Install and build
Learn how to install and build Hoppscotch Enterprise Edition.
DATA_ENCRYPTION_KEY
, which accepts a 32 character alphanumeric string. Please make sure to update your .env
file with the latest changes while setting up Hoppscotch. Configuring the environment
Before you get started with the installation, you need to configure the environment variables.
Copy the contents of the .env.example
file found in the root directory of the cloned repository to .env
and add your values for the environment variables.
Let’s understand the major environment variables:
ENTERPRISE_LICENSE_KEY
: The license key required to use Hoppscotch Enterprise.DATABASE_URL
: This is where you add your Postgres database URL.HOPP_AIO_ALTERNATE_PORT
: This is an optional variable that lets you specify an alternate port for the AIO container’s endpoint when operating in subpath access mode. By default, this endpoint is exposed on port 80.HORIZONTAL_SCALING
: Set to true to enable horizontal scaling, which uses Redis for managing pub-sub and state across instances.TOKEN_SALT_COMPLEXITY
: Defines the complexity of the SALT that is used for hashing - a higher number implies a more complex salt.MAGIC_LINK_TOKEN_VALIDITY
: Duration of the validity of the magic link being sent to sign in to Hoppscotch (in days).REFRESH_TOKEN_VALIDITY
: Validity of the refresh token for auth (in ms).ACCESS_TOKEN_VALIDITY
: Validity of the access token for auth (in ms).JWT_SECRET
,SESSION_SECRET
: Secret Keys for security purposes.ALLOW_SECURE_COOKIES
: If disabled users will be able to use Hoppscotch over HTTP connections as well. It is recommended that this be left enabled as some auth providers may not work if this value is set to true.DATA_ENCRYPTION_KEY
: A 32-character key used for encrypting sensitive data stored in the database.REDIRECT_URL
: This is a fallback URL to debug when the actual redirects fail.WHITELISTED_ORIGINS
: URLs of Hoppscotch backend, admin dashboard, and the frontend app.VITE_ALLOWED_AUTH_PROVIDERS
: Allows you to specify which auth providers you want to enable.MAILER_SMTP_ENABLE
: Enables the SMTP mailer configuration.MAILER_USE_CUSTOM_CONFIGS
: When custom mailer configurations are used.MAILER_SMTP_URL
: The SMTP URL for email delivery.MAILER_ADDRESS_FROM
: The email address that you would be using.MAILER_SMTP_HOST
: The SMTP host.MAILER_SMTP_PORT
: The port to connect to the SMTP server.MAILER_SMTP_USER
: The SMTP user or email for authentication.MAILER_SMTP_PASSWORD
: Provide the password set for the SMTP user.RATE_LIMIT_TTL
: The time it takes to refresh the maximum number of requests being received.RATE_LIMIT_MAX
: The maximum number of requests that Hoppscotch can handle underRATE_LIMIT_TTL
.VITE_BASE_URL
: This is the URL where your deployment will be accessible from.VITE_SHORTCODE_BASE_URL
: A URL to generate shortcodes for sharing, can be the same asVITE_BASE_URL
.VITE_BACKEND_GQL_URL
: The URL for GraphQL within the instance.VITE_BACKEND_WS_URL
: The URL for WebSockets within the instance.VITE_BACKEND_API_URL
: The URL for REST APIs within the instance.VITE_APP_TOS_LINK
andVITE_APP_PRIVACY_POLICY_LINK
are optional and are used to configure the links to the Terms & Conditions and Privacy Policy.
Third-party auth configs have to be obtained from the respective providers. You can choose and configure the auth providers by following the configuring OAuth guide.
Docker
Once the environment variables are configured, you may proceed to the next step of setting up the Hoppscotch instance. Currently, there are two ways to set up Hoppscotch:
-
Using individual containers for the services
-
Using the AIO container
-
Before proceeding further, ensure that you have a running instance of Postgres.
Using individual containers for the services
To self-host Hoppscotch Enterprise Edition, you will need the following services running via Docker:
- Hoppscotch enterprise frontend
- Hoppscotch enterprise backend
- Hoppscotch enterprise admin dashboard
Pull the containers from DockerHub with the following command:
After pulling the containers, start Hoppscotch by running all three services:
- Ensure that the environment variables are configured in the
.env
file and the restart policy is mentioned.
