Set up app configuration

  • Updated on Mar 20, 2026
  • Published on Feb 4, 2026
  • 5 minute(s) read
Prev Next

Set up an app configuration. Create the App Configuration and in the App Configuration set the required key values.

Copy the connection string of the App Configuration from the Access keys page and save it somewhere. Usually, you use the connection string of the primary key. You need the connection string to connect the App Service to the App Configuration, in the configuration of the App Service.

For more information, refer to About Azure App Configuration.

Key values

To add the key values to the App Configuration, download the Default AS2 App Configuration and extract it.

The default AS2 web app name prefix for the keys is 'AS2WEBAPP'. If you want to use another prefix, you can change it. To do so, before you import the key values, edit the 'DefaultAS2AppConfiguration.json' file in a text editor.

Note

You define the AS2 web app name in the App Service settings (ApplicationSetup:ApplicationId). For consistency purposes, you are advised to use the same name for the App Service and the AS2 web app name.

  • When you edit the 'DefaultAS2AppConfiguration.json' file, you can also set the key values. However, do not set the values for these keys in the file:

    • AS2WEBAPP:As2Setup:OwnedPrivateKey

    • AS2WEBAPP:As2Setup:PartnerPublicKey

    • AS2WEBAPP:Storage:Key

When you have finished editing the JSON file, import the 'DefaultAS2AppConfiguration.json' file to your App Configuration. For more information, refer to Import data from a configuration file.

In the App Configuration, you can edit the values of the imported keys with the Configuration explorer. To do so:

  • For most of the keys, you can use the Edit option.

  • For these keys, use the Add Key Vault reference option:

    • AS2WEBAPP:As2Setup:OwnedPrivateKey

    • AS2WEBAPP:As2Setup:PartnerPublicKey

    • AS2WEBAPP:Storage:Key

The key configuration that is required for the AS2 web app is:

Key

Allowed values

Required

Default value

Description

AS2WEBAPP:As2Setup:CompressData

True/False

No

False

Indicate if data must be compressed before it is sent to the web server of the EDI partner.

AS2WEBAPP:As2Setup:EncryptData

True/False

No

False

Indicate if data must be encrypted before is sent to the web server of the EDI partner.

AS2WEBAPP:As2Setup:FromPartner

-

Yes

-

Enter a name that represents your EDI partner. For example, the EDI partner company name.

This name is added to (outbound) or read from (inbound) the request header. 

AS2WEBAPP:As2Setup:OwnedPrivateKey

Key vault reference

Yes

-

Add the private key of the certificate that you generated for the Key Vault.

Note

Use the Add Key Vault reference option in the Configuration explorer of the App Configuration. So, do not set this value in the JSON file.

AS2WEBAPP:As2Setup:PartnerPublicKey

Key vault reference

Yes

-

Add the Key Vault secret that holds the public key that you received from your EDI partner.

Note

Use the Add Key Vault reference option in the Configuration explorer of the App Configuration. So, do not set this value in the JSON file.

AS2WEBAPP:As2Setup:SignAlgorithm

Valid signing algorithm. For example: SHA1

No

SHA1

Enter a valid algorithm that the AS2 web app uses to sign (outbound) or verify (inbound) EDI messages.

Usually, the SHA1 algorithm is used.

AS2WEBAPP:As2Setup:RecipientAlgorithm

See description

No

-

Define the desired encryption algorithm for the AS2 web app. These encryption algorithms are supported:

  • Aes128: The AES 128-bit encryption algorithm.

  • Aes192: The AES 192-bit encryption algorithm.

  • Aes256: The AES 256-bit encryption algorithm.

  • Camellia128: The Camellia 128-bit encryption algorithm.

  • Camellia192: The Camellia 192-bit encryption algorithm.

  • Camellia256: The Camellia 256-bit encryption algorithm.

  • Cast5: The Cast-5 128-bit encryption algorithm.

  • Des: The DES 56-bit encryption algorithm.

  • TripleDes: The Triple-DES encryption algorithm.

  • Idea: The IDEA 128-bit encryption algorithm.

  • Blowfish: The Blowfish encryption algorithm.

  • Twofish: The Twofish encryption algorithm.

  • RC240: The RC2 40-bit encryption algorithm (S/MIME only).

  • RC264: The RC2 64-bit encryption algorithm (S/MIME only).

