Skip to content

Settings

What it's for

Admin → Settings holds the server-wide configuration: how clients authenticate to the backend, how admins sign in, mail, and data retention. Most of it is set once and rarely touched again.

How to use it

Client connectivity — the API key. Every client authenticates to your backend with the installation's API key shown here. New devices receive it automatically during activation; for scripted rollouts you can download it embedded in a valenius-setup.ini.

Rotate the API key (hygiene, or after a suspected leak):

  1. Click Rotate key. Both the old and new key stay valid during a grace window.
  2. Clients adopt the new key automatically on their next check-in — no visits to any machine.
  3. Once the fleet has switched (give it a day for laptops that are off), click Retire previous key.

Traffic data retention Pro — how many days of traffic samples to keep (default 90).

Authentication methods & OIDC — which sign-in methods the admin panel accepts and the identity-provider configuration. Covered in Users & sign-in.

SMTP configuration — outgoing mail server, with a test-send button to verify it.

Pitfalls

  • Retiring the previous key too early strands offline devices. A laptop that was in a drawer during the whole grace window comes back knowing only the retired key and can't check in — it would need a reinstall or manual key fix. Rotate, wait, then retire.
  • Rotation is not an emergency lockout. An attacker actively using the current key receives the new one like any client. To cut off a single device, deactivate or delete that client instead.
  • OIDC settings apply on container restart, not on save — see Users & sign-in.