App Settings

The App Settings section allows administrators to configure global behavior, branding, integrations, and operational preferences for the Secryn deployment.

These settings apply to the entire instance and affect all projects and vaults.

Only users with the Admin role can access and modify App Settings.

Overview

App Settings includes:

• Company Branding
• Email (SMTP) Configuration
• Social Login Providers
• Theme Customization (ShadCN)
• Export / Import Configuration
• System-Level Preferences

All changes are applied immediately after saving and may affect authentication, notifications, or UI appearance.

Company Branding

The Company Name is displayed throughout the application and is used in:

• Navigation headers
• Emails and notifications
• Footer metadata
• About modal

Updating the company name immediately reflects across the platform.

ShadCN Theme Customizer

Secryn allows administrators to apply a custom ShadCN theme configuration using a JSON blob.

This enables:

• Custom color palettes
• Border radius adjustments
• Accent styling
• Component theme overrides

To generate a compatible theme JSON, use the Shadcn Studio Theme Generator: https://shadcnstudio.com/theme-generator

You can:

• Paste a theme configuration
• Preview changes
• Reset to default
• Save and apply globally

Theme updates affect the entire UI and are applied instantly after saving.

Email Settings (SMTP)

Secryn uses SMTP for:

• Expiration notifications
• Digest emails
• User-related system notifications
• Auth-related emails

You can configure:

• Mail Host
• Port
• Encryption (None / TLS / SSL)
• Username
• Password
• From Address
• From Name
• Test Connection

Before saving, you can send a test email to verify that SMTP is configured correctly.

If email notifications are enabled for users, system-generated emails will respect their notification preferences (except authentication-related emails, which are always sent).

Social Login Credentials

Secryn supports OAuth authentication providers.

You can configure:

• Google
• GitHub
• Twitter (X)
• Apple

Each provider requires:

• Client ID
• Client Secret
• Callback URL configuration

Social login is optional. If not configured, only local authentication will be available.

Export / Import

Secryn supports exporting and importing App Settings as JSON. This is useful for:

• Promoting configuration between environments (dev -> staging -> production)
• Backing up instance configuration
• Standardizing settings across multiple deployments

Export Settings

From the Export section, you can download a JSON representation of the current App Settings.

By default:

• Secrets remain masked in the exported JSON.
• Sensitive values are not included unless explicitly requested.

This allows safe sharing of configuration structure without exposing credentials.

Include Secrets (Optional)

You may enable Include secrets during export.

When enabled:

• Sensitive values (such as SMTP passwords or OAuth secrets) are included in the JSON.
• These values will be visible in the export file.

Exports containing secrets should be treated as highly sensitive and stored securely.

Import Settings

The Import section allows you to paste a JSON payload and apply it to the current deployment.

When importing:

• Non-sensitive configuration (company name, theme settings, provider metadata) is applied directly.
• Secret values are only applied if explicitly included.

Secret Handling During Import

If the imported JSON contains masked placeholders instead of real secret values:

• Secryn will ignore them.
• Existing stored secrets will remain unchanged.

This prevents accidental overwrites when importing configuration that was exported without secrets.

A warning banner is displayed to remind administrators to verify secret data before importing.

Audit & Security

Changes to App Settings are considered privileged operations.

Best practices:

• Restrict access to Admin users only.
• Store exported JSON files securely.
• Avoid sharing exports that contain secrets.
• Review Audit Logs after major configuration changes.

All App Settings modifications should be traceable via logs.

Best Practices

• Configure SMTP before enabling expiration notifications.
• Use environment-specific exports rather than manually duplicating configuration.
• Test OAuth providers after configuration.
• Always verify imports in non-production environments before applying to production.

App Settings provides centralized control over how Secryn behaves and presents itself across your deployment. Proper configuration ensures secure operation, consistent branding, and reliable notifications.