Azure Static Web Apps configuration file

Documentation: https://learn.microsoft.com/en-us/azure/static-web-apps/configuration

Type object
File match staticwebapp.config.json
Schema URL https://catalog.lintel.tools/schemas/schemastore/azure-static-web-apps-configuration-file/latest.json
Source https://www.schemastore.org/staticwebapp.config.json

Validate with Lintel

npx @lintel/lintel check
Type: object

Documentation: https://aka.ms/swa/config-schema

Properties

$schema string

JSON schema

Default: "https://www.schemastore.org/staticwebapp.config.json"
routes array

Route definitions to modify routing behavior

Default:
[
  {
    "route": "/example",
    "rewrite": "/example.html"
  }
]
navigationFallback object

A default file to return if the request does not match a resource

Default:
{
  "rewrite": "/index.html"
}
2 nested properties
rewrite string required

The default file to return if the request does not match a resource

Default: "/index.html"
exclude array

Paths to exclude from the fallback route. May use valid wildcards. https://aka.ms/swa/config-schema

Examples: ["*.{jpg,gif,png}","assets/*"]
responseOverrides object

Custom error pages or redirects

Examples: {"404":{"rewrite":"/custom_404.html","statusCode":200}}
mimeTypes object

Custom mime types configuration

Default:
{}
Examples: {".config":"application/xml"}
globalHeaders object

Default headers to set on all responses

auth object
2 nested properties
identityProviders object required
7 nested properties
azureActiveDirectory object
4 nested properties
registration object required
enabled boolean

if the azureActiveDirectory provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

apple object
4 nested properties
registration object required
enabled boolean

if the apple provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

facebook object
4 nested properties
registration object required
enabled boolean

if the facebook provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

github object
4 nested properties
registration object required
enabled boolean

if the gitHub provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

google object
4 nested properties
registration object required
enabled boolean

if the google provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

twitter object
3 nested properties
registration object required
enabled boolean

if the twitter provider is not enabled, otherwise

Default: true
userDetailsClaim string

The name of the claim from which we should read user details

customOpenIdConnectProviders object
rolesSource string

Route to API function for assigning roles. For example, "/api/GetRoles". See https://aka.ms/swa-roles-function

networking object

Networking configuration

1 nested properties
allowedIpRanges string[]

Restrict access to one or more IPv4 ranges. Supports CIDR notation (e.g., "192.168.100.14/24")

Examples: ["10.0.0.0/24","192.1.1.1/10"]
forwardingGateway object

Forwarding gateway configuration

2 nested properties
allowedForwardedHosts string[]

The value of X-Forwarded-Host to allow to be used when generating redirect URLs

Examples: ["example.org","www.example.org","staging.example.org"]
requiredHeaders object

HTTP header name/value pairs that are required for access

Examples: {"X-Azure-FDID":"10dd26ef"}
platform object

Platform configuration

1 nested properties
apiRuntime string

Language runtime for the managed functions API

Values: "dotnet:3.1" "dotnet:6.0" "dotnet-isolated:6.0" "dotnet-isolated:7.0" "dotnet-isolated:8.0" "dotnet-isolated:9.0" "node:12" "node:14" "node:16" "node:18" "node:20" "python:3.8" "python:3.9" "python:3.10"
trailingSlash string

Trailing slash configuration

Values: "always" "never" "auto"

Definitions

route object
route string required

Request route pattern to match. May contain valid wildcards. See documentation: https://aka.ms/swa/config-schema

methods string[]

Request method(s) to match

allowedRoles string[]

Roles that are allowed to access this route. If not empty, only role(s) listed are authorized to access the route. Roles are only used for authorization; they are not used to evaluate whether the route matches the request.

headers object

Override any matching global headers

redirect string

Redirect to a relative or absolute path, or an external URI. Default status code is 302, override with 301.

statusCode integer

Status code override

rewrite string

A path to rewrite the request route to

auth object
identityProviders object required
7 nested properties
azureActiveDirectory object
4 nested properties
registration object required
enabled boolean

if the azureActiveDirectory provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

apple object
4 nested properties
registration object required
enabled boolean

if the apple provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

facebook object
4 nested properties
registration object required
enabled boolean

if the facebook provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

github object
4 nested properties
registration object required
enabled boolean

if the gitHub provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

google object
4 nested properties
registration object required
enabled boolean

if the google provider is not enabled, otherwise

Default: true
login object
userDetailsClaim string

The name of the claim from which we should read user details

twitter object
3 nested properties
registration object required
enabled boolean

if the twitter provider is not enabled, otherwise

Default: true
userDetailsClaim string

The name of the claim from which we should read user details

customOpenIdConnectProviders object
rolesSource string

Route to API function for assigning roles. For example, "/api/GetRoles". See https://aka.ms/swa-roles-function