# ============================================ # Omada Cloud Authentication # ============================================ # IMPORTANT: Get these values from Omada UI → Settings → Platform Integration → Open API → Your App → View Details # OPTION 1: OAuth Authentication (from Omada OpenAPI page) # Client ID from Omada OpenAPI settings page (NOT the generic TP-Link one) OMADA_CLIENT_ID=your-client-id-from-omada-openapi-page # Client Secret from Omada OpenAPI settings page OMADA_CLIENT_SECRET=your-client-secret-from-omada-openapi-page # OPTION 2: Username/Password Authentication (Recommended for getting started) # Your Omada cloud account email OMADA_USERNAME=your-omada-email@example.com # Your Omada cloud account password OMADA_PASSWORD=your-strong-password # Authentication method: 'password' (default, recommended) or 'oauth' # Set to 'password' to avoid OAuth noise during development OMADA_AUTH_METHOD=password # ============================================ # Legacy TP-Link Credentials (Optional, for backward compatibility) # ============================================ # These are from the generic TP-Link Developer Portal, NOT Omada OpenAPI # Only needed if you're using the old TP-Link API (not recommended for Omada) # TP_LINK_CLIENT_ID=your-tp-link-client-id # TP_LINK_CLIENT_SECRET=your-tp-link-client-secret # TP_LINK_API_BASE_URL=https://openapi.tplinkcloud.com # ============================================ # Omada Cloud Configuration (Required) # ============================================ # IMPORTANT: Your Omada Customer/Controller ID (omadac_id) from OpenAPI settings # Find this in: Omada UI → Settings → Platform Integration → Open API → Your App → View Details # Look for "Customer ID", "MSP ID", "Controller ID", or "Omada ID / OmadacId" # This is DIFFERENT from the Client ID - it's the ID of your controller/customer # This is what you pass as the 'omadac_id' query parameter in login requests OMADA_CUSTOMER_ID=your-customer-id-from-openapi-settings # Legacy: OMADA_ID (kept for backward compatibility, should match OMADA_CUSTOMER_ID) # If OMADA_CUSTOMER_ID is not set, OMADA_ID will be used # NOTE: Do NOT use the same value as TP_LINK_CLIENT_ID or OMADA_CLIENT_ID here! OMADA_ID=your-customer-id-from-openapi-settings # Omada controller base URL (for authentication) # Example: https://euw1-omada-controller.tplinkcloud.com OMADA_CONTROLLER_BASE=https://euw1-omada-controller.tplinkcloud.com # Omada northbound API base URL (for API calls) # Example: https://euw1-omada-northbound.tplinkcloud.com OMADA_NORTHBOUND_BASE=https://euw1-omada-northbound.tplinkcloud.com # Authentication method: 'password' (default) or 'oauth' # Defaults to 'password' to avoid OAuth noise during development # Set to 'oauth' only if you want to use OAuth Client Credentials flow OMADA_AUTH_METHOD=password # ============================================ # Database Configuration # ============================================ # PostgreSQL connection string # Format: postgresql://user:password@host:port/database?schema=public # For local development with docker-compose: # DATABASE_URL=postgresql://omada_user:omada_password@localhost:5432/omada_db?schema=public # For production, use your actual database credentials DATABASE_URL=postgresql://user:password@localhost:5432/omada_db?schema=public # ============================================ # Server Configuration # ============================================ # API server port (default: 3000) PORT=3000 # Environment: development, staging, production NODE_ENV=development # ============================================ # Authentication # ============================================ # JWT secret for API authentication # IMPORTANT: Change this to a strong random string in production! # Generate with: openssl rand -base64 32 JWT_SECRET=your-jwt-secret-key-change-in-production-minimum-32-characters # ============================================ # Logging # ============================================ # Log level: error, warn, info, debug # In development, use 'debug' for detailed logs # In production, use 'info' or 'warn' LOG_LEVEL=info # ============================================ # Background Jobs (Optional) # ============================================ # Cron expression for inventory sync job # Default: every 10 minutes (*/10 * * * *) # Format: minute hour day month day-of-week # Examples: # */10 * * * * - Every 10 minutes # 0 * * * * - Every hour # 0 */6 * * * - Every 6 hours SYNC_JOB_SCHEDULE=*/10 * * * * # Cron expression for license check job # Default: daily at 9 AM (0 9 * * *) # Examples: # 0 9 * * * - Daily at 9 AM # 0 9 * * 1 - Every Monday at 9 AM # 0 0 1 * * - First day of every month at midnight LICENSE_JOB_SCHEDULE=0 9 * * *