Configuration settings

Enterprise onlyConfigure the policy for outgoing Neo4j Browser connections.

browser.allow_outgoing_connections, a boolean

Enterprise onlyConfigure the Neo4j Browser to time out logged in users after this idle period. Setting this to 0 indicates no limit.

browser.credential_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Commands to be run when Neo4j Browser successfully connects to this server. Separate multiple commands with semi-colon.

browser.post_connect_cmd, a string

Whitelist of hosts for the Neo4j Browser to be allowed to fetch content from.

browser.remote_content_hostname_whitelist, a string

Enterprise onlyConfigure the Neo4j Browser to store or not store user credentials.

browser.retain_connection_credentials, a boolean

Enterprise onlyConfigure the Neo4j Browser to store or not store user editor history.

browser.retain_editor_history, a boolean

Configure client applications such as Browser and Bloom to send Product Analytics data.

client.allow_telemetry, a boolean

Configures the general policy for when check-points should occur. The default policy is the 'periodic' check-point policy, as specified by the 'db.checkpoint.interval.tx' and 'db.checkpoint.interval.time' settings. The Neo4j Enterprise Edition provides two alternative policies: The first is the 'continuous' check-point policy, which will ignore those settings and run the check-point process all the time. The second is the 'volumetric' check-point policy, which makes a best-effort at check-pointing often enough so that the database doesn’t get too far behind on deleting old transaction logs in accordance with the 'db.tx_log.rotation.retention_policy' setting.

db.checkpoint, one of [PERIODIC, CONTINUOUS, VOLUME, VOLUMETRIC]

Configures the time interval between check-points. The database will not check-point more often than this (unless check pointing is triggered by a different event), but might check-point less often than this interval, if performing a check-point takes longer time than the configured interval. A check-point is a point in the transaction logs, which recovery would start from. Longer check-point intervals typically mean that recovery will take longer to complete in case of a crash. On the other hand, a longer check-point interval can also reduce the I/O load that the database places on the system, as each check-point implies a flushing and forcing of all the store files.

db.checkpoint.interval.time, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Configures the transaction interval between check-points. The database will not check-point more often than this (unless check pointing is triggered by a different event), but might check-point less often than this interval, if performing a check-point takes longer time than the configured interval. A check-point is a point in the transaction logs, which recovery would start from. Longer check-point intervals typically mean that recovery will take longer to complete in case of a crash. On the other hand, a longer check-point interval can also reduce the I/O load that the database places on the system, as each check-point implies a flushing and forcing of all the store files. The default is '100000' for a check-point every 100000 transactions.

db.checkpoint.interval.tx, an integer which is minimum 1

Configures the volume of transaction logs between check-points. The database will not check-point more often than this (unless check pointing is triggered by a different event), but might check-point less often than this interval, if performing a check-point takes longer time than the configured interval. A check-point is a point in the transaction logs, which recovery would start from. Longer check-point intervals typically mean that recovery will take longer to complete in case of a crash. On the other hand, a longer check-point interval can also reduce the I/O load that the database places on the system, as each check-point implies a flushing and forcing of all the store files.

db.checkpoint.interval.volume, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 1.00KiB

Limit the number of IOs the background checkpoint process will consume per second. This setting is advisory, is ignored in Neo4j Community Edition, and is followed to best effort in Enterprise Edition. An IO is in this case a 8 KiB (mostly sequential) write. Limiting the write IO in this way will leave more bandwidth in the IO subsystem to service random-read IOs, which is important for the response time of queries when the database cannot fit entirely in memory. The only drawback of this setting is that longer checkpoint times may lead to slightly longer recovery times in case of a database or system crash. A lower number means lower IO pressure, and consequently longer checkpoint times. Set this to -1 to disable the IOPS limit and remove the limitation entirely; this will let the checkpointer flush data as fast as the hardware will go. Removing the setting, or commenting it out, will set the default value of 600.

db.checkpoint.iops.limit, an integer

true

Enterprise onlyInterval of pulling updates from cores.

db.cluster.catchup.pull_interval, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyThe maximum number of bytes in the apply buffer. This parameter limits the amount of memory that can be consumed by the apply buffer. If the bytes limit is reached, buffer size will be limited even if max_entries is not exceeded.

db.cluster.raft.apply.buffer.max_bytes, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB)

Enterprise onlyThe maximum number of entries in the raft log entry prefetch buffer.

db.cluster.raft.apply.buffer.max_entries, an integer

Enterprise onlyLargest batch processed by RAFT in bytes.

db.cluster.raft.in_queue.batch.max_bytes, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB)

Enterprise onlyMaximum number of bytes in the RAFT in-queue.

db.cluster.raft.in_queue.max_bytes, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB)

Enterprise onlyThe name of a server_group whose members should be prioritized as leaders. This does not guarantee that members of this group will be leader at all times, but the cluster will attempt to transfer leadership to such a member when possible. If a database is specified using db.cluster.raft.leader_transfer.priority_group.<database> the specified priority group will apply to that database only. If no database is specified that group will be the default and apply to all databases which have no priority group explicitly set. Using this setting will disable leadership balancing.

db.cluster.raft.leader_transfer.priority_group, a string identifying a Server Tag

Enterprise onlyRAFT log pruning strategy that determines which logs are to be pruned. Neo4j only prunes log entries up to the last applied index, which guarantees that logs are only marked for pruning once the transactions within are safely copied over to the local transaction logs and safely committed by a majority of cluster members. Possible values are a byte size or a number of transactions (e.g., 200K txs).

db.cluster.raft.log.prune_strategy, a string

Enterprise onlyThe maximum number of bytes in the in-flight cache. This parameter limits the amount of memory that can be consumed by cache. If the bytes limit is reached, cache size will be limited even if max_entries is not exceeded.

db.cluster.raft.log_shipping.buffer.max_bytes, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB)

Enterprise onlyThe maximum number of entries in the in-flight cache. Increasing size will require more memory but might improve performance in high load situations.

db.cluster.raft.log_shipping.buffer.max_entries, an integer

Allows the enabling or disabling of the file watcher service. This is an auxiliary service but should be left enabled in almost all cases.

