Skip to Content
DaaS StudioSettings

Settings

Navigate to /settings to configure global options for your BuildPad DaaS instance. Settings is divided into four tabs: General, AI / MCP, CORS, and SMTP.

All settings endpoints require admin access.

GET /api/settings — read all current settings PATCH /api/settings — update settings (admin only)

General (/settings/general)

The General tab controls the Activity Log Retention period — how many days audit trail entries are kept before the daily housekeeping job purges them.

FieldDescription
activity_retention_daysDays to retain activity log entries. Set to 0 to disable automatic purging (records accumulate indefinitely).
GET /api/settings/general — read retention setting PATCH /api/settings/general — update retention setting (admin only)

SMTP (/settings/smtp)

Configure outbound email at /settings/smtp. Used for password reset emails and any emails sent by hooks, extensions, or custom services.

FieldDescription
smtp_enabledMaster toggle — when disabled all email sends are silently skipped
smtp_hostSMTP server hostname
smtp_portSMTP port (25, 465 for SSL, 587 for STARTTLS)
smtp_secureEnable SSL/TLS (port 465). Leave off for STARTTLS on port 587
smtp_ignore_tlsSkip certificate verification — development only
smtp_userSMTP username
smtp_passwordSMTP password
smtp_from_emailSender address for outgoing emails
smtp_from_nameDisplay name shown to recipients

After saving, click Test Connection to verify connectivity to the SMTP server.

POST /api/settings/smtp/test — verifies SMTP server connectivity

CORS (/settings/cors)

Configure Cross-Origin Resource Sharing rules at /settings/cors. Controls which origins, methods, and headers are allowed when the API is called from a browser.

FieldDescription
cors_enabledMaster toggle for CORS middleware
cors_originsAllowed origin URLs (empty = block all)
cors_methodsAllowed HTTP methods
cors_allowed_headersAllowed request headers
cors_expose_headersHeaders exposed to the browser
cors_allow_credentialsAllow cookies/credentials in cross-origin requests
cors_max_agePreflight cache duration in seconds

AI / MCP (/settings/ai)

The AI / MCP tab lets you configure the built-in Model Context Protocol server. See AI & MCP for details.

Last updated on