  • RC2128: The RC2 128-bit encryption algorithm (S/MIME only).

  • Seed: The SEED 128-bit encryption algorithm (S/MIME only).

AS2WEBAPP:As2Setup:SignData

True/False

No

False

Indicate if data must be signed before it is sent to the EDI partner.

AS2WEBAPP:As2Setup:ToPartner

-

Yes

-

Enter a name that represents your company. For example, the company name.

This name is added to (outbound) or read from (inbound) the request header. 

AS2WEBAPP:As2Setup:CertificatePassword

-

No

-

Only enter the certificate password if you have created your certificate outside the Azure portal and imported the certificate to the Key Vault. To access such a certificate, a password is required.

AS2WEBAPP:As2Setup:CertificateExpiryWarningDays

-

No

30

The certificate and secrets in the Key Vault can have an expiration date set. You can define how many days before the expiration date a warning is shown on the configuration page of the AS2 web app.

AS2WEBAPP:RequestHeaders:AS2Version

For example: 1.0.0.15

Yes

1.0.0.15

For informational purposes only, you can enter the version number of the AS2 web app.

The version number is added to the request header that is sent to the EDI partner.

AS2WEBAPP:RequestHeaders:ContentTransferEncoding

Binary or no value

No

Binary

If set, the body of the message is encoded, for example, as as binary. If not set, the body is not encoded and sent as plain text.

The encoding setting is added to the request header that is sent to the EDI partner.

AS2WEBAPP:RequestHeaders:DispositionNotificationOptions

-

Yes

signed-receipt-protocol=optional,pkcs7-signature;signed-receipt-micalg=optional,sha1

Define the MDN reply options.

The MDN reply options are added to the request header that is sent to the EDI partner.

AS2WEBAPP:RequestHeaders:DispositionNotificationTo

-

Yes

-

Define where the MDN reply must be sent to.

The MDN reply recipient is added to the request header that is sent to the EDI partner.

AS2WEBAPP:RequestHeaders:Endpoint

-

Yes

-

Enter the URL of the web server of the EDI partner to which data is sent.

Note

This endpoint is provided by your EDI partner.

AS2WEBAPP:RequestHeaders:MDNCheckResponse

No, Yes, Signed

No

No

An MDN (Message Disposition Notification) is a digitally signed receipt that acknowledges the successful receipt of an AS2 message. The AS2 web app supports MDN validation and signing.

How to check the MDN response:

  • No: No check.

  • Yes: Check MDN.

  • Signed: Check MDN and MDN must be Signed.

AS2WEBAPP:RequestHeaders:MDNHashAlgorithmName

SHA1, SHA256, etc.

No

SHA1

The Hash algorithm used to create the MIC hash key.

AS2WEBAPP:RequestHeaders:MDNResponseRequireSigning

False, True

No

True

If you select:

  • True, a signed MDN response is sent.

  • False, the MDN response is not signed.

AS2WEBAPP:RequestHeaders:MDNResponseIncludeHeader

False, True

No

False

If you select:

  • True, the header information and content is included in the MDN response hash.

  • False, only the content is included in the MDN response hash.

AS2WEBAPP:Storage:Account

-

Yes

-

Enter the name of the Azure Storage account where the AS2 web app must store the EDI message files.

Note

This only applies to the AS2 inbound process.

AS2WEBAPP:Storage:Directory

-

Yes

-

Enter the Azure Storage account directory where the AS2 web app must store the EDI message files.

Note

This only applies to the AS2 inbound process.

AS2WEBAPP:Storage:FileExtension

For example: xml

Yes

xml

Enter the extension of the files that are created by the AS2 web app and stored in the defined Azure storage account.

Note

This only applies to the AS2 inbound process.

AS2WEBAPP:Storage:Key

Key vault reference

Yes

-

Add the Key Vault secret that holds the access key of the Azure Storage account where the AS2 web app must store the EDI message files.

Note

  • Use the Add Key Vault reference option in the Configuration explorer of the App Configuration. So, do not set this value in the JSON file.

  • This only applies to the AS2 inbound process.

AS2WEBAPP:Storage:Share

-

Yes

-

The file share of the Azure Storage account in which the created EDI message files are stored by the AS2 web app. In the AS2 documentation, this file share is referred to as the 'general storage location'.

Note

This only applies to the AS2 inbound process.


Related articles