Name Type Description
accountLockout AccountLockoutOptions

The account lockout policy for failed login attempts.

allowClientClassCreation Boolean

Enable (or disable) client class creation, defaults to true

allowCustomObjectId Boolean

Enable (or disable) custom objectId

allowHeaders Array.<String>

Add headers to Access-Control-Allow-Headers

allowOrigin String

Sets the origin to Access-Control-Allow-Origin

analyticsAdapter Adapter.<AnalyticsAdapter>

Adapter module for the analytics

appId String

Your Parse Application ID

appName String

Sets the app name

auth Array.<AuthAdapter>

Configuration for your authentication providers, as stringified JSON. See

cacheAdapter Adapter.<CacheAdapter>

Adapter module for the cache

cacheMaxSize Number

Sets the maximum size for the in memory cache, defaults to 10000

cacheTTL Number

Sets the TTL for the in memory cache (in ms), defaults to 5000 (5 seconds)

clientKey String

Key for iOS, MacOS, tvOS clients

cloud String

Full path to your cloud code main.js

cluster Number | Boolean

Run with cluster, optionally set the number of processes default to os.cpus().length

collectionPrefix String

A collection prefix for the classes

customPages CustomPagesOptions

custom pages for password validation and reset

databaseAdapter Adapter.<StorageAdapter>

Adapter module for the database; any options that are not explicitly described here are passed directly to the database client.

databaseOptions DatabaseOptions

Options to pass to the database client

databaseURI String

The full URI to your database. Supported databases are mongodb or postgres.

defaultLimit Number

Default value for limit option on queries, defaults to 100.

directAccess Boolean

Set to true if Parse requests within the same Node.js environment as Parse Server should be routed to Parse Server directly instead of via the HTTP interface. Default is false.

If set to false then Parse requests within the same Node.js environment as Parse Server are executed as HTTP requests sent to Parse Server via the serverURL. For example, a Parse.Query in Cloud Code is calling Parse Server via a HTTP request. The server is essentially making a HTTP request to itself, unnecessarily using network resources such as network ports.

⚠️ In environments where multiple Parse Server instances run behind a load balancer and Parse requests within the current Node.js environment should be routed via the load balancer and distributed as HTTP requests among all instances via the serverURL, this should be set to false.

dotNetKey String

Key for Unity and .Net SDK

emailAdapter Adapter.<MailAdapter>

Adapter module for email sending

emailVerifyTokenReuseIfValid Boolean

Set to true if a email verification token should be reused in case another token is requested but there is a token that is still valid, i.e. has not expired. This avoids the often observed issue that a user requests multiple emails and does not know which link contains a valid token because each newly generated token would invalidate the previous token.

Default is false.
Requires option verifyUserEmails: true.

emailVerifyTokenValidityDuration Number

Set the validity duration of the email verification token in seconds after which the token expires. The token is used in the link that is set in the email. After the token expires, the link becomes invalid and a new link has to be sent. If the option is not set or set to undefined, then the token never expires.

For example, to expire the token after 2 hours, set a value of 7200 seconds (= 60 seconds * 60 minutes * 2 hours).

Default is undefined.
Requires option verifyUserEmails: true.

enableAnonymousUsers Boolean

Enable (or disable) anonymous users, defaults to true

enableExpressErrorHandler Boolean

Enables the default express error handler for all errors

encryptionKey String

Key for encrypting your files

enforcePrivateUsers Boolean

Set to true if new users should be created without public read and write access.

expireInactiveSessions Boolean

Sets whether we should expire the inactive sessions, defaults to true. If false, all new sessions are created with no expiration date.

fileKey String

Key for your files

filesAdapter Adapter.<FilesAdapter>

Adapter module for the files sub-system

fileUpload FileUploadOptions

Options for file uploads

graphQLPath String

Mount path for the GraphQL endpoint, defaults to /graphql

graphQLSchema String

Full path to your GraphQL custom schema.graphql file

host String

The host to serve ParseServer on, defaults to

idempotencyOptions IdempotencyOptions

Options for request idempotency to deduplicate identical requests that may be caused by network issues. Caution, this is an experimental feature that may not be appropriate for production.

