Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
OpenG2P offers the on-demand approach via the Self Service Portal where a person logins via his/her ID and then applies for a program. In self-service mode, typically, OTP would be used for login. In assisted mode, the registering officer may have biometric devices connected to his/her machine, and the registrant can perform biometric authentication in an online manner.
Online registration assumes that an ID verification service is available to connect via APIs and perform verification of the identity of a person. In the case of MOSIP, for e.g, the verification can be done using the e-Signet solution.
OpenG2P offers a reference implementation of a person facing Self Service Portal that lets a person log in to the portal using a national ID or other IDs, and perform the following functions:
View enrolled programs
View all the demographic information submitted across programs
Update demographic information
Apply for a new program
View a list of all programs offered by the government/ministry/department.
OpenG2P offers a reference implementation of such a self-service portal.
Users can log in via any OpenID Connect (OIDC) Auth provider. Any ID system that implements ODIC specification can be integrated with Self Service Portal for user login.
The Self Service Portal integrates with e-Signet to provide user login via MOSIP ID.
In each payment cycle, the payment transactions are done in batches. There could be several reasons for batching the payments. The transaction limits may be imposed by payment switch, DFSP or any other entity in the payments chain.
OpenG2P registry is a single repository containing details of the registrants. The registry uses PostgreSQL for maintaining the information in a single DB table.
The purpose of the registry is to provide a single source of truth to the program administrators and managers. Program administrators can grant access to other program participants to act on this information.
Identification of records in the registry is done with configured ID types. ID can be foundational like MOSIP ID or functional like a voter's card, tax number, driving license, etc.
Individual registrant information is entered in a single row. Whereas group details are stored in multiple rows in the form of relationships with the head or representative of the group.
OpenG2P platform supports multiple entries for a registrant in the registry. The intent is to keep all the entries for a registrant and deduplicate later at the program level if required. Multiple entries allow program administrators the flexibility to build a registry without bothering about duplicate entries, especially during a crisis situation such as a flood, earthquake, tsunami, etc. and work on deduplication later using the Deduplication Manager.
A registry contains an individual's Personally Identifiable Information (PII) along with very rich demographic data. It is critical that this data is secure and PII is not shared in human-readable form or passed on to other systems without the individual's consent. OpenG2P offers secure and private registries to address this concern.
Data at rest is encrypted using strong cryptographic techniques. The data is decrypted in memory while processing the record such that no trace of the unencrypted data is stored anywhere in the system.
Data is anonymised while being displayed in human-readable form (for example, UI screen). Similarly, any query results from the registry are anonymised such that this information cannot be used to specifically target an individual.
More often than not, program administrators require additional information about the registrants. However, each row in the database can have only a fixed number of fields. To provide customization, the OpenG2P registry captures the most commonly used fields such as name, age, gender, address, identity, etc. as a fixed number of individual fields. Any additional information is captured as key-value pairs held together in a blob.
In the roadmap of OpenG2P, an enhanced secure registry with the following features is planned.
Tokenised registry
Schema base fields
REST APIs interface
Verification with an ID system
Deduplicated entries
CRUD operations
Complex queries
Anonymous profile
Data encrypted at rest
Evidence
Attestation
The Program Management module offers a rich set of functions to define various beneficiary programs (schemes), enrol beneficiaries based on eligibility, calculate entitlements and disburse benefits to the beneficiaries.
Created
Ended
Reactivated
A program may be targeted to an individual or a group. A group may be a household, family or any other group to which the program is targeted.
At the backend, the ID provided (functional or foundational) during registration is verified by submitting the demographic details and ID number by calling APIs of the corresponding ID system. The response from the ID system could be a yes/no response with optional data like ID token and KYC details.
The person's information is filled in ODK forms on Android devices and submitted to the backend for further processing. The ODK application is integrated with a QR code scanning application that enables an automatic population of KYC data of the person in the form along with verification of digital signature establishing the authenticity of the card.
Program creation
ODK form template creation
Upload of form to ODK Central
Assigning forms to agents
Field registration by the agent using ODK Collect on an Android tablet/phone.
Submission of form to ODK Central
Addition of record to the registry
ID verification and KYC
A high-level view of the administrator-driven registration approach is given below:
ODK is an open source toolkit that uses offline forms to collect data. ODK Collect is the client-side app while ODK Central is the server-side app. Learn more about ODK here.