db.filewatcher.enabled, a boolean

Database format. This is the format that will be used for new databases. Valid values are standard, aligned, or high_limit.The aligned format is essentially the standard format with some minimal padding at the end of pages such that a single record will never cross a page boundary. The high_limit format is available for Enterprise Edition only. It is required if you have a graph that is larger than 34 billion nodes, 34 billion relationships, or 68 billion properties.

db.format, a string

true

The size of the internal buffer in bytes used by LOAD CSV. If the csv file contains huge fields this value may have to be increased.

db.import.csv.buffer_size, a long which is minimum 1

Selects whether to conform to the standard https://tools.ietf.org/html/rfc4180 for interpreting escaped quotation characters in CSV files loaded using LOAD CSV. Setting this to false will use the standard, interpreting repeated quotes '""' as a single in-lined quote, while true will use the legacy convention originally supported in Neo4j 3.0 and 3.1, allowing a backslash to include quotes in-lined in fields.

db.import.csv.legacy_quote_escaping, a boolean

The name of the analyzer that the fulltext indexes should use by default.

db.index.fulltext.default_analyzer, a string

Whether or not fulltext indexes should be eventually consistent by default or not.

db.index.fulltext.eventually_consistent, a boolean

The eventually_consistent mode of the fulltext indexes works by queueing up index updates to be applied later in a background thread. This newBuilder sets an upper bound on how many index updates are allowed to be in this queue at any one point in time. When it is reached, the commit process will slow down and wait for the index update applier thread to make some more room in the queue.

db.index.fulltext.eventually_consistent_index_update_queue_max_length, an integer which is in the range 1 to 50000000

Enable or disable background index sampling.

db.index_sampling.background_enabled, a boolean

Index sampling chunk size limit.

db.index_sampling.sample_size_limit, an integer which is in the range 1048576 to 2147483647

Percentage of index updates of total index size required before sampling of a given index is triggered.

db.index_sampling.update_percentage, an integer which is minimum 0

The maximum time interval within which lock should be acquired. Zero (default) means timeout is disabled.

db.lock.acquisition.timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

true

Log query text and parameters without obfuscating passwords. This allows queries to be logged earlier before parsing starts.

db.logs.query.early_raw_logging_enabled, a boolean

true

Log executed queries. Valid values are OFF, INFO, or VERBOSE.

Log entries are written to the query log.

This feature is available in the Neo4j Enterprise Edition.

db.logs.query.enabled, one of [OFF, INFO, VERBOSE]

true

Sets a maximum character length use for each parameter in the log. This only takes effect if db.logs.query.parameter_logging_enabled = true.

db.logs.query.max_parameter_length, an integer

true

Obfuscates all literals of the query before writing to the log. Note that node labels, relationship types and map property keys are still shown. Changing the setting will not affect queries that are cached. So, if you want the switch to have immediate effect, you must also call CALL db.clearQueryCaches().

db.logs.query.obfuscate_literals, a boolean

true

Log parameters for the executed queries being logged.

db.logs.query.parameter_logging_enabled, a boolean

true

Log query plan description table, useful for debugging purposes.

db.logs.query.plan_description_enabled, a boolean

true

If the execution of query takes more time than this threshold, the query is logged once completed - provided query logging is set to INFO. Defaults to 0 seconds, that is all queries are logged.

db.logs.query.threshold, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

true

Log the start and end of a transaction. Valid values are 'OFF', 'INFO', or 'VERBOSE'. OFF: no logging. INFO: log start and end of transactions that take longer than the configured threshold, db.logs.query.transaction.threshold. VERBOSE: log start and end of all transactions. Log entries are written to the query log. This feature is available in the Neo4j Enterprise Edition.

db.logs.query.transaction.enabled, one of [OFF, INFO, VERBOSE]

true

If the transaction is open for more time than this threshold, the transaction is logged once completed - provided transaction logging (db.logs.query.transaction.enabled) is set to INFO. Defaults to 0 seconds (all transactions are logged).

db.logs.query.transaction.threshold, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

true

Page cache can be configured to perform usage sampling of loaded pages that can be used to construct active load profile. According to that profile pages can be reloaded on the restart, replication, etc. This setting allows disabling that behavior. This feature is available in Neo4j Enterprise Edition.

db.memory.pagecache.warmup.enable, a boolean

Page cache warmup can be configured to prefetch files, preferably when cache size is bigger than store size. Files to be prefetched can be filtered by 'dbms.memory.pagecache.warmup.preload.allowlist'. Enabling this disables warmup by profile.

db.memory.pagecache.warmup.preload, a boolean

Page cache warmup prefetch file allowlist regex. By default matches all files.

db.memory.pagecache.warmup.preload.allowlist, a string

The profiling frequency for the page cache. Accurate profiles allow the page cache to do active warmup after a restart, reducing the mean time to performance. This feature is available in Neo4j Enterprise Edition.

db.memory.pagecache.warmup.profile.interval, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Limit the amount of memory that a single transaction can consume, in bytes (or kilobytes with the 'k' suffix, megabytes with 'm' and gigabytes with 'g'). Zero means 'largest possible value'.

db.memory.transaction.max, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 1.00MiB or is 0B

true

Limit the amount of memory that all transactions in one database can consume, in bytes (or kilobytes with the 'k' suffix, megabytes with 'm' and gigabytes with 'g'). Zero means 'unlimited'.

db.memory.transaction.total.max, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 10.00MiB or is 0B

true

If true, Neo4j will abort recovery if transaction log files are missing. Setting this to false will allow Neo4j to create new empty missing files for the already existing database, but the integrity of the database might be compromised.

db.recovery.fail_on_missing_files, a boolean

Relationship count threshold for considering a node to be dense.

db.relationship_grouping_threshold, an integer which is minimum 1

The maximum amount of time to wait for running transactions to complete before allowing initiated database shutdown to continue.

db.shutdown_transaction_end_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Specify if Neo4j should try to preallocate store files as they grow.

db.store.files.preallocate, a boolean

Database timezone for temporal functions. All Time and DateTime values that are created without an explicit timezone will use this configured default timezone.

db.temporal.timezone, a string describing a timezone, either described by offset (e.g. +02:00) or by name (e.g. Europe/Stockholm)

Enables or disables tracking of how much time a query spends actively executing on the CPU. Calling SHOW TRANSACTIONS will display the time, but not in the query.log.
If you want the CPU time to be logged in the query.log, set db.track_query_cpu_time=true and db.logs.query.time_logging_enabled=true Enterprise.

