> ## Documentation Index
> Fetch the complete documentation index at: https://tyk.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.
# MDCB Configuration options
> Each of the config options that are available when deploying MDCB.
## Tyk MDCB Configuration
The Tyk MDCB server is configured primarily via the `tyk_sink.conf` file, this file resides in `/opt/tyk-sink` on most systems, but can also live anywhere and be directly targeted with the `-c` flag.
### Environment Variables
Environment variables (env var) can be used to override the settings defined in the configuration file. Where an environment variable is specified, its value will take precedence over the value in the configuration file.
### Default Ports
| Application | Port |
| :------------------ | :---- |
| MongoDB | 27017 |
| Redis | 6379 |
| **Tyk Dashboard** | |
| Developer Portal | 3000 |
| Admin Dashboard | 3000 |
| Admin Dashboard API | 3000 |
| **Tyk Gateway** | |
| Management API | 8080 |
| **MDCB** | |
| RPC services | 9090 |
| HTTP endpoints | 8181 |
### listen\_port
ENV: TYK\_MDCB\_LISTENPORT
Type: `int`
The rpc port which worker gateways will connect to. Open this port to accept connections via your firewall.
If this value is not set, the MDCB application will apply a default value of 9091.
### healthcheck\_port
ENV: TYK\_MDCB\_HEALTHCHECKPORT
Type: `int`
This port lets MDCB allow standard health checks.
If this value is not set, the MDCB component will apply a default value of 8181.
Deprecated: Use `http_port` instead.
### healthcheck
Healthcheck settings
### healthcheck.cache\_renewal\_period
ENV: TYK\_MDCB\_HEALTHCHECK\_CACHERENEWALPERIOD
Type: `int`
Specifies the time interval (in seconds) at which the healthchecker refreshes its cached health status information (redis and DB).
### http\_port
ENV: TYK\_MDCB\_HTTPPORT
Type: `int`
The HTTP port exposes different endpoints for monitoring and debugging MDCB. The default value is 8181.
Exposed endpoints include:
* /health - Provides the health status of MDCB.
* /dataplanes - Provides information about the dataplanes connected to MDCB (`security.enable_http_secure_endpoints` must be enabled).
* /debug/pprof/\* - Provides profiling information (`enable_http_profiler` must be enabled).
### enable\_http\_profiler
ENV: TYK\_MDCB\_HTTPPROFILE
Type: `bool`
Enable debugging of your Tyk MDCB by exposing profiling information.
### server\_options
MDCB gorpc server configuration
### server\_options.use\_ssl
ENV: TYK\_MDCB\_SERVEROPTIONS\_USESSL
Type: `bool`
If use\_ssl is set to true, you need to enter the cert\_file and key\_file path names for certificate.
### server\_options.certificate
cert data to expose the http server
### server\_options.certificate.cert\_file
ENV: TYK\_MDCB\_SERVEROPTIONS\_CERTIFICATE\_CERTFILE
Type: `string`
Filesystem location for pem encoded certificate
### server\_options.certificate.key\_file
ENV: TYK\_MDCB\_SERVEROPTIONS\_CERTIFICATE\_KEYFILE
Type: `string`
Filesystem location for pem encoded private key
### server\_options.min\_version
ENV: TYK\_MDCB\_SERVEROPTIONS\_MINVERSION
Type: `uint16`
The `min_version` setting should be the minimum TLS protocol version required from the client.
For TLS 1.0 use 769
For TLS 1.1 use 770
For TLS 1.2 use 771
For TLS 1.3 use 772
### server\_options.ssl\_ciphers
ENV: TYK\_MDCB\_SERVEROPTIONS\_CIPHERS
Type: `[]string`
Is the list of names supported cipher suites (IANA) for TLS versions up to TLS 1.2. This defaults to a list of secure cipher suites.
### server\_options.ssl\_certificates
ENV: TYK\_MDCB\_SERVEROPTIONS\_SSLCERTIFICATES
Type: `[]string`
SSL certificates used by your MDCB server. A list of certificate IDs or path to files.
### http\_server\_options
HTTPServerOptions configures SSL/TLS for the HTTP server, affecting security settings.
It applies to endpoints like /health for health checks, /dataplanes for node information
and /debug/pprof/ for performance profiling.
### http\_server\_options.use\_ssl
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_USESSL
Type: `bool`
If use\_ssl is set to true, you need to enter the cert\_file and key\_file path names for certificate.