Open admin dashboard or PORT 3100
in the browser to setup and access the Hoppscotch instance.
Using the AIO container
The All-In-One (AIO) container is a single container that provides all the services required to run Hoppscotch.
Pull the container from DockerHub with the following command:
After pulling the container, start Hoppscotch by running the container:
- Ensure that the environment variables are configured in the
.env
file and the restart policy is mentioned.
Open admin dashboard or PORT 3100
in the browser to setup and access the Hoppscotch instance.
Subpath Based Access
To enable subpath based access the following .env
variable must be set to true, it is set to false by default.
When set to true the following is the expected behavior:
Using individual containers for the services
When using the individual containers it is up to the users to configure a reverse proxy to allow requests made to a specific route to be rerouted to the relevant containers.
Using the AIO container
When using AIO, when subpath access is set to true the services can be accessed from the following routes
Service | Route |
---|---|
Hoppscotch App | / |
Hoppscotch Admin App | /admin |
Hoppscotch Backend | /backend |
By default, the AIO container exposes the app on port 80. This can cause conflicts if you’re running on a host system where
port 80 is privileged, such as with Rootless Docker, Podman, or hardened environments like OpenShift. If you experience issues on these setups, try setting HOPP_AIO_ALTERNATE_PORT
to bind the app to a non-privileged port.
Migrations
Once the instance of Hoppscotch is up, you need to run migrations on the database to ensure that it has the relevant tables. Depending on how Hoppscotch was set up, the method to run the migrations changes.
Using individual containers for the services
Run the following command to copy the ID of the backend container:
Using the AIO container
Run the following command to copy the ID of the AIO container:
Running migrations
Once the respective container ID is copied, execute the following command to open an interactive shell within the AIO container to execute the migration command:
Once inside the container, run the migration using:
Should the user ever encounter the following error:
It means the user is trying to start the backend (or AIO) service before the database has all the relevant tables in it. In order to run the migration to populate the database run the following command.
Making sure to pass in the .env
file containing the right .env
variables for the instance. On executing the aforementioned command will result in a shell being opened inside a instance of the container following which user can execute a database migration normally with
Once the database has been successfully run and the database populated with tables the backend containers ( or AIO container) can be started normally.
Note: If user is using docker compose
to run the services the following command can be used to open a shell inside the backend (or AIO) service.
ClickHouse setup
To start saving the audit logs into ClickHouse, first you need to create the relevant databases with the relevant tables in them. Follow the following instructions to set up ClickHouse to start saving logs:
-
Ensure that all the relevant containers are running.
-
Run the following command to get the ID of the ClickHouse container:
-
Once the ClickHouse container is also running, open an interactive bash into it using the
clickhouse-client
: -
Once inside the container, execute the following SQL commands:
SAML Configuration
When you use SAML authentication, by default Hoppscotch only pulls the email of the user as the platform uses it as the unique identifier to verify the user.
Starting from v2024.9.2
onwards, Hoppscotch Enterprise Edition instances support pulling the following attributes from the SAML response to fill in additional user details:
displayName
: The name of the user which is displayed within the Hoppscotch platform.photoURL
: The URL where to find the user’s profile picture. Do not set this attribute if a profile picture doesn’t exist.isAdmin
(optional): A boolean attribute (true or false) that automatically assigns the Admin role to users who belong to a designated group in the configured Identity Provider (e.g., Okta).
isAdmin
attribute is evaluated only during the user’s first login or signup. Subsequent logins or signups will not re-evaluate this flag. Name | Name Format | Value |
---|---|---|
displayName | Basic | user.displayName |
photoURL | Basic | user.profileURL |
isAdmin | Basic | isMemberOfGroupName(“Hoppscotch Admins”) ? “true” : “false” |
You have to configure your SAML IdP (Identity Provider) to include these attributes exactly in the response. For example, for Okta, you can follow this guide to configure the attributes.
Was this page helpful?