db.track_query_cpu_time, a boolean

true

The maximum amount of time to wait for the database state represented by the bookmark.

db.transaction.bookmark_ready_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s) which is minimum 1s

true

The maximum number of concurrently running transactions. If set to 0, limit is disabled.

db.transaction.concurrent.maximum, an integer

true

Configures the time interval between transaction monitor checks. Determines how often monitor thread will check transaction for timeout.

db.transaction.monitor.check.interval, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Transaction sampling percentage.

db.transaction.sampling.percentage, an integer which is in the range 1 to 100

true

The maximum time interval of a transaction within which it should be completed.

db.transaction.timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

true

Transaction creation tracing level.

db.transaction.tracing.level, one of [DISABLED, SAMPLE, ALL]

true

On serialization of transaction logs, they will be temporary stored in the byte buffer that will be flushed at the end of the transaction or at any moment when buffer will be full.

db.tx_log.buffer.size, a long which is minimum 131072

Specify if Neo4j should try to preallocate the logical log file in advance. It optimizes filesystem by ensuring there is room to accommodate newly generated files and avoid file-level fragmentation.

db.tx_log.preallocate, a boolean

true

Tell Neo4j how long logical transaction logs should be kept to backup the database.For example, "10 days" will prune logical logs that only contain transactions older than 10 days.Alternatively, "100k txs" will keep the 100k latest transactions from each database and prune any older transactions.

db.tx_log.rotation.retention_policy, a string which matches the pattern ^(true|keep_all|false|keep_none|(\d+[KkMmGg]?( (files|size|txs|entries|hours|days))))$ (Must be true or keep_all, false or keep_none, or of format <number><optional unit> <type>. Valid units are K, M and G. Valid types are files, size, txs, entries, hours and days. For example, 100M size will limit logical log space on disk to 100MB per database,and 200K txs will limit the number of transactions kept to 200 000 per database.)

true

Specifies at which file size the logical log will auto-rotate. Minimum accepted value is 128 KiB.

db.tx_log.rotation.size, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 128.00KiB

true

Defines whether memory for transaction state should be allocated on- or off-heap. Note that for small transactions you can gain up to 25% write speed by setting it to ON_HEAP.

db.tx_state.memory_allocation, one of [ON_HEAP, OFF_HEAP]

Enterprise onlyThe catch up protocol times out if the given duration elapses with no network activity. Every message received by the client from the server extends the time out duration.

dbms.cluster.catchup.client_inactivity_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyA comma-separated list of endpoints which a server should contact in order to discover other cluster members.

dbms.cluster.discovery.endpoints, a ',' separated list with elements of type 'a socket address in the format 'hostname:port', 'hostname' or ':port''.

Enterprise onlyThe level of middleware logging.

dbms.cluster.discovery.log_level, one of [DEBUG, INFO, WARN, ERROR, NONE]

Enterprise onlyConfigure the discovery type used for cluster name resolution.

dbms.cluster.discovery.type, one of [DNS, LIST, SRV, K8S] which may require different settings depending on the discovery type: DNS requires [dbms.cluster.discovery.endpoints], LIST requires [], SRV requires [dbms.cluster.discovery.endpoints], K8S requires [dbms.kubernetes.label_selector, dbms.kubernetes.service_port_name]

Enterprise onlyMinimum number of machines initially required to form a clustered DBMS. The cluster is considered formed when at least this many members have discovered each other, bound together and bootstrapped a highly available system database. As a result, at least this many of the cluster’s initial machines must have 'server.cluster.system_database_mode' set to 'PRIMARY'.NOTE: If 'dbms.cluster.discovery.type' is set to 'LIST' and 'dbms.cluster.discovery.endpoints' is empty then the user is assumed to be deploying a standalone DBMS, and the value of this setting is ignored.

dbms.cluster.minimum_initial_system_primaries_count, an integer which is minimum 1

Enterprise onlyTime out for protocol negotiation handshake.

dbms.cluster.network.handshake_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyMaximum chunk size allowable across network by clustering machinery.

dbms.cluster.network.max_chunk_size, an integer which is in the range 4096 to 10485760

Enterprise onlyNetwork compression algorithms that this instance will allow in negotiation as a comma-separated list. Listed in descending order of preference for incoming connections. An empty list implies no compression. For outgoing connections this merely specifies the allowed set of algorithms and the preference of the remote peer will be used for making the decision. Allowable values: [Gzip, Snappy, Snappy_validating, LZ4, LZ4_high_compression, LZ_validating, LZ4_high_compression_validating]

dbms.cluster.network.supported_compression_algos, a ',' separated list with elements of type 'a string'.

Enterprise onlyThe time allowed for a database on a Neo4j server to either join a cluster or form a new cluster with the other Neo4j Servers provided by dbms.cluster.discovery.endpoints.

dbms.cluster.raft.binding_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyThe maximum number of TCP channels between two nodes to operate the raft protocol. Each database gets allocated one channel, but a single channel can be used by more than one database.

dbms.cluster.raft.client.max_channels, an integer

Enterprise onlyThe rate at which leader elections happen. Note that due to election conflicts it might take several attempts to find a leader. The window should be significantly larger than typical communication delays to make conflicts unlikely.

dbms.cluster.raft.election_failure_detection_window, a duration-range <min-max> (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyThe time window within which the loss of the leader is detected and the first re-election attempt is held. The window should be significantly larger than typical communication delays to make conflicts unlikely.

dbms.cluster.raft.leader_failure_detection_window, a duration-range <min-max> (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyWhich strategy to use when transferring database leaderships around a cluster. This can be one of equal_balancing or no_balancing. equal_balancing automatically ensures that each Core server holds the leader role for an equal number of databases.no_balancing prevents any automatic balancing of the leader role. Note that if a leadership_priority_group is specified for a given database, the value of this setting will be ignored for that database.

dbms.cluster.raft.leader_transfer.balancing_strategy, one of [NO_BALANCING, EQUAL_BALANCING]

Enterprise onlyRAFT log pruning frequency.

dbms.cluster.raft.log.pruning_frequency, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyRAFT log reader pool size.

dbms.cluster.raft.log.reader_pool_size, an integer

Enterprise onlyRAFT log rotation size.

dbms.cluster.raft.log.rotation_size, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 1.00KiB