### http\_server\_options.certificate
cert data to expose the http server
### http\_server\_options.certificate.cert\_file
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_CERTIFICATE\_CERTFILE
Type: `string`
Filesystem location for pem encoded certificate
### http\_server\_options.certificate.key\_file
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_CERTIFICATE\_KEYFILE
Type: `string`
Filesystem location for pem encoded private key
### http\_server\_options.min\_version
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_MINVERSION
Type: `uint16`
The `min_version` setting should be the minimum TLS protocol version required from the client.
For TLS 1.0 use 769
For TLS 1.1 use 770
For TLS 1.2 use 771
For TLS 1.3 use 772
### http\_server\_options.ssl\_ciphers
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_CIPHERS
Type: `[]string`
Is the list of names supported cipher suites (IANA) for TLS versions up to TLS 1.2. This defaults to a list of secure cipher suites.
### http\_server\_options.ssl\_certificates
ENV: TYK\_MDCB\_HTTPSERVEROPTIONS\_SSLCERTIFICATES
Type: `[]string`
SSL certificates used by your MDCB server. A list of certificate IDs or path to files.
### security.private\_certificate\_encoding\_secret
ENV: TYK\_MDCB\_SECURITY\_PRIVATECERTIFICATEENCODINGSECRET
Type: `string`
Allows MDCB to use Mutual TLS. This requires to set `server_options.use_ssl` to true. See [Mutual TLS](/5.9/basic-config-and-security/security/mutual-tls/client-mtls) for more details.
### storage
This section describes your centralised Redis DB. This will act as your main key store for all of your clusters.
### storage.type
ENV: TYK\_MDCB\_STORAGE\_TYPE
Type: `string`
Currently, the only storage type supported is Redis.
### storage.host
ENV: TYK\_MDCB\_STORAGE\_HOST
Type: `string`
Hostname of your Redis server
### storage.port
ENV: TYK\_MDCB\_STORAGE\_PORT
Type: `int`
The port the Redis server is listening on.
### storage.master\_name
ENV: TYK\_MDCB\_STORAGE\_MASTERNAME
Type: `string`
It defines the sentinel master name
### storage.sentinel\_password
ENV: TYK\_MDCB\_STORAGE\_SENTINELPASSWORD
Type: `string`
If set, redis sentinel will authenticate using this password.
### storage.username
ENV: TYK\_MDCB\_STORAGE\_USERNAME
Type: `string`
If set, a redis connection will be established with this user. If not set then it will defaults to the default redis user
### storage.password
ENV: TYK\_MDCB\_STORAGE\_PASSWORD
Type: `string`
Optional auth password for Redis db
### storage.database
ENV: TYK\_MDCB\_STORAGE\_DATABASE
Type: `int`
By default, the database is 0. Setting the database is not supported with redis cluster. As such, if you have `storage.redis_cluster:true`, then this value should be omitted or explicitly set to 0.
### storage.optimisation\_max\_idle
ENV: TYK\_MDCB\_STORAGE\_MAXIDLE
Type: `int`
MDCB will open a pool of connections to Redis. This setting will configure how many connections are maintained in the pool when idle (no traffic). Set the `max_idle` value to something large, we usually leave it at around 2000 for HA deployments.
### storage.optimisation\_max\_active
ENV: TYK\_MDCB\_STORAGE\_MAXACTIVE
Type: `int`
In order to not over commit connections to the Redis server, we may limit the total number of active connections to Redis. We recommend for production use to set this to around 4000.
### storage.enable\_cluster
ENV: TYK\_MDCB\_STORAGE\_ENABLECLUSTER
Type: `bool`
If you are using Redis cluster, enable it here to enable the slots mode.
### storage.hosts
ENV: TYK\_MDCB\_STORAGE\_HOSTS
Type: `map[string]string`
Add your Redis hosts here as a map of hostname:port. This field is required when storage.enable\_cluster is set to true. example:
`{`
`"server1": "6379",`
`"server2": "6380",`
`"server3": "6381"`
`}`
### storage.addrs
ENV: TYK\_MDCB\_STORAGE\_ADDRS
Type: `[]string`
It can be either a single address or a seed list of host:port addresses of cluster/sentinel nodes. It overrides the value of hosts.
