---
title: Specifying custom configuration with an options file
description: You can configure the Policy Editor by editing and implementing the options file.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_specify_custom_config_opts_file
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_specify_custom_config_opts_file.html
revdate: May 22, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
---

# Specifying custom configuration with an options file

You can configure the Policy Editor by editing and implementing the options file.

## About this task

You must run `setup` in non-interactive command-line mode instead of interactive mode if you need to do any of the following:

* Configure the Policy Editor with a policy configuration key. A policy configuration key is an arbitrary key-value pair that can be referenced by name in the policy Trust Framework. This allows the policy trust store to be defined without hard-coding environment-specific data, such as host names and credentials in the trust store.

* Configure a key store for a policy information provider. This defines a client certificate that the policy engine can use for MTLS connections to a policy information provider.

* Configure a trust store for a policy information provider. This defines the set of certificates or root certificates that the policy engine uses to determine whether it trusts the server certificate presented by a policy information provider.

* Customize the Policy Editor's logging behavior.

* Configure private JSON Web Token (JWT) claims. This allows an organization to convey specific claims about an identity.

|   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|   | If the server detects existing configuration files when running the `setup` tool, the setup process terminates. To re-configure the server, you must either:* Delete the existing configuration files and run `setup` again.

* Use the `--ignoreWarnings` option with the `setup` tool to overwrite the existing `configuration.yml` file, delete the administrator key store, and, if you also use the `--generateSelfSignedCertificate` option, overwrite the server certificate file.To reconfigure the server while preserving the values in `configuration.yml` or any certificate key stores, back up the `configuration.yml` and key stores before re-running `setup`. |

## Steps

1. Make a copy of the default options file provided at `config/options.yml` and customize the copy to suit your needs.

   The `setup` tool supports configuring these options through the use of a YAML options file.

   |   |                                                                                                                                                                                                          |
   | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
   |   | When you customize your options file, do not remove or alter the logging section. For guidance about customizing logging behavior, contact [Ping Identity Support](https://support.pingidentity.com/s/). |

2. Configure the Policy Editor with an options file:

   1. Stop the Policy Editor:

      ```shell
      $ bin/stop-server
      ```

   2. Run the `setup` tool.

   3. Provide the options file using the `--optionsFile` argument.

      For example, the following `setup` command configures a Policy Editor in demo mode using an options file named `my-options.yml`:

      ```shell
      $ bin/setup demo \
        --adminUsername admin \
        --generateSelfSignedCertificate \
        --decisionPointSharedSecret pingauthorize \
        --hostname <pap-hostname> \
        --port <pap-port> \
        --adminPort  <admin-port>  \
        --licenseKeyFile <path-to-license> \
        --optionsFile my-options.yml
      ```

3. Start the Policy Editor:

   ```shell
   $ bin/start-server
   ```