Skip to main content
Docs

System Settings API

Key-value store for global system configuration. Settings with isPublic: true are accessible without authentication.

GraphQL

Queries

List All Settings (auth required)

query { systemSettings { key value description isPublic createdAt updatedAt } }

Get Single Setting (auth required)

query { systemSetting(key: "registration_enabled") { key value description isPublic } }

Public Settings (no auth)

query { publicSettings { key value } }

Mutations

All mutations require settings:write permission.

Create Setting

mutation {
  createSystemSetting(input: {
    key: "maintenance_mode"
    value: "false"
    description: "Enable maintenance mode"
    isPublic: false
  }) { key value }
}

Update Setting

mutation {
  updateSystemSetting(key: "registration_enabled", input: { value: "false" }) { key value }
}

Delete Setting

Requires settings:delete permission.

mutation { deleteSystemSetting(key: "maintenance_mode") }

REST API

Endpoints

MethodPathAuthDescription
GET/v1/settingsBearerList all settings
GET/v1/settings/publicNoList public settings
GET/v1/settings/{key}BearerGet setting by key
POST/v1/settingssettings:writeCreate setting
PUT/v1/settings/{key}settings:writeUpdate setting
DELETE/v1/settings/{key}settings:deleteDelete setting

Example

# Get public settings (no auth)
curl http://localhost:3000/v1/settings/public

# Update a setting
curl -X PUT http://localhost:3000/v1/settings/registration_enabled \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"value": "false"}'

Built-in Settings

KeyDefaultPublicDescription
registration_enabledtrueYesGlobal registration toggle. When false, no new accounts can be created regardless of per-platform settings.

Audit Events

EventLogged When
system_setting_createdNew setting created
system_setting_updatedSetting value changed (logs old + new value)
system_setting_deletedSetting removed