OpenG2P offers mechanisms to carry out registrations on the field in areas where Internet connectivity may not be available.
OpenG2P has a flexible architecture that allows governments and social benefit delivery systems to choose functionalities per their needs. The platform is built to allow inclusion and has supporting features. For example, beneficiaries in remote areas without network connectivity can be registered offline. The platform also supports multiple stages of approval with each approval carried out by a different officer.
External System Integrations
Digital authentication can be facilitated using MOSIP or any other ID system as the platform is agnostic of ID systems.
The platform can integrate with payment systems other than the three payment systems shown in the diagram.
Enrolment is the process of creating a beneficiary list of individuals or groups by querying the registry and applying eligibility criteria. OpenG2P provides convenient filters and plugins to make the entire process frictionless, convenient and time-saving.
Program eligibility could be defined as simple filters on the data collected for individuals (residing in the registry) or could be more sophisticated like Proxy Means Test. Default filters and plugins are provided that would meet most of the eligibility definitions. For complex eligibility criteria, custom plugins can be written and added to the Eligibility Manager.
Entitlement is the quantity of benefit that a beneficiary is entitled to receive. For cash transfers, this is money that a beneficiary will receive via either direct bank transfer, mobile wallet, cash at the counter, vouchers or other disbursement mechanisms. Entitlement is defined for each .
In the OpenG2P platform, registration is a series of three processes - intake, recording, and verification. Intake is the process of gathering information from applicants while recording and verification are the processes to add the authenticated information to the Registry. The platform verifies the applicant's details in the background by confirming the identity and demographic details of the applicant digitally.
Registration aims to provide detailed records for Eligibility Assessment in the Registry. It must be noted that at this stage, the people are referred to as applicants or registrants. Once the applicants/registrants pass the eligibility criterion set by the program manager, they become eligible to enrol in the program and are referred to as beneficiaries.
This is a pictorial representation of the OpenG2P registration process.
Registration can be carried out via multiple channels such as digital service windows/kiosks, social workers, local registration offices, door-to-door visits, referrals from other programs, etc. The registration approach can be either on-demand or administrative-driven. Three key features distinguish between these two approaches:
Whether the registration process was initiated by the applicant (on-demand) or by the program administrator (administrator-driven)
Whether applicants registered themselves individually (on-demand) or registered as a group/family/household (administrator-driven)
Whether applicants could register at the time of their choosing (on-demand) or had to apply in a specific time window (administrator-driven)
While on-demand and administrative-driven approaches are two distinct models, the registration process operates in a spectrum between these two models. For example, a program may allow the applicants to register individually (on-demand) but may allow them to apply only in a certain time window (administrative-driven). OpenG2P platform has a flexible implementation and through its various Registration Interfaces aims to cater to a combination of approaches across different registration modalities and programs.
OpenG2P registration interfaces are key client-facing interfaces. The clients here could be the applicants, social workers, program administrators, program managers, etc. There are the main features offered by these interfaces:
The clients log into the system using their MOSIP ID/National ID allowing the information to be verified while it is being recorded. Additionally, logging in using National ID can pre-fill the information fields in an authentic manner.
OpenG2P's Mobile Registration App allows social workers and field registration officers to record the applicant's information without any internet connectivity.
The applicant's information is encrypted at rest and during transit allowing the information to be secure against malicious attacks.
The platform allows for consent forms to be filled out and recorded before starting the intake. The recorded information is not used for any purpose other than the explicitly stated purpose in the consent form.
The applicant information is filled in using general intake sheets. These intake sheets can be customized per the assessment information required by the program.
The platform can be configured to send Notifications to the applicants via multiple channels such as email, sms, etc.
OpenG2P platform offers registration of persons into programs via the following interfaces:
Mobile registration app
Self-registration by a potential beneficiary
API-based registration by other systems
Agent-assisted registration supports in areas where connectivity may be a challenge.
Registration can be done for individuals or groups like families, households, schools, etc.
Payment Manager is an interface to connect a downstream payment system, like Payment Hub. Multiple Payment Managers may be configured to connect to different systems. Each configuration is specific to the payment system.
The Payment Manager creates batches and payment objects.
Deduplication refers to the process of removing duplicate entries in the registry, thus avoiding double-dipping, and merging all the demographic fields associated with an individual or a group into a single record.