Enterprise onlyMaximum amount of lag accepted for a new follower to join the Raft group.

dbms.cluster.raft.membership.join_max_lag, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyTime out for a new member to catch up.

dbms.cluster.raft.membership.join_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyMaximum retry time per request during store copy. Regular store files and indexes are downloaded in separate requests during store copy. This configures the maximum time failed requests are allowed to resend.

dbms.cluster.store_copy.max_retry_time_per_request, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

This setting is associated with performance optimization. Set this to true in situations where it is preferable to have any queries using the 'shortestPath' function terminate as soon as possible with no answer, rather than potentially running for a long time attempting to find an answer (even if there is no path to be found). For most queries, the 'shortestPath' algorithm will return the correct answer very quickly. However there are some cases where it is possible that the fast bidirectional breadth-first search algorithm will find no results even if they exist. This can happen when the predicates in the WHERE clause applied to 'shortestPath' cannot be applied to each step of the traversal, and can only be applied to the entire path. When the query planner detects these special cases, it will plan to perform an exhaustive depth-first search if the fast algorithm finds no paths. However, the exhaustive search may be orders of magnitude slower than the fast algorithm. If it is critical that queries terminate as soon as possible, it is recommended that this option be set to true, which means that Neo4j will never consider using the exhaustive search for shortestPath queries. However, please note that if no paths are found, an error will be thrown at run time, which will need to be handled by the application.

dbms.cypher.forbid_exhaustive_shortestpath, a boolean

This setting is associated with performance optimization. The shortest path algorithm does not work when the start and end nodes are the same. With this setting set to false no path will be returned when that happens. The default value of true will instead throw an exception. This can happen if you perform a shortestPath search after a cartesian product that might have the same start and end nodes for some of the rows passed to shortestPath. If it is preferable to not experience this exception, and acceptable for results to be missing for those rows, then set this to false. If you cannot accept missing results, and really want the shortestPath between two common nodes, then re-write the query using a standard Cypher variable length pattern expression followed by ordering by path length and limiting to one result.

dbms.cypher.forbid_shortestpath_common_nodes, a boolean

Set this to specify the behavior when Cypher planner or runtime hints cannot be fulfilled. If true, then non-conformance will result in an error, otherwise only a warning is generated.

dbms.cypher.hints_error, a boolean

Set this to change the behavior for Cypher create relationship when the start or end node is missing. By default this fails the query and stops execution, but by setting this flag the create operation is simply not performed and execution continues.

dbms.cypher.lenient_create_relationship, a boolean

The minimum time between possible cypher query replanning events. After this time, the graph statistics will be evaluated, and if they have changed by more than the value set by dbms.cypher.statistics_divergence_threshold, the query will be replanned. If the statistics have not changed sufficiently, the same interval will need to pass before the statistics will be evaluated again. Each time they are evaluated, the divergence threshold will be reduced slightly until it reaches 10% after 7h, so that even moderately changing databases will see query replanning after a sufficiently long time interval.

dbms.cypher.min_replan_interval, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Set this to specify the default planner for the default language version.

dbms.cypher.planner, one of [DEFAULT, COST]

If set to true a textual representation of the plan description will be rendered on the server for all queries running with EXPLAIN or PROFILE. This allows clients such as the neo4j browser and Cypher shell to show a more detailed plan description.

dbms.cypher.render_plan_description, a boolean

true

The threshold for statistics above which a plan is considered stale.

If any of the underlying statistics used to create the plan have changed more than this value, the plan will be considered stale and will be replanned. Change is calculated as abs(a-b)/max(a,b).

This means that a value of 0.75 requires the database to quadruple in size before query replanning. A value of 0 means that the query will be replanned as soon as there is any change in statistics and the replan interval has elapsed.

This interval is defined by dbms.cypher.min_replan_interval and defaults to 10s. After this interval, the divergence threshold will slowly start to decline, reaching 10% after about 7h. This will ensure that long running databases will still get query replanning on even modest changes, while not replanning frequently unless the changes are very large.

dbms.cypher.statistics_divergence_threshold, a double which is in the range 0.0 to 1.0

Enterprise onlyDatabases may be created from an existing 'seed' (a database backup or dump) stored at some source URI. Different types of seed source are supported by different implementations of com.neo4j.dbms.seeding.SeedProvider. For example, seeds stored at 's3://' and 'https://' URIs are supported by the builtin S3SeedProvider and URLConnectionSeedProvider respectively. This list specifies enabled seed providers. If a seed source (URI scheme) is supported by multiple providers in the list, the first matching provider will be used. If the list is set to empty, the seed from uri functionality is effectively disabled.

dbms.databases.seed_from_uri_providers, a ',' separated list with elements of type 'a string'.

Database timezone. Among other things, this setting influences the monitoring procedures.

dbms.db.timezone, one of [UTC, SYSTEM]

Enterprise onlyAddress for Kubernetes API.

dbms.kubernetes.address, a socket address in the format 'hostname:port', 'hostname' or ':port'

Enterprise onlyFile location of CA certificate for Kubernetes API.

dbms.kubernetes.ca_crt, a path

Enterprise onlyKubernetes cluster domain.

dbms.kubernetes.cluster_domain, a string

Enterprise onlyLabelSelector for Kubernetes API.

dbms.kubernetes.label_selector, a string

Enterprise onlyFile location of namespace for Kubernetes API.

dbms.kubernetes.namespace, a path

Enterprise onlyService port name for discovery for Kubernetes API.

dbms.kubernetes.service_port_name, a string

Enterprise onlyFile location of token for Kubernetes API.

dbms.kubernetes.token, a path

Enable HTTP request logging.

dbms.logs.http.enabled, a boolean

Enterprise onlyThe maximum number of databases.

dbms.max_databases, a long which is minimum 2

Enable off heap and on heap memory tracking. Should not be set to false for clusters.

dbms.memory.tracking.enable, a boolean

Limit the amount of memory that all of the running transactions can consume, in bytes (or kilobytes with the 'k' suffix, megabytes with 'm' and gigabytes with 'g'). Zero means 'unlimited'.

dbms.memory.transaction.total.max, a byte size (valid multipliers are B, KiB, KB, K, kB, kb, k, MiB, MB, M, mB, mb, m, GiB, GB, G, gB, gb, g, TiB, TB, PiB, PB, EiB, EB) which is minimum 10.00MiB or is 0B

true

Netty SSL provider.

