEAR_DEFAULT_MEDIATOR]

Wallet: --seed Specifies the seed to use for the creation of a public DID for the agent to use with a Hyperledger Indy ledger, or a local ('--wallet-local-did') DID. If public, the DID must already exist on the ledger. [env var: ACAPY_WALLET_SEED] --wallet-local-did If this parameter is set, provisions the wallet with a local DID from the '--seed' parameter, instead of a public DID to use with a Hyperledger Indy ledger. [env var: ACAPY_WALLET_LOCAL_DID] --wallet-allow-insecure-seed If this parameter is set, allows to use a custom seed to create a local DID [env var: ACAPY_WALLET_ALLOW_INSECURE_SEED] --wallet-key Specifies the master key value to use to open the wallet. [env var: ACAPY_WALLET_KEY] --wallet-rekey Specifies a new master key value to which to rotate and to open the wallet next time. [env var: ACAPY_WALLET_REKEY] --wallet-name Specifies the wallet name to be used by the agent. This is useful if your deployment has multiple wallets. [env var: ACAPY_WALLET_NAME] --wallet-type Specifies the type of Indy wallet provider to use. Supported internal storage types are 'basic' (memory), 'askar' and 'askar-anoncreds'.The default (if not specified) is 'basic'. 'indy' is deprecated. [env var: ACAPY_WALLET_TYPE] --wallet-storage-type Specifies the type of wallet backend to use. Supported internal storage types are 'basic' (memory), 'default' (sqlite), and 'postgres_storage'. The default, if not specified, is 'default'. [env var: ACAPY_WALLET_STORAGE_TYPE] --wallet-storage-config Specifies the storage configuration to use for the wallet. This is required if you are for using 'postgres_storage' wallet storage type. For example, '{"url":"localhost:5432", "wallet_scheme":"MultiWalletSingleTable"}'. This configuration maps to the indy sdk postgres plugin (PostgresConfig). [env var: ACAPY_WALLET_STORAGE_CONFIG] --wallet-key-derivation-method Specifies the key derivation method used for wallet encryption.If RAW key derivation method is used, also --wallet-key parameter is expected. [env var: ACAPY_WALLET_KEY_DERIVATION_METHOD] --wallet-storage-creds Specifies the storage credentials to use for the wallet. This is required if you are for using 'postgres_storage' wallet For example, '{"account":"postgres","password": "mysecretpassword","admin_account":"postgres", "admin_password":"mysecretpassword"}'. This configuration maps to the indy sdk postgres plugin (PostgresCredentials). NOTE: admin_user must have the CREATEDB role or else initialization will fail. [env var: ACAPY_WALLET_STORAGE_CREDS] --replace-public-did If this parameter is set and an agent already has a public DID, and the '--seed' parameter specifies a new DID, the agent will use the new DID in place of the existing DID. Default: false. [env var: ACAPY_REPLACE_PUBLIC_DID] --recreate-wallet If an existing wallet exists with the same name, remove and recreate it during provisioning. [env var: ACAPY_RECREATE_WALLET]

Multitenant: --multitenant Enable multitenant mode. [env var: ACAPY_MULTITENANT] --jwt-secret Specify the secret to be used for Json Web Token (JWT) creation and verification. The JWTs are used to authenticate and authorize multitenant wallets. [env var: ACAPY_MULTITENANT_JWT_SECRET] --multitenant-admin Specify whether to enable the multitenant admin api. [env var: ACAPY_MULTITENANT_ADMIN] --multitenancy-config key=value [key=value ...] Specify multitenancy configuration in key=value pairs. For example: "wallet_type=askar-profile wallet_name=askar-profile-name" Possible values: wallet_name, wallet_key, cache_size, key_derivation_method. "wallet_name" is only used when "wallet_type" is "askar-profile" [env var: ACAPY_MULTITENANCY_CONFIGURATION] --base-wallet-routes [ ...] Patterns matching admin routes that should be permitted for base wallet. The base wallet is preconfigured to have access to essential endpoints. This argument should be used sparingly.