Individuals are deduplicated by any of the below methods or a combination of these:
If a country has issued unique foundational IDs (like MOSIP) then deduplication is trivial -- there is only one record associated with an ID. For privacy, the foundational ID itself is not stored in the registry. Instead, a 'token' or virtual ID associated with the ID is stored.
If functional IDs like driver's license, tax number, student ID etc. are accepted while registration, then deduplication across IDs is somewhat challenging if a link between these is not already established and available to the OpenG2P system. In this case, heuristics are applied to demographic data to detect potential duplicates.
In case registrants were onboarded without an ID, the deduplication is performed using heuristics on demographic data.
OpenG2P is guided by the principle of inclusion. The system does not prevent registrations of persons who do not have an ID. This is especially applicable during emergency relief like floods, war, and other calamities.
Deduplication of groups refers to removing duplicate groups within a type of group like a family, or household. The deduplication method is context-dependent and is configured via rules. For example, if the same family has registered itself twice, it will be flagged as a duplicate. However, there are more complex scenarios - say, an individual appears in two different households while other members are different. Such cases will be flagged based on the configured rules.
Resolution of duplicates is generally done via a manual adjudication process, where an authority is visually able to inspect the data and reason for duplication. The authority can then decide whether the case is a duplicate or not based on the process set by the country/department/ministry.
The Payments module consists of several functions to efficiently execute cash transfers to the beneficiaries and report the status of payments. Out of the box, OpenG2P offers payment connectors for Mojaloop and GSMA Mobile Money with flexibility to create custom connectors specific to the payment rails of a country.
Payments are generally executed in cycles and batches.
Digital payments infrastructure (DPI) could vary from country to country. It is therefore necessary that social benefit delivery systems have the ability to connect to the prevailing DPI and perform G2P payments efficiently. OpenG2P platform provides flexibility to connect to a payment system by writing custom connectors. By default, the platform offers interoperability with the following:
Notifications to beneficiaries and administrators are a must-have, especially when there are multiple stages of a delivery chain, usually with long time intervals between various stages. The beneficiaries must be informed about their enrolment status, entitlements, disbursements, exit etc. Multiple methods of notifications may be employed like postal and courier service, SMS, email, and messaging apps.
OpenG2P provides in-built support for email and SMS with simple configuration changes. The notifications are triggered at certain default points in the delivery chain, however, depending on the needs of a specific implementation more trigger points may be added.
In a given program, disbursement to beneficiaries is done in cycles. The entire entitlement to a beneficiary may be split into cycles for reasons of availability of funds, certain conditions that the beneficiary has to meet or other factors. Further, the beneficiary list may also undergo a change in different cycles based on updated eligibility criteria.
A beneficiary list may be split across cycles such that disbursement to a subset of the list is done in one cycle while for the rest disbursement is done in the next cycle.**
** This feature will be available in version 1.2.x of OpenG2P.
A given program will have certain criteria to consider individuals eligible for that program. Assuming that eligibility can be expressed unambiguously based on an individual's demographic data, a program manager can easily run the criteria on the registry to create a beneficiary list using domain filters and eligibility plugins.
In OpenG2P, Eligibility Manager is a separate software module where the eligibility of a program is configured. If custom plugins are written, they are added to the Eligibility Manager.
Note that one eligibility manager can be associated with only one program. Each program should have its own eligibility manager created and configured.
Example: Proxy Means Test
On-demand assistance is especially useful for scenarios like urgent surgeries, treatments, and other crises. However, to prevent instances of fraud, it is imperative to do a thorough assessment of beneficiary entitlement. This section details one reference implementation using multiple stages of approvals.
The beneficiary logs into Self Service Portal and provides details of assistance such as the type and cost of treatment along with the name, address, gender, age, occupation, and family information.
The assistance application is reviewed and assessed in multiple stages by the officers designated by the program administrator/manager. At each stage, the designated officer will either approve/reject the application with a valid reason. If the application is rejected at any one of the stages, the approval process stops.
After all the designated officers approve the application, the final approving officer will also issue an entitlement voucher. The entitlement voucher has a QR code that can be scanned to view beneficiary entitlement and prove the authenticity of the entitlement voucher.
The beneficiary takes the entitlement voucher to the service provider. The service provider scans the entitlement voucher. If the QR scan is valid, the service provider assists the beneficiary.
This example describes on-demand assistance with multi-stage approval.
The program manager/administrator can custom-assign an assessment officer for each stage.
