| ANKA_API_KEYS_CLEANING_INTERVAL | (duration) | The interval for cleaning of expired api keys. | 4h0m0s |
| ANKA_API_KEYS_SESSION_TTL | (duration) | The API Keys session TTL (used for automatic expiration). | 5m0s |
| ANKA_CA_CERT | (string) | (Certificate Authentication) The CA/root cert used to authenticate incoming requests/certs. | |
| ANKA_CRL | (string) | (Certificate Authentication) File containing certificate revocation list (CRL) used to authenticate incoming requests/certs. | |
| ANKA_ENABLE_API_KEYS | (boolean) | Enable API Key Authentication. | false |
| ANKA_ENABLE_AUTH | (boolean) | Enable Authentication (Root Token, Certificate, SSO/OpenID Connect or API Keys) (Not to be confused with Authorization). | false |
| ANKA_ENABLE_CONTROLLER_AUTHORIZATION | (boolean) | Enable Authorization (Users, groups, permission control for specific certificates) in the Controller. | false |
| ANKA_ENABLE_INGRESS_NGINX | (boolean) | Enable Authentication based on headers set by Ingress Nginx (https://kubernetes.github.io/ingress-nginx/examples/auth/client-certs/ | false |
| ANKA_ENABLE_RESOURCE_MANAGEMENT | (boolean) | Enable resource management for the controller (requires enable-controller-authorization) | false |
| ANKA_ETCD_CA_CERT | (string) | (ETCD Certificate Authentication) The Etcd client will use this when connecting to the cluster. | |
| ANKA_ETCD_CERT | (string) | (ETCD Certificate Authentication) The ETCD client will use this when connecting to the cluster. | |
| ANKA_ETCD_CERT_KEY | (string) | (ETCD Certificate Authentication) The ETCD client will use this when connecting to the cluster. | |
| ANKA_ETCD_PASSWORD | (string) | (ETCD Certificate Authentication) ETCD Password to use for login. | |
| ANKA_ETCD_USERNAME | (string) | (ETCD Certificate Authentication) ETCD Username to use for login. | |
| ANKA_OIDC_CLIENT_ID | (string) | (OpenID Connect/SSO) Client id | |
| ANKA_OIDC_CLIENT_SECRET | (string) | (OpenID Connect/SSO) Client secret | |
| ANKA_OIDC_DISPLAY_NAME | (string) | (OpenID Connect/SSO) Name to display on login page | |
| ANKA_OIDC_GROUPS_CLAIM | (string) | (OpenID Connect/SSO) Claim key to use for groups, defaults to groups | groups |
| ANKA_OIDC_PROVIDER_URL | (string) | (OpenID Connect/SSO) Provider URL | |
| ANKA_OIDC_SCOPES | (string) | (OpenID Connect/SSO) Comma separated list of scopes, overrides default scopes used | |
| ANKA_OIDC_USER_INFO | (boolean) | (OpenID Connect/SSO) Get claims from user info endpoint | false |
| ANKA_OIDC_USERNAME_CLAIM | (string) | (OpenID Connect/SSO) Claim key to use for user name, defaults to name | |
| ANKA_ROOT_CERT | (string) | (Certificate Authentication) Alias of ca-cert | |
| ANKA_ROOT_TOKEN | (string) | Sets the basic auth token that will be used for accessing the Controller UI and API (username is ‘root’). | |
| ANKA_SKIP_ETCD_TLS_VERIFICATION | (boolean) | (ETCD Certificate Authentication) Don’t verify ETCD TLS certificates (for self signed certificates). | false |
| ANKA_USE_ETCD_LOGIN | (boolean) | (ETCD Certificate Authentication) Enable ETCD client login with username and password. | false |
| ANKA_USE_ETCD_TLS | (boolean) | (ETCD Certificate Authentication) Use TLS certificates for authentication with ETCD cluster. | false |