dbms.netty.ssl.provider, one of [JDK, OPENSSL, OPENSSL_REFCNT]

Always use client side routing (regardless of the default router) for neo4j:// protocol connections to these domains. A comma separated list of domains. Wildcards (*) are supported.

dbms.routing.client_side.enforce_for_domains, a ',' separated set with elements of type 'a string'.

true

Routing strategy for neo4j:// protocol connections. Default is CLIENT, using client-side routing, with server-side routing as a fallback (if enabled). When set to SERVER, client-side routing is short-circuited, and requests will rely on server-side routing (which must be enabled for proper operation, i.e. dbms.routing.enabled=true). Can be overridden by dbms.routing.client_side.enforce_for_domains.

dbms.routing.default_router, one of [SERVER, CLIENT]

Socket connection timeout. A timeout of zero is treated as an infinite timeout and will be bound by the timeout configured on the operating system level.

dbms.routing.driver.connection.connect_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Pooled connections older than this threshold will be closed and removed from the pool. Setting this option to a low value will cause a high connection churn and might result in a performance hit. It is recommended to set maximum lifetime to a slightly smaller value than the one configured in network equipment (load balancer, proxy, firewall, etc. can also limit maximum connection lifetime). Zero and negative values result in lifetime not being checked.

dbms.routing.driver.connection.max_lifetime, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Maximum amount of time spent attempting to acquire a connection from the connection pool. This timeout only kicks in when all existing connections are being used and no new connections can be created because maximum connection pool size has been reached. Error is raised when connection can’t be acquired within configured time. Negative values are allowed and result in unlimited acquisition timeout. Value of 0 is allowed and results in no timeout and immediate failure when connection is unavailable.

dbms.routing.driver.connection.pool.acquisition_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Pooled connections that have been idle in the pool for longer than this timeout will be tested before they are used again, to ensure they are still alive. If this option is set too low, an additional network call will be incurred when acquiring a connection, which causes a performance hit. If this is set high, no longer live connections might be used which might lead to errors. Hence, this parameter tunes a balance between the likelihood of experiencing connection problems and performance Normally, this parameter should not need tuning. Value 0 means connections will always be tested for validity.

dbms.routing.driver.connection.pool.idle_test, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Maximum total number of connections to be managed by a connection pool. The limit is enforced for a combination of a host and user. Negative values are allowed and result in unlimited pool. Value of 0is not allowed.

dbms.routing.driver.connection.pool.max_size, an integer

Sets level for driver internal logging.

dbms.routing.driver.logging.level, one of [DEBUG, INFO, WARN, ERROR, NONE]

Enable server-side routing in clusters using an additional bolt connector. When configured, this allows requests to be forwarded from one cluster member to another, if the requests can’t be satisfied by the first member (e.g. write requests received by a non-leader).

dbms.routing.enabled, a boolean

Enterprise onlyThe load balancing plugin to use.

dbms.routing.load_balancing.plugin, a string which specified load balancer plugin exist.

Enterprise onlyEnables shuffling of the returned load balancing result.

dbms.routing.load_balancing.shuffle_enabled, a boolean

Enterprise onlyConfigure if the dbms.routing.getRoutingTable() procedure should include non-writer primaries as read endpoints or return only secondaries. Note: if there are no secondaries for the given database primaries are returned as read end points regardless the value of this setting. Defaults to true so that non-writer primaries are available for read-only queries in a typical heterogeneous setup.

dbms.routing.reads_on_primaries_enabled, a boolean

Enterprise onlyConfigure if the dbms.routing.getRoutingTable() procedure should include the writer as read endpoint or return only non-writers (non writer primaries and secondaries) Note: writer is returned as read endpoint if no other member is present all.

dbms.routing.reads_on_writers_enabled, a boolean

true

How long callers should cache the response of the routing procedure dbms.routing.getRoutingTable()

dbms.routing_ttl, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s) which is minimum 1s

Determines if Cypher will allow using file URLs when loading data using LOAD CSV. Setting this value to false will cause Neo4j to fail LOAD CSV clauses that load data from the file system.

dbms.security.allow_csv_import_from_file_urls, a boolean

Enterprise onlyThe maximum capacity for authentication and authorization caches (respectively).

dbms.security.auth_cache_max_capacity, an integer

Enterprise onlyThe time to live (TTL) for cached authentication and authorization info when using external auth providers (LDAP or plugin). Setting the TTL to 0 will disable auth caching. Disabling caching while using the LDAP auth provider requires the use of an LDAP system account for resolving authorization information.

dbms.security.auth_cache_ttl, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyEnable time-based eviction of the authentication and authorization info cache for external auth providers (LDAP or plugin). Disabling this setting will make the cache live forever and only be evicted when dbms.security.auth_cache_max_capacity is exceeded.

dbms.security.auth_cache_use_ttl, a boolean

Enable auth requirement to access Neo4j.

dbms.security.auth_enabled, a boolean

Neo4j v5.3The minimum number of characters required in a password.

dbms.security.auth_minimum_password_length, an integer

The amount of time user account should be locked after a configured number of unsuccessful authentication attempts. The locked out user will not be able to log in until the lock period expires, even if correct credentials are provided. Setting this configuration option to a low value is not recommended because it might make it easier for an attacker to brute force the password.

dbms.security.auth_lock_time, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s) which is minimum 0s

The maximum number of unsuccessful authentication attempts before imposing a user lock for the configured amount of time, as defined by dbms.security.auth_lock_time.The locked out user will not be able to log in until the lock period expires, even if correct credentials are provided. Setting this configuration option to values less than 3 is not recommended because it might make it easier for an attacker to brute force the password.

dbms.security.auth_max_failed_attempts, an integer which is minimum 0

Enterprise onlyA list of security authentication providers containing the users and roles. This can be any of the built-in native or ldap providers, or it can be an externally provided plugin, with a custom name prefixed by plugin-, i.e. plugin-<AUTH_PROVIDER_NAME>. They will be queried in the given order when login is attempted.

dbms.security.authentication_providers, a ',' separated list with elements of type 'a string'.

