Payload is a config-based, code-first CMS and application framework. The Payload config is central to everything that Payload does. It scaffolds the data that Payload stores as well as maintains custom React components, hook logic, custom validations, and much more.
Also, because the Payload source code is fully written in TypeScript, its configs are strongly typed—meaning that even if you aren't using TypeScript, your IDE (such as VSCode) may still provide helpful information like type-ahead suggestions while you write your config.
|A string used to define the absolute URL of your app including the protocol, for example |
|An array of all Collections that Payload will manage. To read more about how to define your collection configs, click here.|
|Either a whitelist array of URLS to allow CORS requests from, or a wildcard string (|
|An array of all Globals that Payload will manage. For more on Globals and their configs, click here.|
|Base Payload admin configuration. Specify custom components, control metadata, set the Admin user collection, and more.|
|Opt-in and control how Payload handles the translation of your content into multiple locales. More|
|Manage GraphQL-specific functionality here. Define your own queries and mutations, manage query complexity limits, and more.|
|A string that will be prefixed to all cookies that Payload sets.|
|A whitelist array of URLs to allow Payload cookies to be accepted from as a form of CSRF protection. More|
|If a user does not specify |
|The maximum allowed depth to be permitted application-wide. This setting helps prevent against malicious queries. Defaults to |
|Automatically index all sortable top-level fields in the database to improve sort performance and add database compatibility for Azure Cosmos and similar.|
|Base Payload upload configuration. More.|
|Control the routing structure that Payload binds itself to. Specify |
|Base email settings to allow Payload to generate email such as Forgot Password requests and other requirements. More|
|Express-specific middleware options such as compression and JSON parsing. More|
|Enable to expose more detailed error information.|
|Disable Payload telemetry by passing |
|Control IP-based rate limiting for all Payload resources. Used to prevent DDoS attacks and more.|
|Tap into Payload-wide hooks. More|
|An array of Payload plugins. More|
|An array of custom API endpoints added to the Payload router. More|
|Extension point for adding custom data (e.g. for plugins)|
You can see a full example config in the Public Demo source code on GitHub.
We suggest using the
dotenv package to handle environment variables alongside of Payload. All that's necessary to do is to require the package as high up in your application as possible (for example, at the top of your
server.js file), and ensure that it can find an
.env file that you create.
Add this line to the top of your server:
Note that if you rely on any environment variables in your config itself, you should also call
dotenv() at the top of your config itself as well. There's no harm in calling it in both your server and your config itself!
Here is an example project structure w/
dotenv and an
By default, the Payload config must be in the root of your current working directory and named either
payload.config.ts if you're using TypeScript.
But, you can specify where your Payload config is located as well as what it's named by using the environment variable
PAYLOAD_CONFIG_PATH. The path you provide via this environment variable can either be absolute or relative to your current working directory.
Example in package.json:
Payload comes with
isomorphic-fetch installed which means that even in Node, you can use the
fetch API just as you would within the browser. No need to import
axios or similar, unless you want to!
You can import config types as follows:
Payload collects completely anonymous telemetry data about general usage. This data is super important to us and helps us accurately understand how we're growing and what we can do to build the software into everything that it can possibly be. The telemetry that we collect also help us demonstrate our growth in an accurate manner, which helps us as we seek investment to build and scale our team. If we can accurately demonstrate our growth, we can more effectively continue to support Payload as free and open-source software. To opt out of telemetry, you can pass
telemetry: false within your Payload config.