Configuration
All settings live in NetForge.Server/appsettings.json, with appsettings.Development.json overriding for local runs and appsettings.Production.json (or environment variables / user-secrets) for deploys.
Secrets
Anything secret — passwords, client secrets, SMTP keys — belongs in environment variables or user-secrets in production, never committed.
Common settings
| Key | Default | What it does |
|---|---|---|
ConnectionStrings:Default | SQLite App_Data/netforge.db | EF Core connection string. Must match Database:Provider. |
Database:Provider | sqlite | Active EF Core provider: sqlite, postgres, or sqlserver. See Databases. |
App:ProductName | NetForge | Branding shown in emails and the UI. |
App:ClientUrl | (empty) | Absolute URL of the SPA, used to build email links. Empty infers it from the request origin. |
App:BrandColor | scaffold brand | Accent colour for transactional emails (any CSS colour). |
Auth:Scheme | Cookie | Cookie (default) or Bearer. See Authentication. |
Auth:RequireConfirmedEmail | true | Require email confirmation before sign-in. |
Auth:OAuth:{Google,Microsoft,GitHub}:{ClientId,ClientSecret} | (empty) | OAuth credentials per provider. A provider with blank credentials is hidden automatically. |
Seed:Admin:{Email,Password} | dev defaults | Initial administrator, seeded idempotently on boot. Required in production. |
Tenancy:Mode | SingleTenant | MultiTenant activates per-tenant resolution + the tenancy UI. See Multi-tenancy. |
Email:* | console sender | SMTP settings — see below. |
Email
By default (no Email:Smtp:Host / Email:FromAddress) NetForge uses a console email sender: every message it would send — confirmation links, password resets, invitations — is written to the server log. Watch the dotnet run output to grab links during local testing.
Set Email:FromAddress and Email:Smtp:Host to send for real over SMTP (via MailKit). It works with any relay — Brevo (smtp-relay.brevo.com:587, STARTTLS), SendGrid, Mailgun, Gmail, or your own server:
"Email": {
"FromName": "Acme",
"FromAddress": "no-reply@acme.com",
"Smtp": { "Host": "smtp-relay.brevo.com", "Port": 587, "Username": "…", "Password": "…", "UseStartTls": true }
}Keep the SMTP password in environment variables or user-secrets. All emails share one branded, table-based template (the accent comes from App:BrandColor).
OAuth providers
Set Auth:OAuth:{Provider}:ClientId and :ClientSecret for Google, Microsoft, or GitHub. A provider with blank credentials is automatically hidden from the login screen, so you can ship all three and light them up per environment. See the Add an OAuth provider recipe to wire a new one.
Production checklist
- Set
Seed:Admin:Email+Seed:Admin:Password— required; no admin is seeded otherwise. - Set
Database:Provider+ConnectionStrings:Defaultfor your database. - Configure
Email:*so confirmation / reset emails actually send. - Set
App:ClientUrlif the SPA and API are on different origins. - Provide OAuth credentials for any providers you want visible.
More in Deployment.