Enterprise onlyA list of security authorization providers containing the users and roles. This can be any of the built-in native or ldap providers, or it can be an externally provided plugin, with a custom name prefixed by plugin-, i.e. plugin-<AUTH_PROVIDER_NAME>. They will be queried in the given order when login is attempted.

dbms.security.authorization_providers, a ',' separated list with elements of type 'a string'.

Enterprise onlyRequire authorization for access to the Causal Clustering status endpoints.

dbms.security.cluster_status_auth_enabled, a boolean

Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS connector. This defaults to '*', which allows broadest compatibility. Note that any URI provided here limits HTTP/HTTPS access to that URI only.

dbms.security.http_access_control_allow_origin, a string

Defines an allowlist of http paths where Neo4j authentication is not required.

dbms.security.http_auth_allowlist, a ',' separated list with elements of type 'a string'.

Value of the HTTP Strict-Transport-Security (HSTS) response header. This header tells browsers that a webpage should only be accessed using HTTPS instead of HTTP. It is attached to every HTTPS response. Setting is not set by default so 'Strict-Transport-Security' header is not sent. Value is expected to contain directives like 'max-age', 'includeSubDomains' and 'preload'.

dbms.security.http_strict_transport_security, a string

Enterprise onlyName of the 256 length AES encryption key, which is used for the symmetric encryption.

dbms.security.key.name, a string

true

Enterprise onlyPassword for accessing the keystore holding a 256 length AES encryption key, which is used for the symmetric encryption.

dbms.security.keystore.password, a secure string

true

Enterprise onlyLocation of the keystore holding a 256 length AES encryption key, which is used for the symmetric encryption of secrets held in system database.

dbms.security.keystore.path, a path

true

Enterprise onlyThe attribute to use when looking up users. Using this setting requires dbms.security.ldap.authentication.search_for_attribute to be true and thus dbms.security.ldap.authorization.system_username and dbms.security.ldap.authorization.system_password to be configured.

dbms.security.ldap.authentication.attribute, a string which matches the pattern [A-Za-z0-9-]* (has to be a valid LDAP attribute name, only containing letters [A-Za-z], digits [0-9] and hyphens [-].)

true

Enterprise onlyDetermines if the result of authentication via the LDAP server should be cached or not. Caching is used to limit the number of LDAP requests that have to be made over the network for users that have already been authenticated successfully. A user can be authenticated against an existing cache entry (instead of via an LDAP server) as long as it is alive (see dbms.security.auth_cache_ttl). An important consequence of setting this to true is that Neo4j then needs to cache a hashed version of the credentials in order to perform credentials matching. This hashing is done using a cryptographic hash function together with a random salt. Preferably a conscious decision should be made if this method is considered acceptable by the security standards of the organization in which this Neo4j instance is deployed.

dbms.security.ldap.authentication.cache_enabled, a boolean

Enterprise onlyLDAP authentication mechanism. This is one of simple or a SASL mechanism supported by JNDI, for example DIGEST-MD5. simple is basic username and password authentication and SASL is used for more advanced mechanisms. See RFC 2251 LDAPv3 documentation for more details.

dbms.security.ldap.authentication.mechanism, a string

Enterprise onlyPerform authentication by searching for an unique attribute of a user. Using this setting requires dbms.security.ldap.authorization.system_username and dbms.security.ldap.authorization.system_password to be configured.

dbms.security.ldap.authentication.search_for_attribute, a boolean

Enterprise onlyLDAP user DN template. An LDAP object is referenced by its distinguished name (DN), and a user DN is an LDAP fully-qualified unique user identifier. This setting is used to generate an LDAP DN that conforms with the LDAP directory’s schema from the user principal that is submitted with the authentication token when logging in. The special token {0} is a placeholder where the user principal will be substituted into the DN string.

dbms.security.ldap.authentication.user_dn_template, a string which Must be a string containing '{0}' to understand where to insert the runtime authentication principal.

true

Enterprise onlyThe LDAP group to which a user must belong to get any access to the system.Set this to restrict access to a subset of LDAP users belonging to a particular group. If this is not set, any user to successfully authenticate via LDAP will have access to the PUBLIC role and any other roles assigned to them via dbms.security.ldap.authorization.group_to_role_mapping.

dbms.security.ldap.authorization.access_permitted_group, a string

true

Enterprise onlyA list of attribute names on a user object that contains groups to be used for mapping to roles when LDAP authorization is enabled. This setting is ignored when dbms.ldap_authorization_nested_groups_enabled is true.

dbms.security.ldap.authorization.group_membership_attributes, a ',' separated list with elements of type 'a string'. which Can not be empty

true

Enterprise onlyAn authorization mapping from LDAP group names to Neo4j role names. The map should be formatted as a semicolon separated list of key-value pairs, where the key is the LDAP group name and the value is a comma separated list of corresponding role names. For example: group1=role1;group2=role2;group3=role3,role4,role5 You could also use whitespaces and quotes around group names to make this mapping more readable, for example:

dbms.security.ldap.authorization.group_to_role_mapping, a string which must be semicolon separated list of key-value pairs or empty

true

Enterprise onlyThis setting determines whether multiple LDAP search results will be processed (as is required for the lookup of nested groups). If set to true then instead of using attributes on the user object to determine group membership (as specified by dbms.security.ldap.authorization.group_membership_attributes), the user object will only be used to determine the user’s Distinguished Name, which will subsequently be used with dbms.security.ldap.authorization.user_search_filter in order to perform a nested group search. The Distinguished Names of the resultant group search results will be used to determine roles.

dbms.security.ldap.authorization.nested_groups_enabled, a boolean

true

Enterprise onlyThe search template which will be used to find the nested groups which the user is a member of. The filter should contain the placeholder token {0} which will be substituted with the user’s Distinguished Name (which is found for the specified user principle using dbms.security.ldap.authorization.user_search_filter). The default value specifies Active Directory’s LDAP_MATCHING_RULE_IN_CHAIN (aka 1.2.840.113556.1.4.1941) implementation which will walk the ancestry of group membership for the specified user.

dbms.security.ldap.authorization.nested_groups_search_filter, a string

true

Enterprise onlyAn LDAP system account password to use for authorization searches when dbms.security.ldap.authorization.use_system_account is true.

dbms.security.ldap.authorization.system_password, a secure string

Enterprise onlyAn LDAP system account username to use for authorization searches when dbms.security.ldap.authorization.use_system_account is true. Note that the dbms.security.ldap.authentication.user_dn_template will not be applied to this username, so you may have to specify a full DN.