javascriptKey String

Key for the Javascript SDK

jsonLogs Boolean

Log as structured JSON objects

liveQuery LiveQueryOptions

parse-server's LiveQuery configuration object

liveQueryServerOptions LiveQueryServerOptions

Live query server configuration options (will start the liveQuery server)

loggerAdapter Adapter.<LoggerAdapter>

Adapter module for the logging sub-system

logLevel String

Sets the level for logs

logsFolder String

Folder for the logs (defaults to './logs'); set to null to disable file based logging

masterKey String

Your Parse Master Key

masterKeyIps Array.<String>

Restrict masterKey to be used by only these ips, defaults to [] (allow all ips)

maxLimit Number

Max value for limit option on queries, defaults to unlimited

maxLogFiles Number | String

Maximum number of logs to keep. If not set, no logs will be removed. This can be a number of files or number of days. If using days, add 'd' as the suffix. (default: null)

maxUploadSize String

Max file size for uploads, defaults to 20mb

middleware Union

middleware for express server, can be string or function

mountGraphQL Boolean

Mounts the GraphQL endpoint

mountPath String

Mount path for the server, defaults to /parse

mountPlayground Boolean

Mounts the GraphQL Playground - never use this option in production

objectIdSize Number

Sets the number of characters in generated object id's, default 10

pages PagesOptions

The options for pages such as password reset and email verification. Caution, this is an experimental feature that may not be appropriate for production.

passwordPolicy PasswordPolicyOptions

The password policy for enforcing password related rules.

playgroundPath String

Mount path for the GraphQL Playground, defaults to /playground

port Number

The port to run the ParseServer, defaults to 1337.

preserveFileName Boolean

Enable (or disable) the addition of a unique hash to the file names

preventLoginWithUnverifiedEmail Boolean

Set to true to prevent a user from logging in if the email has not yet been verified and email verification is required.

Default is false.
Requires option verifyUserEmails: true.

protectedFields ProtectedFields

Protected fields that should be treated with extra security when fetching details.

publicServerURL String

Public URL to your parse server with http:// or https://.

push Any

Configuration for push, as stringified JSON. See

readOnlyMasterKey String

Read-only key, which has the same capabilities as MasterKey without writes

requestKeywordDenylist Array.<RequestKeywordDenylist>

An array of keys and values that are prohibited in database read and write requests to prevent potential security vulnerabilities. It is possible to specify only a key ({"key":"..."}), only a value ({"value":"..."}) or a key-value pair ({"key":"...","value":"..."}). The specification can use the following types: boolean, numeric or string, where string will be interpreted as a regex notation. Request data is deep-scanned for matching definitions to detect also any nested occurrences. Defaults are patterns that are likely to be used in malicious requests. Setting this option will override the default patterns.

restAPIKey String

Key for REST calls

revokeSessionOnPasswordReset Boolean

When a user changes their password, either through the reset password email or while logged in, all sessions are revoked if this is true. Set to false if you don't want to revoke sessions.

scheduledPush Boolean

Configuration for push scheduling, defaults to false.

schema SchemaOptions

Defined schema

security SecurityOptions

The security options to identify and report weak security settings.

serverCloseComplete function

Callback when server has closed

serverStartComplete function

Callback when server has started

serverURL String

URL to your parse server with http:// or https://.

sessionLength Number

Session duration, in seconds, defaults to 1 year

silent Boolean

Disables console output

startLiveQueryServer Boolean

Starts the liveQuery server

userSensitiveFields Array.<String>

Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields

verbose Boolean

Set the logging to verbose

verifyUserEmails Boolean

Set to true to require users to verify their email address to complete the sign-up process.

Default is false.

webhookKey String

Key sent with outgoing webhook calls