### storage.redis\_use\_ssl
ENV: TYK\_MDCB\_STORAGE\_REDISUSESSL
Type: `bool`
If set, MDCB will assume the connection to Redis is encrypted. (use with Redis providers that support in-transit encryption).
Deprecated. Use `use_ssl` instead.
### storage.redis\_ssl\_insecure\_skip\_verify
ENV: TYK\_MDCB\_STORAGE\_REDISSSLINSECURESKIPVERIFY
Type: `bool`
Allows usage of self-signed certificates when connecting to an encrypted Redis database.
Deprecated. Use `ssl_insecure_skip_verify` instead.
### storage.timeout
ENV: TYK\_MDCB\_STORAGE\_TIMEOUT
Type: `int`
Set a custom timeout for Redis network operations. Default value is 5 seconds.
### storage.use\_ssl
ENV: TYK\_MDCB\_STORAGE\_USESSL
Type: `bool`
Enable SSL/TLS connection between Tyk MDCB & Redis.
### storage.ssl\_insecure\_skip\_verify
ENV: TYK\_MDCB\_STORAGE\_SSLINSECURESKIPVERIFY
Type: `bool`
Disable TLS verification.
### storage.ca\_file
ENV: TYK\_MDCB\_STORAGE\_CAFILE
Type: `string`
Path to the CA file.
### storage.cert\_file
ENV: TYK\_MDCB\_STORAGE\_CERTFILE
Type: `string`
Path to the cert file.
### storage.key\_file
ENV: TYK\_MDCB\_STORAGE\_KEYFILE
Type: `string`
Path to the key file.
### storage.max\_version
ENV: TYK\_MDCB\_STORAGE\_MAXVERSION
Type: `string`
Maximum TLS version that is supported.
Options: \["1.0", "1.1", "1.2", "1.3"].
Defaults to "1.3".
### storage.min\_version
ENV: TYK\_MDCB\_STORAGE\_MINVERSION
Type: `string`
Minimum TLS version that is supported.
Options: \["1.0", "1.1", "1.2", "1.3"].
Defaults to "1.2".
### analytics
configuration of the store of analytics
### analytics.type
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_TYPE
Type: `DBType`
Determines the storage type. It could be `mongo` or `postgres`. By default, the value is `mongo`.
### analytics.connection\_string
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_CONNECTIONSTRING
Type: `string`
This is used to configure the conenction string for the storage.
### analytics.table\_sharding
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_TABLESHARDING
Type: `bool`
Enable table sharding for SQL Analytics
### analytics.batch\_size
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_BATCHSIZE
Type: `int`
Max Batch size for SQL Analytics
### analytics.postgres.prefer\_simple\_protocol
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_POSTGRES\_PREFERSIMPLEPROTOCOL
Type: `bool`
disables implicit prepared statement usage
### analytics.mysql.default\_string\_size
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MYSQL\_DEFAULTSTRINGSIZE
Type: `uint`
default size for string fields. By default set to: 256
### analytics.mysql.disable\_datetime\_precision
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MYSQL\_DISABLEDATETIMEPRECISION
Type: `bool`
disable datetime precision, which not supported before MySQL 5.6
### analytics.mysql.dont\_support\_rename\_index
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MYSQL\_DONTSUPPORTRENAMEINDEX
Type: `bool`
drop & create when rename index, rename index not supported before MySQL 5.7, MariaDB
### analytics.mysql.dont\_support\_rename\_column
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MYSQL\_DONTSUPPORTRENAMECOLUMN
Type: `bool`
`change` when rename column, rename column not supported before MySQL 8, MariaDB
### analytics.mysql.skip\_initialize\_with\_version
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MYSQL\_SKIPINITIALIZEWITHVERSION
Type: `bool`
auto configure based on currently MySQL version
### analytics.mongo\_url
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOURL
Type: `string`
Connection string for MongoDB.
### analytics.mongo\_use\_ssl
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOUSESSL
Type: `bool`
A Boolean setting for Mongo SSL support. Set to true to enable SSL.
### analytics.mongo\_ssl\_insecure\_skip\_verify
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOSSLINSECURESKIPVERIFY
Type: `bool`
This setting allows the use of self-signed certificates when connecting to an encrypted MongoDB database.