dbms.security.ldap.authorization.system_username, a string

Enterprise onlyPerform LDAP search for authorization info using a system account instead of the user’s own account. If this is set to false (default), the search for group membership will be performed directly after authentication using the LDAP context bound with the user’s own account. The mapped roles will be cached for the duration of dbms.security.auth_cache_ttl, and then expire, requiring re-authentication. To avoid frequently having to re-authenticate sessions you may want to set a relatively long auth cache expiration time together with this option. NOTE: This option will only work if the users are permitted to search for their own group membership attributes in the directory. If this is set to true, the search will be performed using a special system account user with read access to all the users in the directory. You need to specify the username and password using the settings dbms.security.ldap.authorization.system_username and dbms.security.ldap.authorization.system_password with this option. Note that this account only needs read access to the relevant parts of the LDAP directory and does not need to have access rights to Neo4j, or any other systems.

dbms.security.ldap.authorization.use_system_account, a boolean

Enterprise onlyThe name of the base object or named context to search for user objects when LDAP authorization is enabled. A common case is that this matches the last part of dbms.security.ldap.authentication.user_dn_template.

dbms.security.ldap.authorization.user_search_base, a string which Can not be empty

true

Enterprise onlyThe LDAP search filter to search for a user principal when LDAP authorization is enabled. The filter should contain the placeholder token {0} which will be substituted for the user principal.

dbms.security.ldap.authorization.user_search_filter, a string

true

Enterprise onlyThe timeout for establishing an LDAP connection. If a connection with the LDAP server cannot be established within the given time the attempt is aborted. A value of 0 means to use the network protocol’s (i.e., TCP’s) timeout value.

dbms.security.ldap.connection_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyURL of LDAP server to use for authentication and authorization. The format of the setting is <protocol>://<hostname>:<port>, where hostname is the only required field. The supported values for protocol are ldap (default) and ldaps. The default port for ldap is 389 and for ldaps 636. For example: ldaps://ldap.example.com:10389. You may want to consider using STARTTLS (dbms.security.ldap.use_starttls) instead of LDAPS for secure connections, in which case the correct protocol is ldap.

dbms.security.ldap.host, a string

Enterprise onlyThe timeout for an LDAP read request (i.e. search). If the LDAP server does not respond within the given time the request will be aborted. A value of 0 means wait for a response indefinitely.

dbms.security.ldap.read_timeout, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Enterprise onlyThe LDAP referral behavior when creating a connection. This is one of follow, ignore or throw. * follow automatically follows any referrals * ignore ignores any referrals * throw throws an exception, which will lead to authentication failure.

dbms.security.ldap.referral, a string

Enterprise onlyUse secure communication with the LDAP server using opportunistic TLS. First an initial insecure connection will be made with the LDAP server, and a STARTTLS command will be issued to negotiate an upgrade of the connection to TLS before initiating authentication.

dbms.security.ldap.use_starttls, a boolean

Enterprise onlySet to log successful authentication events to the security log. If this is set to false only failed authentication events will be logged, which could be useful if you find that the successful events spam the logs too much, and you do not require full auditing capability.

dbms.security.log_successful_authentication, a boolean

Enterprise onlyExpected values of the Audience (aud) claim in the id token.

dbms.security.oidc.<provider>.audience, a ',' separated list with elements of type 'a string'. which Can not be empty

true

Enterprise onlyThe OIDC authorization endpoint. If this is not supplied Neo4j will attempt to discover it from the well_known_discovery_uri.

dbms.security.oidc.<provider>.auth_endpoint, a URI

true

Enterprise onlyThe OIDC flow to use. This is exposed to clients via the discovery endpoint. Supported values are pkce and implicit

dbms.security.oidc.<provider>.auth_flow, one of [PKCE, IMPLICIT]

true

Enterprise onlyOptional additional parameters that the auth endpoint requires. Please use params instead. The map is a semicolon separated list of key-value pairs. For example: k1=v1;k2=v2.

dbms.security.oidc.<provider>.auth_params, A simple key value map pattern k1=v1;k2=v2.

true

The dbms.security.oidc.<provider>.auth_params configuration setting has been deprecated.

Enterprise onlyAn authorization mapping from IdP group names to Neo4j role names. The map should be formatted as a semicolon separated list of key-value pairs, where the key is the IdP group name and the value is a comma separated list of corresponding role names. For example: group1=role1;group2=role2;group3=role3,role4,role5 You could also use whitespaces and quotes around group names to make this mapping more readable, for example:

dbms.security.oidc.<provider>.authorization.group_to_role_mapping, a string which must be semicolon separated list of key-value pairs or empty

true

Enterprise onlyThe claim to use as the list of groups in Neo4j. These could be Neo4J roles directly, or can be mapped using dbms.security.oidc.<provider>.authorization.group_to_role_mapping.

dbms.security.oidc.<provider>.claims.groups, a string

true

Enterprise onlyThe claim to use as the username in Neo4j. This would typically be sub, but in some situations it may be be desirable to use something else such as email.

dbms.security.oidc.<provider>.claims.username, a string

true

Enterprise onlyClient id needed if token contains multiple Audience (aud) claims.

dbms.security.oidc.<provider>.client_id, a string

true

Enterprise onlyThe accepted values (all optional) are:

dbms.security.oidc.<provider>.config, A simple key value map pattern k1=v1;k2=v2. Valid key options are: [implicit_flow_requires_nonce, token_type_authentication, token_type_principal, principal, code_challenge_method].

true

When set to true, it logs the claims from the JWT. This will only take effect when the security log level is set to DEBUG.
WARNING: It is strongly advised that this is set to false when running in a production environment in order to prevent logging of sensitive information. Also note that the contents of the JWT claims set can change over time because they are dependent entirely upon the ID provider.

dbms.security.logs.oidc.jwt_claims_at_debug_level_enabled, a boolean

Enterprise onlyThe user-facing name of the provider as provided by the discovery endpoint to clients (Bloom, Browser etc.).

dbms.security.oidc.<provider>.display_name, a string

Enterprise onlyWhen turned on, Neo4j gets the groups from the provider user info endpoint.

dbms.security.oidc.<provider>.get_groups_from_user_info, a boolean

true

Enterprise onlyWhen turned on, Neo4j gets the username from the provider user info endpoint.

