Configuration

The Ed-Fi OneRoster® Node service is configured through environment variables, supplied via .env or the hosting environment. This section documents the supported variables, their runtime behavior, and the tuning decisions that affect refresh cadence and API response time.

• Environment variables. Full table of supported variables grouped by concern (database, OAuth, CORS, rate limiting, scheduling).
• OAuth and JWT. Token validation modes, JWKS versus PEM-based verification, OneRoster v1.2 scope expectations, and integration with the Ed-Fi ODS / API token issuer.
• CORS, rate limiting, and proxy. Origin allowlisting, request rate limits, and trust-proxy behavior when the service runs behind IIS, NGINX, or another reverse proxy.
• Performance. Tuning guidance for refresh cadence, client access patterns, and sizing; measured numbers live with the service source.

Deployment-specific setup steps are covered under Getting Started.

📄️CORS, Rate Limiting, and Proxy

The OneRoster® service has three cross-cutting runtime controls that

📄️Environment Variables

The OneRoster® Node service reads configuration from environment

📄️OAuth and JWT

The OneRoster® service requires every request to

📄️Performance

This page summarizes the tuning decisions that most affect the