Though this example shows three stages, the number of stages can be customized.
The entitlement voucher can be communicated digitally or printed on paper.
Monitoring the status of programs and registries is vital for program administrators. OpenG2P integrates a reporting framework that lets users create dashboards of their choice to visualise data. The framework uses open source technology components to create a pipeline of data flowing from the databases to visualisation tools. A sample dashboard is given below:
Details of this infrastructure may be found here.
OpenG2P integrates with MOSIP to verify the UIN/VIDs provided by individuals as part of the registration process. As a result of the verification, OpenG2P receives a unique token against an individual's UIN/VID along with KYC data. This data is stored in the registry.
There are two ways to obtain the MOSIP tokens:
For new registrations that are conducted via ODK form, The MTS Connector is configured to pull data directly from ODK Central and return MOSIP tokens. See .
For already existing records in the registry, the is used to trigger a connection with MTS and in turn receive MOSIP tokens for all the records requested.
Here, OpenG2P is a Relying Party and the Authentication System is MOSIP. Learn .
Refer to the guide .
ODK MTS Connector is an OpenG2P Odoo addon that fetches tokenised data from the ODK Central by calling the (MTS) and stores it in the registry.
Uses callback delivery type of MTS
Completely asynchronous execution
OpenG2P can schedule a daily job to fetch the delta for the day
Manual import feature (TBD)
Registry MTS Connector (RMC) is an Odoo addon that fetches against any record in the registry by calling (MTS) and stores the same in the registry.
Generates MOSIP token against the OpenG2P registry by calling .
Uses callback
delivery type of MTS
Completely asynchronous execution
OpenG2P can schedule a daily job to fetch the delta for the day
A manual import feature will also be provided
Removes VID if MOSIP Auth Token is generated
Property | Configuration |
---|
Property | Description |
---|
| A string to identify the connector |
| URL for MTS API |
| MTS-C connects over "ODK" which is the first option in this selection. OMC option could be proceeded by selecting OpenG2P Registry. |
|
| MTS-C only supports JSON output type of MTS. |
|
| Currently supporting only "Callback". Callback feature can be used to make MTS do a submission of results onto an API within Odoo. The output formatting will help in making the desired input for the API. |
| MTS-C provides both recurring and one time execution. Recurring can be configured to do continuous pull from the ODK over MTS. |
| Interval at which the MTS-C job runs. |
| MOSIP language setup. The default is "eng". |
| Base URL or the complete domain address for the ODK central installation |
| OData service (.svc) URL for the ODK form to fetch the submissions. |
| Email Id to authenticate MTS for accessing Odata URL |
| Password used to authenticate Odata URL |
| A URL endpoint which would be called upon successful processing at MTS |
| HTTP Method (POST/PUT/GET/PATCH) used while MTS makes the callback |
| Timeout awaited by the callback until acknowledged with a response. |
| Type of authentication expected by callback URL. MTS-C currently support Odoo type which uses the session-based authentication implemented by Odoo. |
| DB instance used by Odoo. |
| Username to access callback API |
| A string to identify the connector |
| URL for MTS API |
| OMC option could be proceeded by selecting OpenG2P Registry. |
| MTS Field mapping as required by the API. Please refer to MTS Documentation. Format of Mapping would be JSON. |
| MTS-C only supports JSON output type of MTS. |
|
| Currently supporting only "Callback". Callback feature can be used to make MTS do a submission of results onto an API within Odoo. The output formatting will help in making the desired input for the api. |
| MTS-C provide both recurring and one time execution. Recurring can be configured to do continuous pull from the ODK over MTS. |
| Mosip language setup. Default is eng. |
| Interval at which the MTS-C job runs. |
|
| List of fields which will be supplied as auth data. This field list may be a superset of fields required for auth as it may contain data required by the callback API. This list should be a valid JSON string array. |
| A URL endpoint which would be called upon successful processing at MTS |
| HTTP Method (POST/PUT/GET/PATCH) used while MTS makes the callback |
| Timeout awaited by the callback until acknowledged with a response. |
| Type of authentication expected by callback URL. MTS-C currently support Odoo type which uses the session-based authentication implemented by Odoo. |
| DB instance used by Odoo. |
| Username to access callback API |
| Password to access callback API |
A typical flow of enrolling a beneficiary by collecting data on the field by an agent, in offline mode, is illustrated below.