dbms.security.oidc.<provider>.get_username_from_user_info, a boolean

true

Enterprise onlyThe expected value of the iss claim in the id token. If this is not supplied Neo4j will attempt to discover it from the well_known_discovery_uri.

dbms.security.oidc.<provider>.issuer, a string

true

Enterprise onlyThe location of the JWK public key set for the identity provider. If this is not supplied Neo4j will attempt to discover it from the well_known_discovery_uri.

dbms.security.oidc.<provider>.jwks_uri, a URI

true

Enterprise onlyThe map is a semicolon separated list of key-value pairs. For example: k1=v1;k2=v2. The user should at least provide:

For example: client_id=my-client-id;response_type=code;scope=openid profile email.

dbms.security.oidc.<provider>.params, A simple key value map pattern k1=v1;k2=v2. Required key options are: [scope, client_id, response_type].

true

Enterprise onlyThe OIDC token endpoint. If this is not supplied Neo4j will attempt to discover it from the well_known_discovery_uri.

dbms.security.oidc.<provider>.token_endpoint, a URI

true

Enterprise onlyOptional query parameters that the token endpoint requires. The map is a semicolon separated list of key-value pairs. For example: k1=v1;k2=v2.If the token endpoint requires a client_secret then this parameter should contain client_secret=super-secret

dbms.security.oidc.<provider>.token_params, A simple key value map pattern k1=v1;k2=v2.

true

Enterprise onlyThe identity providers user info uri.

dbms.security.oidc.<provider>.user_info_uri, a URI

true

Enterprise onlyThe 'well known' OpenID Connect Discovery endpoint used to fetch identity provider settings. If not provided, issuer, jwks_uri, auth_endpoint should be present. If the auth_flow is pkce, token_endpoint should also be provided.

dbms.security.oidc.<provider>.well_known_discovery_uri, a URI

true

A list of procedures (comma separated) that are to be loaded. The list may contain both fully-qualified procedure names, and partial names with the wildcard '*'. If this setting is left empty no procedures will be loaded.

dbms.security.procedures.allowlist, a ',' separated list with elements of type 'a string'.

A list of procedures and user defined functions (comma separated) that are allowed full access to the database. The list may contain both fully-qualified procedure names, and partial names with the wildcard '*'. Note that this enables these procedures to bypass security. Use with caution.

dbms.security.procedures.unrestricted, a ',' separated list with elements of type 'a string'.

Enterprise onlyName of the initial database allocator. After the creation of the dbms it can be set with the 'dbms.setDatabaseAllocator' procedure.

initial.dbms.database_allocator, a string

Name of the default database (aliases are not supported).

initial.dbms.default_database, A valid database name containing only alphabetic characters, numbers, dots and dashes with a length between 3 and 63 characters, starting with an alphabetic character but not with the name 'system'

Enterprise onlyInitial default number of primary instances of user databases. If the user does not specify the number of primaries in 'CREATE DATABASE', this value will be used, unless it is overwritten with the 'dbms.setDefaultAllocationNumbers' procedure.

initial.dbms.default_primaries_count, an integer which is minimum 1 and is maximum 11. The same value applies to runtime max number.

Enterprise onlyInitial default number of secondary instances of user databases. If the user does not specify the number of secondaries in 'CREATE DATABASE', this value will be used, unless it is overwritten with the 'dbms.setDefaultAllocationNumbers' procedure.

initial.dbms.default_secondaries_count, an integer which is minimum 0 and is maximum 20. The same value applies to runtime max number.

Enterprise onlyThe names of databases that are allowed on this server - all others are denied. Empty means all are allowed. Can be overridden when enabling the server, or altered at runtime, without changing this setting. Exclusive with 'server.initial_denied_databases'

initial.server.allowed_databases, a ',' separated set with elements of type 'a string'.

Enterprise onlyThe names of databases that are not allowed on this server. Empty means nothing is denied. Can be overridden when enabling the server, or altered at runtime, without changing this setting. Exclusive with 'server.initial_allowed_databases'

initial.server.denied_databases, a ',' separated set with elements of type 'a string'.

Enterprise onlyAn instance can restrict itself to allow databases to be hosted only as primaries or secondaries. This setting is the default input for the ENABLE SERVER command - the user can overwrite it when executing the procedure.

initial.server.mode_constraint, one of [PRIMARY, SECONDARY, NONE]

Enterprise onlyEnable support for running online backups.

server.backup.enabled, a boolean

Enterprise onlyNetwork interface and port for the backup server to listen on.

server.backup.listen_address, a socket address in the format 'hostname:port', 'hostname' or ':port'

Enterprise onlyMaximum retry time per request during store copy. Regular store files and indexes are downloaded in separate requests during store copy. This configures the maximum time failed requests are allowed to resend.

server.backup.store_copy_max_retry_time_per_request, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)

Advertised address for this connector.

server.bolt.advertised_address, a socket address in the format 'hostname:port', 'hostname' or ':port' which accessible address. If missing port or hostname it is acquired from server.default_advertised_address

The maximum time to wait before sending a NOOP on connections waiting for responses from active ongoing queries.The minimum value is 1 millisecond.

server.bolt.connection_keep_alive, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s) which is minimum 1ms

The type of messages to enable keep-alive messages for (ALL, STREAMING or OFF)

server.bolt.connection_keep_alive_for_requests, one of [ALL, STREAMING, OFF]

The total amount of probes to be missed before a connection is considered stale.The minimum for this value is 1.

server.bolt.connection_keep_alive_probes, an integer which is minimum 1

The interval between every scheduled keep-alive check on all connections with active queries. Zero duration turns off keep-alive service.

server.bolt.connection_keep_alive_streaming_scheduling_interval, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s) which is minimum 0s

Enable the bolt connector.

server.bolt.enabled, a boolean

Address the connector should bind to.

server.bolt.listen_address, a socket address in the format 'hostname:port', 'hostname' or ':port'. If missing port or hostname it is acquired from server.default_listen_address

Enable server OCSP stapling for bolt and http connectors.

server.bolt.ocsp_stapling_enabled, a boolean

The maximum time an idle thread in the thread pool bound to this connector will wait for new tasks.

server.bolt.thread_pool_keep_alive, a duration (Valid units are: ns, μs, ms, s, m, h and d; default unit is s)