### analytics.mongo\_ssl\_allow\_invalid\_hostnames
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOSSLALLOWINVALIDHOSTNAMES
Type: `bool`
Ignore hostname check when it differs from the original (for example with SSH tunneling). The rest of the TLS verification will still be performed
### analytics.mongo\_ssl\_ca\_file
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOSSLCAFILE
Type: `string`
Path to the PEM file with trusted root certificates
### analytics.mongo\_ssl\_pem\_keyfile
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOSSLPEMKEYFILE
Type: `string`
Path to the PEM file which contains both client certificate and private key. This is required for Mutual TLS.
### analytics.mongo\_session\_consistency
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOSESSIONCONSISTENCY
Type: `string`
Set the consistency mode for the session, it defaults to `Strong`. The valid values are:
* eventual
monotonic
### analytics.mongo\_batch\_size
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGOBATCHSIZE
Type: `int`
Sets the batch size for mongo results.
### analytics.driver
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_DRIVER
Type: `string`
Use `mongo-go` to use the official mongo driver. Alternatively, use `mgo` to use the old driver.
Since v2.4.3, the default driver is `mongo-go`.
### analytics.mongo\_direct\_connection
ENV: TYK\_MDCB\_ANALYTICSCONFIG\_MONGODIRECTCONNECTION
Type: `bool`
MongoDirectConnection informs whether to establish connections only with the specified seed servers,
or to discover and establish connections with further servers within the cluster.
If true, the client will only connect to the host provided in the ConnectionString
and won't attempt to discover other servers within the cluster. Useful when network
restrictions prevent discovery, such as with SSH tunneling. Default is false.
### hash\_keys
ENV: TYK\_MDCB\_HASHKEYS
Type: `bool`
Set to true if you are using a hashed configuration installation of Tyk, otherwise set to false.
### session\_timeout
ENV: TYK\_MDCB\_SESSIONTIMEOUT
Type: `int64`
Number of seconds before the gateways are forced to re-login. Default is 86400 (24 hours).
### forward\_analytics\_to\_pump
ENV: TYK\_MDCB\_FORWARDANALYTICSTOPUMP
Type: `bool`
Instead of sending analytics directly to MongoDB, MDCB can send analytics to Redis. This will allow \[tyk-pump] ([https://github.com/TykTechnologies/tyk-pump](https://github.com/TykTechnologies/tyk-pump)) to pull analytics from Redis and send to your own data sinks.
### enable\_multiple\_analytics\_keys
ENV: TYK\_MDCB\_ENABLEMULTIPLEANALYTICSKEYS
Type: `bool`
Instead of saving all the analytics in one key, this will enable to save the analytics in multiple keys. It's specially useful when you are using Redis cluster. This will work only if `forward_analytics_to_pump` is true and tyk-pump is v1.2.1+ .
### dont\_store\_selective
ENV: TYK\_MDCB\_DONTSTORESELECTIVE
Type: `bool`
set to true if you don't want to store selective analytics
### dont\_store\_aggregate
ENV: TYK\_MDCB\_DONTSTOREAGGREGATES
Type: `bool`
Set to true to don't store aggregate analytics
### org\_session\_expiration
ENV: TYK\_MDCB\_ORGCACHEEXPIRATION
Type: `int`
Sets the organization cache expiration in minutes. By default, 60 minutes. This will only work with tyk-sink 1.9+
### org\_session\_cleanup
ENV: TYK\_MDCB\_ORGCACHECLEANUP
Type: `int`
Sets the organization cache cleanup interval in minutes. By default, 60 minutes. This will only work with tyk-sink 1.9+.
### license
ENV: TYK\_MDCB\_LICENSE
Type: `string`
Enter your license in this section so MDCB can start.
### track\_all\_paths
ENV: TYK\_MDCB\_TRACKALLPATHS
Type: `bool`
Currently, analytics for an endpoint is stored only if Track Endpoint plugin is enabled on that endpoint. If `track_all_paths` is enabled, it will store analytics for all the endpoints, irrespective of Track Endpoint plugin.
### store\_analytics\_per\_minute
ENV: TYK\_MDCB\_STOREANALYTICSPERMINUTE
Type: `bool`
Enable to generate aggregated per minute. By default it will generate aggregate data per hour. If this option is enabled, aggregate data will be generated per minute.
### ignore\_tag\_prefix\_list
ENV: TYK\_MDCB\_IGNORETAGPREFIXLIST
Type: `[]string`
if set to true then it will not store analytics for tags having prefix specified in the list. **Note**: Prefix “key-” is added in the list by default. This tag is added by gateway for keys.