The guide here provides steps to create a new user and assign a role. This process is typically done by the Administrator.
The user should have an Administrator role.
Navigate to Settings using the menu bar.
Click on Users & Companies and then select Users to reach user's list view page.
Click on the Create button to reach user creation page.
Email: Provide a valid email Id. The invitation email will be sent to this Id.
Select the role for a user from the OpenG2P module access section.
Once the user is saved it will be listed under the user list view page and the invitation mail will be triggered.
is an open source platform that provides the foundation to build government-to-person (G2P) solutions. The roots of the platform lie in the social benefit delivery systems originally developed in response to the Ebola outbreak in Sierra Leone.
The platform offers people facing processes such as onboarding into schemes, identity verification, and cash transfers to their bank accounts. It also incorporates government department facing features such as the creation of registries and beneficiary lists, eligibility checks, scheme definition, payment disbursement and reconciliation.
OpenG2P is a Digital Public Good () recognized by the DPGA and has received contributions and support from multiple organisations and implementers. Its roadmap includes support for non-monetary benefits, proof of delivery, beneficiary management, secure registries, and decision making support.
MTS Field mapping as required by the API. Refer to . The format of Mapping would be JSON.
Output format is a string which will be used by MTS to format its output to suite the caller's requirement.
Output format is a string which will be used by MTS to format its output to suite the caller's requirement.
A can be used to identify the records for tokenisation. For. eg. Only records which have VID associated with it and are not tokenised need to be picked for tokenisation.
The project, co-founded by the Government of Sierra Leone and UNDP and supported by in the early stages, is now housed in, a not-for-profit university in India.
OpenG2P is a collaborative effort of several contributors. We welcome contributions to the OpenG2P Project.
Raise bugs/issues/tasks on GitHub Issues of individual repositories.
All the issues and tasks are tracked using Jira.
To contribute code to the OpenG2P project, follow the steps given below:
Create an issue on Github related to your task.
Fork the corresponding repository.
Commit your changes in your forked repo. Make sure the issue id of GitHub is mentioned in square braces, e.g. [#6] Minor changes to fix the bug.
Raise a Pull Request (PR) on the appropriate branch. In general, it is safe to send PRs to develop
branch of a repo.
The PRs shall be reviewed by the technical team and merged after approval.
For Odoo modules, follow the Odoo Coding Guidelines.
For non-Odoo Python code, follow PEP 8 – Style Guide for Python Code.
The documentation of the project is available as .md
files in the Documentation repository. To highlight a correction or request for additional documentation, raise a GitHub Issue on the repository. To contribute to the documentation follow the steps given under Code contributions.
For Odoo modules, follow the Odoo Versioning. To indicate the maturity of a version (like alpha/beta etc.) use development_status
field in the __manifest__.py
file as described here.
For Non-Odoo modules, follow Semantic Versioning.
OpenG2P release will follow Semantic Versioning. For GitHub branches and tags versions, refer to the sections below.
For Odoo module repositories, a prefix of Odoo version is added to the branch name, e.g. 15.0-1.0.0, 15.0-develop.
Within a branch, multiple Git tags may be created like 15.0-1.0.0-rc1
, 15.0-1.0.0-rc2
etc.
For non-Odoo module repositories, you should find a develop
branch in the repo where in-progress work may be checked-in.
For releases, a release branch is forked out of the develop
branch and subsequently, release specific check-ins like bug fixes are made on this branch. For the final release, this branch is Git tagged, frozen (no further check-ins allowed) and merged into the develop
branch. Thus, all the changes related to the release are available in develop
for further development. The recommended Github tagging convention for a final release is to have a prefix v
or release
before the version number. For example, v15.0.1.0.0, release-15.0.1.0.0, v1.0.0, release-1.0.0
OpenG2P was created to foster an open, innovative and inclusive community around open source & open standard. To clarify expected behaviour in our communities we have adopted the Contributor Covenant. This code of conduct has been adopted by many other open source communities and we feel it expresses our values well.
We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
Examples of behavior that contributes to a positive environment for our community include:
Demonstrating empathy and kindness toward other people
Being respectful of differing opinions, viewpoints, and experiences
Giving and gracefully accepting constructive feedback
Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
Focusing on what is best not just for us as individuals, but for the overall community
Examples of unacceptable behavior include:
The use of sexualized language or imagery, and sexual attention or advances of any kind
Trolling, insulting or derogatory comments, and personal or political attacks
Public or private harassment
Publishing others' private information, such as a physical or email address, without their explicit permission
Other conduct which could reasonably be considered inappropriate in a professional setting
Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at [INSERT CONTACT METHOD]. All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the reporter of any incident.
Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
Community Impact: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
Consequence: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
Community Impact: A violation through a single incident or series of actions.
Consequence: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
Community Impact: A serious violation of community standards, including sustained inappropriate behavior.
Consequence: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
Community Impact: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
Consequence: A permanent ban from any sort of public interaction within the community.
This Code of Conduct is adapted from the Contributor Covenant version 2.1.
Community Impact Guidelines were inspired by Mozilla's code of conduct enforcement ladder.
For answers to common questions about this code of conduct, see the FAQ. Translations are available here.
This guide provides steps to create a new portal form for a program. This form will show up on the Self-Service Portal when the user selects a program to apply.
The user must have a Program Manager role. See Create User and Assign Role guide.
Navigate to the Website using the menu bar.
Click on Go to Website to navigate to the website home page.
Click on the + New button to create new form.
Click on Page to create a form.
Enter the page title and click on Create button under New Page pop-up window.
Drag and drop the Form in the Dynamic Content from the BLOCKS section.
Edit the form fields from the STYLE section.
Add more form fields using +Field from the STYLE section.
Save the form using the Save button.
The guide provides steps to enable and configure the proxy mean test.
The user must have a Program Manager role.
Navigate to Programs using the menu bar.
Click on the program name for which configuration to be done.
Navigate to the PMT Configuration section on Program detailed view page.
Enable PMT and click on Add a line in the PMT Parameters field.
Select the field and provide its weightage.
The above-mentioned selection fields are computed fields and can be added in the settings.
Click on the Save & New button to select a new field and provide its weightage or Save & Close button which will save the fields and their weightage to that program under configuration.
Click on the Save button.
Enable developer mode.
Settings --> Developer Tools --> 'Activate the developer mode'
Navigate to Settings using the menu bar.
Click on Technical in the setting menu.
Navigate to Models under Database Structure heading.
Search Program Registrant Info model in the search bar.
Click on g2p.program.registrant_info model.
Click on add a line in Fields section.
Add field name, type, label, dependencies field and compute logic.
Click on the Save & New button to select a new computed field or Save & Close button which will save the computed field in the model.
Click on the Save button.
So, these computed fields will display in the selection field of PMT Configuration.
This guide helps beneficiaries to self-register through the beneficiary portal.
Beneficiaries should have the MOSIP-issued national ID with them.
Go to the beneficiaries portal login page.
Click on Sign IN with MOSIP to continue with a MOSIP-issued national ID.
Navigate to Login with OTP using LOG IN HERE and provide the VID/UIN.
After clicking Get OTP, OTP will be sent to the registered email and phone number.
Provide the OTP and click on Verify to proceed further.
Provide consent and click on Allow which navigates to the beneficiary portal home page.
Click on View All Programs to check out the available programs to apply for.
Click on Apply to fill in the beneficiary details in the program form.
Once the form fields are filled click on Submit button for application submission.
Once the program form is submitted, the program will be added to the My Programs section with the Submitted status and the beneficiary will be registered to the program. also will be listed in the OpenG2P Registry Individual as well.
This guide provides steps to create a new ODK form for a program.
should be deployed and available.
The user should have an Administrator role in ODK Central. See guide.
Login to ODK Central.
Click on the +New button to create a new project
Provide the project name same as the program name for which creating the form.
Once the project is created and listed on the ODK home page, click on the project name.
Click on the +New button on the project overview page to create a new form.
Choose a file which has form values and upload it.
Once the form file is uploaded it will be in draft status. Click on Publish Draft to publish the form.
Once the draft is published it will be listed under the project overview.
This guide will provide the steps to register beneficiaries through an offline process. is done by the Field Agent.
The agent should have ODK collect and Smart Scanner Application Installed
Agents should have form access.
Agents should have downloaded the program form on his/her device.
Beneficiaries should have their National ID card with them.
ODK MTS Connector which is mapped to the form should be in Running status.
Open the program form from the ODK Collect application.
Click on Fill Blank Form to fill in all form fields with beneficiary data.
At some point, the form will have the Launch button. Click on the Launch button to scan the QR code on the National ID of the Beneficiary.