Endorsement: --endorser-protocol-role Specify the role ('author' or 'endorser') which this agent will participate. Authors will request transaction endorement from an Endorser. Endorsers will endorse transactions from Authors, and may write their own transactions to the ledger. If no role (or 'none') is specified then the endorsement protocol will not be used and this agent will write transactions to the ledger directly. [env var: ACAPY_ENDORSER_ROLE] --endorser-invitation For transaction Authors, specify the invitation used to connect to the Endorser agent who will be endorsing transactions. Note this is a multi-use invitation created by the Endorser agent. [env var: ACAPY_ENDORSER_INVITATION] --endorser-public-did For transaction Authors, specify the public DID of the Endorser agent who will be endorsing transactions. [env var: ACAPY_ENDORSER_PUBLIC_DID] --endorser-endorse-with-did For transaction Endorsers, specify the DID to use to endorse transactions. The default (if not specified) is to use the Endorser's Public DID. [env var: ACAPY_ENDORSER_ENDORSE_WITH_DID] --endorser-alias For transaction Authors, specify the alias of the Endorser connection that will be used to endorse transactions. [env var: ACAPY_ENDORSER_ALIAS] --auto-request-endorsement For Authors, specify whether to automatically request endorsement for all transactions. (If not specified, the controller must invoke the request endorse operation for each transaction.) [env var: ACAPY_AUTO_REQUEST_ENDORSEMENT] --auto-endorse-transactions For Endorsers, specify whether to automatically endorse any received endorsement requests. (If not specified, the controller must invoke the endorsement operation for each transaction.) [env var: ACAPY_AUTO_ENDORSE_TRANSACTIONS] --auto-write-transactions For Authors, specify whether to automatically write any endorsed transactions. (If not specified, the controller must invoke the write transaction operation for each transaction.) [env var: ACAPY_AUTO_WRITE_TRANSACTIONS] --auto-create-revocation-transactions For Authors, specify whether to automatically create transactions for a cred def's revocation registry. (If not specified, the controller must invoke the endpoints required to create the revocation registry and assign to the cred def.) [env var: ACAPY_CREATE_REVOCATION_TRANSACTIONS] --auto-promote-author-did For Authors, specify whether to automatically promote a DID to the wallet public DID after writing to the ledger. [env var: ACAPY_AUTO_PROMOTE_AUTHOR_DID]

Upgrade: --upgrade-config-path UPGRADE_CONFIG_PATH YAML file path that specifies config to handle upgrade changes.Default: ./aries_cloudagent/commands/default_v ersion_upgrade_config.yml [env var: ACAPY_UPGRADE_CONFIG_PATH] --from-version FROM_VERSION Specify which ACA-Py version to upgrade from, this version should be supported/included in the --upgrade- config file. [env var: ACAPY_UPGRADE_FROM_VERSION] --force-upgrade Forces the '—from-version' argument to override the version retrieved from secure storage when calculating upgrades to be run. [env var: ACAPY_UPGRADE_FORCE_UPGRADE] --named-tag NAMED_TAG Runs upgrade steps associated with tags provided in the config [env var: ACAPY_UPGRADE_NAMED_TAGS] --upgrade-all-subwallets Apply upgrade to all subwallets and the base wallet [env var: ACAPY_UPGRADE_ALL_SUBWALLETS] --upgrade-subwallet UPGRADE_SUBWALLET Apply upgrade to specified subwallets (identified by wallet id) and the base wallet [env var: ACAPY_UPGRADE_SUBWALLETS] --upgrade-page-size UPGRADE_PAGE_SIZE Specify page/batch size to process BaseRecords, this provides a way to prevent out-of-memory issues. [env var: ACAPY_UPGRADE_PAGE_SIZE]