### threshold\_len\_tag\_list
ENV: TYK\_MDCB\_THRESHOLDLENTAGLIST
Type: `int`
If number of tags in a document grows beyond `threshold_len_tag_list`, pump will throw a warning, it works for mongo aggregate pump. The warning will print top 5 common tag prefix. Default value is 1000. To disable alerts set it to -1.
### omit\_analytics\_index\_creation
ENV: TYK\_MDCB\_OMITANALYTICSINDEXCREATION
Type: `bool`
Set to true to disable the Mongo storages default index creation. More detailed behavior explained at [https://tyk.io/docs/tyk-pump/tyk-pump-configuration/tyk-pump-dashboard-config/#omitting-indexes](https://tyk.io/docs/tyk-pump/tyk-pump-configuration/tyk-pump-dashboard-config/#omitting-indexes).
### enable\_separate\_analytics\_store
ENV: TYK\_MDCB\_ENABLESEPERATEANALYTICSSTORE
Type: `bool`
Set it to true if you are using a separated analytic storage in the Control Plane Gateway. If `forward_analytics_to_pump` is true, it will forward the analytics to the separated storage specified in `analytics_storage`.
### analytics\_storage
This section describes your separated analytic Redis DB. It has the same fields as `storage`. It requires `enable_separate_analytics_store` set to true.
### analytics\_storage.type
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_TYPE
Type: `string`
Currently, the only storage type supported is Redis.
### analytics\_storage.host
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_HOST
Type: `string`
Hostname of your Redis server
### analytics\_storage.port
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_PORT
Type: `int`
The port the Redis server is listening on.
### analytics\_storage.master\_name
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_MASTERNAME
Type: `string`
It defines the sentinel master name
### analytics\_storage.sentinel\_password
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_SENTINELPASSWORD
Type: `string`
If set, redis sentinel will authenticate using this password.
### analytics\_storage.username
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_USERNAME
Type: `string`
If set, a redis connection will be established with this user. If not set then it will defaults to the default redis user
### analytics\_storage.password
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_PASSWORD
Type: `string`
Optional auth password for Redis db
### analytics\_storage.database
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_DATABASE
Type: `int`
By default, the database is 0. Setting the database is not supported with redis cluster. As such, if you have `storage.redis_cluster:true`, then this value should be omitted or explicitly set to 0.
### analytics\_storage.optimisation\_max\_idle
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_MAXIDLE
Type: `int`
MDCB will open a pool of connections to Redis. This setting will configure how many connections are maintained in the pool when idle (no traffic). Set the `max_idle` value to something large, we usually leave it at around 2000 for HA deployments.
### analytics\_storage.optimisation\_max\_active
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_MAXACTIVE
Type: `int`
In order to not over commit connections to the Redis server, we may limit the total number of active connections to Redis. We recommend for production use to set this to around 4000.
### analytics\_storage.enable\_cluster
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_ENABLECLUSTER
Type: `bool`
If you are using Redis cluster, enable it here to enable the slots mode.
### analytics\_storage.hosts
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_HOSTS
Type: `map[string]string`
Add your Redis hosts here as a map of hostname:port. This field is required when storage.enable\_cluster is set to true. example:
`{`
`"server1": "6379",`
`"server2": "6380",`
`"server3": "6381"`
`}`
### analytics\_storage.addrs
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_ADDRS
Type: `[]string`
It can be either a single address or a seed list of host:port addresses of cluster/sentinel nodes. It overrides the value of hosts.
### analytics\_storage.redis\_use\_ssl
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_REDISUSESSL
Type: `bool`
If set, MDCB will assume the connection to Redis is encrypted. (use with Redis providers that support in-transit encryption).
Deprecated. Use `use_ssl` instead.
### analytics\_storage.redis\_ssl\_insecure\_skip\_verify
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_REDISSSLINSECURESKIPVERIFY
Type: `bool`
Allows usage of self-signed certificates when connecting to an encrypted Redis database.
Deprecated. Use `ssl_insecure_skip_verify` instead.
### analytics\_storage.timeout
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_TIMEOUT
Type: `int`
Set a custom timeout for Redis network operations. Default value is 5 seconds.
### analytics\_storage.use\_ssl
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_USESSL
Type: `bool`
Enable SSL/TLS connection between Tyk MDCB & Redis.
### analytics\_storage.ssl\_insecure\_skip\_verify
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_SSLINSECURESKIPVERIFY
Type: `bool`
Disable TLS verification.
