Temporal Web UI configuration reference

The Temporal Web UI Server uses a configuration file for many of the UI's settings.

An example development.yaml file can be found in the temporalio/ui-server repo.

Multiple configuration files can be created for configuring specific areas of the UI, such as Auth or TLS.

temporalGrpcAddress

The frontend address for the Temporal Cluster.

The default address is localhost (127.0.0.1:7233).

temporalGrpcAddress: default

port

The port used by the Temporal Web UI Server and any APIs.

port: 8080

publicPath

The path used by the Temporal Web UI Server and any APIs.

publicPath: ''

enableUi

Enables the browser UI. This configuration can be set dynamically with the TEMPORAL_UI_ENABLED environment variable. If disabled—that is, set to false—the UI server APIs remain available.

enableUi: true

cloudUi

Enables the Cloud UI.

cloudUi: false

enableOpenApi

Enables the UI Server's Open API reference documentation at /openapi/. This configuration can be set dynamically with the TEMPORAL_OPEN_API_ENABLED environment variable. For example, if you are currently viewing the Web UI at http://localhost:8080, the page is available at localhost:8080/openapi/.

enableOpenApi: true

defaultNamespace

The default Namespace that the UI loads data for. Defaults to default.

defaultNamespace: default

feedbackUrl

The URL to direct users to when they click on the Feedback button in the UI. If not specified, it defaults to the UI's GitHub Issue page.

feedbackUrl: https://github.com/temporalio/ui/issues/new/choose

notifyOnNewVersion

When enabled—that is, when set to true—a notification appears in the UI when a newer version of the Temporal Server is available.

notifyOnNewVersion: true

refreshInterval

How often the configuration UI Server reads the configuration file for new values. Currently, only tls configuration values are propagated during a refresh.

refreshInterval: 1m

showTemporalSystemNamespace

When enabled—that is, when set to true—the Temporal System Namespace becomes visible in the UI. The Temporal System Namespace lists Workflow Executions used by the Temporal Platform.

showTemporalSystemNamespace: false

disableWriteActions

Prevents the user from executing Workflow Actions on the Web UI.

This option affects Bulk Actions for Recent Workflows as well as Workflow Actions on the Workflow Details page.

disableWriteActions: false

note

disableWriteActions overrides the configuration values of each individual Workflow Action. Setting this variable to true disables all Workflow Actions on the Web UI.

workflowTerminateDisabled

Prevents the user from terminating Workflow Executions from the Web UI.

workflowTerminateDisabled: false

workflowCancelDisabled

Prevents the user from canceling Workflow Executions from the Web UI.

workflowCancelDisabled: false

workflowSignalDisabled

Prevents the user from signaling Workflow Executions from the Web UI.

workflowSignalDisabled: false

workflowResetDisabled

Prevents the user from resetting Workflows from the Web UI.

workflowResetDisabled: false

batchActionsDisabled

Prevents the execution of Batch actions.

batchActionsDisabled: false

hideWorkflowQueryErrors

Hides any errors resulting from a Query to the Workflow.

hideWorkflowQueryErrors: false

cors

The name of the cors field stands for Cross-Origin Resource Sharing. Use this field to provide a list of domains that are authorized to access the UI Server APIs.

cors:
  cookieInsecure: false
  allowOrigins:
    - http://localhost:3000 # used at development by https://github.com/temporalio/ui

tls

Transport Layer Security (TLS) configuration for the Temporal Server. Settings apply when TLS is enabled.

tls:
  caFile: ../ca.cert
  certFile: ../cluster.pem
  keyFile: ../cluster.key
  caData:
  certData:
  keyData:
  enableHostVerification: true
  serverName: tls-server

auth

Configures authorization for the Temporal Server. Settings apply when Auth is enabled.

auth:
  enabled: true
  providers:
    label: sso # for internal use; in future may expose as button text
    type: oidc
    providerUrl: https://accounts.google.com
    issuerUrl:
    clientId: xxxxx-xxxx.apps.googleusercontent.com
    clientSecret: xxxxxxxxxxxxxxxxxxxx
    callbackUrl: https://xxxx.com:8080/auth/sso/callback
    scopes:
      - openid
      - profile
      - email

codec

Codec Server configuration.

codec:
  endpoint: http://your-codec-server-endpoint
  passAccessToken: false
  includeCredentials: false
  decodeEventHistoryDownload: false

forwardHeaders

Configures headers for forwarding.

forwardHeaders:
  -

temporalGrpcAddress​

port​

publicPath​

enableUi​

cloudUi​

enableOpenApi​

defaultNamespace​

feedbackUrl​

notifyOnNewVersion​

refreshInterval​

showTemporalSystemNamespace​

disableWriteActions​

workflowTerminateDisabled​

workflowCancelDisabled​

workflowSignalDisabled​

workflowResetDisabled​

batchActionsDisabled​

hideWorkflowQueryErrors​

cors​

tls​

auth​

codec​

forwardHeaders​