Generally settings are created for administrators or editors to let them customize the behavior of a certain feature. Settings are stored as content in the Content Repository. The advantage of this is that changing a setting does not involve site restart and you can manage values in one central place instead of synchronizing them across web servers.

Setup dashboard

As settings are simple text files, they can be edited in the admin surface's text editor. When you modify a settings file, the framework takes care of refreshing the values in the cache, so your features will automatically get the new values.


All settings related to the surface and behavior of the web application can be found here, from the cache header settings of different file types to the default content type of uploaded images and the allowed origin values.


The ClientCacheHeaders setting is a list of rules that define the MaxAge value for a set of content. Each rule must contain at least one of the following conditions:

  • ContentType: specific content type name
  • Path: path of a subtree
  • Extension: image or source file extension (e.g. jpg, css)
"ClientCacheHeaders": [
"ContentType": "PreviewImage",
"MaxAge": 1
"Extension": "jpeg",
"MaxAge": 604800
"Path": "/Root/Content/demoavatars",
"MaxAge": 600


You can set the MaxAge value for all binaries requested through binaryhandler.ashx. The value must be provided in seconds.


You cat set per extension what type of content should be created when a file is uploaded. It is also possible to set a default one with the DefaultContentType option.

"UploadFileExtensions": {
"jpg": "Image",
"jpeg": "Image",
"gif": "Image",
"png": "Image",
"bmp": "Image",
"svg": "Image",
"svgz": "Image",
"tif": "Image",
"tiff": "Image",
"xaml": "WorkflowDefinition",
"DefaultContentType": "File"


It is a whitelist that contains the trusted 3rd party domains that may send CORS requests to the portal. If a CORS request arrives with an origin that is in this whitelist, the request will execute - otherwise the client will receive a Forbidden status code.

"AllowedOriginDomains": [


If you need to, you may customize the list of allowed methods (http verbs) on your sensenet instance. If something is missing from the default list, or you want to restrict the allowed request methods for security reasons, you can do so by providing the following line in the setting.

"AllowedMethods": [ "GET", "POST", "PATCH", "DELETE", "MERGE", "PUT" ]


You can also customize the list of allowed http headers for CORS requests (for example add your custom headers).

"AllowedHeaders": [ "X-Authentication-Type",
"X-Refresh-Data", "X-Access-Data",
"X-Requested-With", "Authorization", "Content-Type" ]


When users register or login using one of the configured OAuth providers (like Google or Facebook), these settings control the type and place of the newly created users as content items in the repository.

UserTypestringName of the ContentType with which the user should be created.
DomainstringName of the Domain where the user should be created.


In this section you can customize the behavior of the Document Preview feature – for example the font style of the watermark displayed on documents or the number of the initially generated preview images.

MaxPreviewCountnumberThe number of preview images to generate in one round.
WatermarkEnabledbooleanThis is a master switch for the watermark feature.
WatermarkTextstringYou may provide a watermark text here.
WatermarkFontstringName of the watermark font.
WatermarkFontSizenumberFont size of the text.
WatermarkBoldbooleanYou can set the text to bold.
WatermarkBoldbooleanYou can set the text to italic.
WatermarkColorstringPlain text (e.g. Blue) or color code (e.g. #123456).
WatermarkOpacitynumberOpacity of the text
WatermarkPositionBottomLeftToUpperRight, UpperLeftToBottomRight, Top, Bottom, CenterWatermark text orientation.


To open or edit Office documents in the browser, the system needs to know the address of the Office Online Server that provides the user interface for the feature. In this section you can configure that and other OOS-related settings.

OfficeOnlineUrlstringUrl of the Office Online Server


In this section you can customize the indexing behavior (for example the text extractor used in case of different file types) of the system.


To add a new text extractor or override an existing one you will need to configure the file type and the extractor class.

"TextExtractors": {
"pdf": "MyNamespace.PdfTextExtractor",
"docx": "MyNamespace.DocxTextExtractor"


You can switch ON or OFF notifications or customize the notification emails here.

NotificationEnabledbooleanSwitch notifications ON or OFF.
NotificationSenderstringSender's email address in notification emails.
NotificationMailSubjectKeystringSubject of the notification emails.
NotificationMailBodyKeystringBody of the notification email.