### analytics\_storage.ca\_file
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_CAFILE
Type: `string`
Path to the CA file.
### analytics\_storage.cert\_file
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_CERTFILE
Type: `string`
Path to the cert file.
### analytics\_storage.key\_file
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_KEYFILE
Type: `string`
Path to the key file.
### analytics\_storage.max\_version
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_MAXVERSION
Type: `string`
Maximum TLS version that is supported.
Options: \["1.0", "1.1", "1.2", "1.3"].
Defaults to "1.3".
### analytics\_storage.min\_version
ENV: TYK\_MDCB\_ANALYTICSSTORAGE\_MINVERSION
Type: `string`
Minimum TLS version that is supported.
Options: \["1.0", "1.1", "1.2", "1.3"].
Defaults to "1.2".
### log\_level
ENV: TYK\_MDCB\_LOGLEVEL
Type: `string`
You can now set a logging level (log\_level). The following levels can be set: debug, info, warn, error.
If not set or left empty, it will default to `info`.
### enable\_key\_logging
ENV: TYK\_MDCB\_ENABLEKEYLOGGING
Type: `bool`
EnableKeyLogging prints the unhashed keys without obfuscating them in the logs
### sync\_worker\_config
Configuration of the MDCB Synchroniser functionality introduced in MDCB v2.0.0
### sync\_worker\_config.enabled
ENV: TYK\_MDCB\_SYNCWORKER\_ENABLED
Type: `bool`
Enable the MDCB Synchroniser
### sync\_worker\_config.hash\_keys
ENV: TYK\_MDCB\_SYNCWORKER\_HASHKEYS
Type: `bool`
Allows the worker to synchronize hashed API keys. Set this to true if `hash_keys` is true in dashboard and gateway configuration.
### sync\_worker\_config.max\_batch\_size
ENV: TYK\_MDCB\_SYNCWORKER\_MAXBATCHSIZE
Type: `int`
The maximum number of keys that we can fetch per batch. Default value: 1000 keys per batch.
### sync\_worker\_config.time\_between\_batches
ENV: TYK\_MDCB\_SYNCWORKER\_TIMEBETWEENBATCHES
Type: `int`
Specifies a cooldown time between batches in seconds. 0 / disabled by default.
### sync\_worker\_config.max\_workers
ENV: TYK\_MDCB\_SYNCWORKER\_MAXWORKERS
Type: `int`
Specifies the maximum number of Groups (worker GW clusters) that can be synchronised by MDCB at the same time. Increasing this value can affect the operation of MDCB so it is recommended that you only modify this value if you need to synchronise a higher number of datacenters. Default value: 1000.
### sync\_worker\_config.warmup\_time
ENV: TYK\_MDCB\_SYNCWORKER\_WARMUPTIME
Type: `int`
Specifies the time (in seconds) that MDCB should wait before starting to synchronise workers with the controller. This is to allow the worker nodes to load APIs and policies from local Redis before synchronising the other resources. Default value: 2 seconds.
### sync\_worker\_config.group\_key\_ttl
ENV: TYK\_MDCB\_SYNCWORKER\_GROUPKEYTTL
Type: `int`
Specifies the group key TTL in seconds. This key is used to prevent a group of gateways from re-syncing when is not required. On login (GroupLogin call), if the key doesn't exist then the sync process is triggered. If the key exists then the TTL just gets renewed. In case the cluster of gateways is down, the key will expire and get removed and if they connect again a sync process will be triggered. Default value: 180 seconds. Min value: 30 seconds.
### enable\_ownership
ENV: TYK\_MDCB\_ENABLEOWNERSHIP
Type: `bool`
Enables [API Ownership](/5.9/api-management/user-management#enabling-api-ownership) in MDCB. It allows the gateways in the data plane cluster to load only APIs that are accessible by the user and user group associated with the `slave_options.api_key` that is used to connect to MDCB (defined in `tyk.config` of the gateway).
This will be enforced if `enable_ownership` is also enabled in the Dashboard and your API definition has been associated with a user or user\_group
Defaults to `false`.
### escape\_dots\_in\_oas\_paths
ENV: TYK\_MDCB\_ESCAPEDOTSINOASPATHS
Type: `bool`
When enabled, dots in OAS field names will be escaped (to \u002e ) and unescaped when required for compatibility with specific databases.
Defaults to `false`.