Web config Configuration

web.config Configuration

Portal Title

This entry sets the title of the portal in the web browser.

Portal Title Example

    <add key="portalTitle" value="MY ASAP APP" />

No Access Url

If user logs into the application and doesn’t have rights to any screen, she’s redirected to so called “no access page”. By default it is /NoAccess.cshtml. It can be changed through the entry in appSettings.

No Access URL Example

    <add key="noAccessUrl" value="/NoAccess2.cshtml" />

Request Limits

This entry sets the maximum request length (e.g. attachment size) and duration (also important for attachments-the slower the network, the more time you need to upload an attachment).

For more information and additional options see this MSDN article.


    <httpRuntime maxRequestLength="4096" executionTimeout="480" />

Password Recovery Support

Password Recovery Support

    <add key="supportsPasswordRecovery" value="false" />

If the authentication is done via LDAP, the password recovery should be disabled. It is not implemented in the provider anyway. The setting is also relevant for user registration.

Suppressing report tabs

You application might require to open reports (PDF file) in an external application instead of browser. This can be done by adjusting Startup.cs and to prevent web client from creating empty tabs add following setting.

Suppress Report Tabs Example

    <add key="suppressReportTabs" value="true" />

E-Mail Settings

Password RESET

You have to configure the following settings in order to get the password reset functionality working.

Please add the following code lines into AppCode/startup.cs file into CreateUserManager() function

        // this is optional - you can unlock a user when password has been successfully reset 
        manager.UnlocksOnPasswordReset = true;
        // reset password token generation settings      
        DpapiDataProtectionProvider protectionProvider 
            = new DpapiDataProtectionProvider("Origam");
        OrigamTokenProvider tp = new OrigamTokenProvider(
        // set the token validity interval. If the token is older
        // it return token invalid error message when used
        tp.TokenLifespan = TimeSpan.FromHours(48);
        manager.UserTokenProvider = tp;

Please add the following to the web.config of your application

User Management Notifications

    <add key="mailFrom" value="info@yourdomain.com"/>
    <add key="PortalBaseUrl" value="http://application.com/" />
    <!-- the following 2 lines are optional. If not present, the default texts from resources are used -->
    <add key="RecoverPasswordMail_Subject" value="Application.com Passwort zurĂĽck setzen" />
    <!-- if the first line of the following file starts with "Subject: " followed by a subject,
         then the previous key RecoverPasswordMail_Subject is not used.
         note: Html is supported here at master starting from Feb 2017 --> 
    <add key="RecoverPasswordMail_BodyFileName" value="c:\inetpub\wyby\passwordreset.txt" /> 

The password recovery text file can contain the whole e-mail body, while making it possible to include the following parameters:

Substitution Text Replaced with


The Web site user name of the user.


Name of the user.


Reset password token, need to be sent as 'token' url argument to reset password page

<%EscapedUserName%> The Web site user name of the user (url escaped)
<%TokenValidityHours%> Number of hours (taken from token provider configuration) - see above
<%FirstName%> First name of the user.
<%PortalBaseUrl%> Base url to compose the URL
<%EscapedName%> Name of the user (Url escaped) (added in Feb 2017)
<%UserEmail%> Email of the user (added in Feb 2017)
<%EscapedUserEmail%> Email of the user (Url escaped) (added in Feb 2017)

Example of text, html is possible to use only with Master version of Origam, Feb 2017

Subject: Passwort zurĂĽckzusetzen
Hallo <%Name%>
<br /><br />
Klicke auf den Link um dein Passwort zurückzusetzen. Es wird sich eine Seite öffnen auf der Du ein neues Passwort eingeben kannst. 
<br /><br />
<a href="<%PortalBaseUrl%>ResetPassword?token=<%Token%>&Name=<%EscapedName%>&UserName=<%EscapedUserName%>" target="_blank">Link</a>
<br /><br />
Wenn du dein Passwort gar nicht zurĂĽcksetzten willst, wende dich bitte an info@application.com
<br /><br /><br />
Wir wĂĽnschen dir weiterhin viel Spass beim application.com!
<br /><br />
Dein application.com team

@Zdenek Most of the content is obsolete. We should remove the content and replace it with the current web.config info, which basically means only dotnet core config. We should keep the section Request Limits as that still works.