System Config
System Management → System Config holds three tenant-level settings that apply across the entire organization: how the browser sounds alarm alerts, whether this tenant's public models can be pulled by downstream nodes, and the shared environment variables (org_params) injected into all scripts.
This page is distinct from System Platform → System Config (admin-level SMTP / brand / OAuth). Both are named "System Config" but operate at different scopes.
Alarm Configuration
Controls how the browser plays an audible alert when a new alarm fires.
Alarm Audio
Choose one of three audio sources:
| Option | Meaning |
|---|---|
| Remote URL | Play audio hosted at an external URL. Enter the full URL in the field next to it; a preview player appears immediately. |
| Custom Ringtone | Upload a local audio file (mp3/wav). The file is stored on the platform server. A preview player appears after upload. To remove the uploaded file, click the Delete Audio link. |
| Default Ringtone | Use the platform's built-in alarm sound (audio/public.mp3). No configuration required. |
Ringing Timing
Controls when the audio plays:
| Option | Meaning |
|---|---|
| None | Audio is never played. |
| New Alarm | Audio plays once each time a new alarm record is created. |
| Existing / New Alarm | Audio plays on new alarms AND continues playing while any unacknowledged alarm is still active. |
Alarm audio plays in the browser tab where the user has ThinkLink open. It does not send push notifications to mobile devices.
Cross-Service Config
Tenant-level admission control for Remote Data Pull. A downstream ThinkLink node (TKG or TKE) can pull this tenant's public models and templates only when the following settings allow it.
| Field | Meaning |
|---|---|
| Allow Data Pull | Master toggle. When off, all external pull requests to this tenant are rejected. |
| Secret Key | The token a downstream must present when pulling. Click the Regenerate button to rotate the key (invalidates all existing downstream pull configs immediately). |
This is the tenant-level secret key and is independent of the system-platform-level secret key. Each tenant that wants to expose its data to downstream nodes must configure this separately.
How to set up a downstream pull:
- Enable Allow Data Pull and copy the Secret Key from this page.
- On the downstream node, go to System Platform → Remote Data Pull and enter this node's URL, the
tenant_codeof this organization, and the secret key. - The downstream can then pull public models, templates, plugins, and device configs from this tenant.
Org Params
Organization-level (tenant-level) key-value environment variables. Configure them once and they are automatically injected as the org_params argument into all scripts in this organization:
- RPC Model:
rpc_script({ device, params, alarms, logger, org_params }) - Thing Model parse script:
payload_parser(device, msg, thingModelId, noticeAttrs, org_params) - Trigger Model:
trigger_script(device, thingModelId, org_params) - MQTT Forwarder script:
forwardScript({ topic, msg, org_params })
Why it exists: keep credentials, endpoints, and business identifiers out of script bodies. Scripts hold only logic; secrets live in Org Params. Rotating a webhook or swapping environments is then a single edit here — no need to touch every script.
Comparison with other attribute scopes
| Source | Scope | Where it's set | Visible to |
|---|---|---|---|
params | One RPC call | Provided by the caller | The caller |
device.shared_attrs | One device | Device ↔ platform sync | Device operator |
device.server_attrs | One device | Device detail page | Device operator |
org_params | Whole organization | System Config → Org Params | Org admin only |
Configuration
The editor shows a key-value table. For each entry:
| Field | Description |
|---|---|
| Key | Accessed in scripts as org_params.<key>. Use lowercase snake_case, e.g. wecom_webhook_url |
| Value | String value. For structured data, store JSON and JSON.parse it in the script |
| Remark | Operator note for what this param is for, e.g. "WeCom alarm-bot webhook, rotated quarterly" |
Click Submit — new values take effect immediately for all scripts in the org (no restart required).
Reading Org Params in a script
// RPC: read the WeCom webhook from org_params
function rpc_script({ device, params, alarms, logger, org_params }) {
let webhook = org_params?.wecom_webhook_url;
if (!webhook) {
logger.error("wecom_webhook_url not configured in org_params");
return null;
}
return [{
sleepTimeMs: 0,
type: "axios",
dnMsg: {
method: "POST",
url: webhook,
headers: { "Content-Type": "application/json" },
data: { msgtype: "text", text: { content: params.content } },
timeout: 5000
}
}];
}Security Notes
- The Org Params page is only accessible to org admins — regular operators cannot see webhook keys or credentials
- If a credential leaks: rotate it on the third-party platform, then update the value here; all scripts pick up the new value automatically
- Rotate webhook URLs and access keys at least once per quarter; record the rotation date in the Remark field
⚠️ Do not echo
org_paramsvalues intodevice.server_attrsor log messages — that exposes the secret to callers and log readers.