Once the scanning is done beneficiary data will be auto-populated as per the form fields configuration.
After filling in all the mandatory fields click on the Save and Submit button.
If the Field Agent is online, the submitted entries will be sent to ODK Central and will be listed under View Sent Form or else they will be saved in the Field Agents device in Send Finalized Form Section.
This guide will help to download the program form on ODK Collect Application running on an Android tablet or phone.
The field agent should have ODK Collect Application installed.
The field agent should have.
The Administrator logs into ODK Central and navigates to the App Users under the program name.
Click on See Code to get the Client Configuration QR code.
Open the ODK Collect application in the field agent device.
Click on Add Project to scan the configuration QR code.
After scanning the Client Configuration QR code all the given access program forms will be downloaded to the field agent's device.
This page describes the integration of OpenG2P with the switch enabling cash transfer from one bank (treasury bank, for instance) to an individual's bank account. The connection to Mojaloop is achieved via an intermediate interoperability layer like the of Mifos.
Below is the reference architecture of disbursements triggered from OpenG2P resulting in cash transfers.
Reconciliation at the OpenG2P end is done via status API calls to Payment Hub which is responsible for gathering payment status information of all transactions from DFSPs and Switch.
The payment architecture may vary from country to country. An interoperability layer like Payment Hub shields the downstream variations by offering a uniform payments API interface such that systems like OpenG2P do not have to modify the payments code, thus enabling interoperability with any payment system. Of course, customisation needs to be done on the Payment Hub, where a specific Payment Connector needs to be created specifically for the payment systems interface.
Payment Hub connects to Mojaloop via the Mojaloop Connector.
The beneficiary list is created on OpenG2P. After creating payment cycles and entitlements, payment batches are created for each cycle. A batch payment is triggered via the . This batch is received by the Payment Hub (PH) and payments are orchestrated either in bulk or individually. The Payment Hub connects to the Mojaloop interface of the Digital Financial Service Provider (DSFP). DFSP1 takes the transaction forward with Mojaloop Switch.
In the current integration, the account id of the payee is available in the OpenG2P registry and passed on to Payment Hub (hence propagated to Mojaloop). The account id of the payer is configured in the.
If is available as part of Digital Public Infrastructure, then the account id need not be stored in the OpenG2P registry.
As part of the roadmap, OpenG2P is working towards supporting payments interfaces being defined as part of the initiative.
The source code for OpenG2P - Payment Hub integration can be found .
The guide here provides steps to create a new program. A program is typically created by a Program Manager who can create and administer programs.
The user must have a Program Manager role. See Create User and Assign Role guide.
Navigate to Programs using the menu bar.
Click on the Create Program to reach the Program creation page. Provide Program name, target type and currency. There are tabs for the configuration of various managers.
Eligibility criteria:
Use+Add filter to set eligibility criteria using Domain Filters. You may set multiple eligibility criteria.
Cycle Manager: Set parameters of disbursement cycles.
Auto-approve Entitlements: To set entitlements via rules, without any manual approvals.
Approver Group: The group name of the user who has permission to approve cycles. See Create User and Assign Role.
Recurrence: The time period for the repetition of a cycle.
Entitlement Manager: Set parameters for entitlements.
Amount Per Cycle: The amount disbursement of a group or individual per cycle.
Amount Per Individual In Group: Amount of disbursement per individual in a group when the program target type is "group".
Maximum number of individuals in a group: Maximum number of individuals who get disbursements per group (optional).
Transfer Fee(%): Fee incurred for disbursement as a percentage of disbursement (optional).
Transfer Fee Amount: Fee incurred for disbursement as an absolute amount (optional).
Entitlement Validation Group: The group name of the user who has permission to approve entitlements. See Create User and Assign Role.
Map Portal form: Map a portal form to this program. Create a portal form before this mapping.
Click the Next button to import the matching registrants to the creating program. In the pop-up window select Yes.
Once the program is created it will be listed under the program list view page.
This guide will help enrol registrants into a program, who are registered through offline registration and online self-registration process.
The user must have a Program Manager role. See Create User and Assign Role guide.
There should be registrants with respect to the program
Navigate to Programs using the menu bar.
Click on the program name on which enrolment needs to be done.
After landing on Program detailed view page, check the beneficiaries section for the registrants who are in draft status.
Navigate back to the program list view page and click on Enrol Eligible Registrants to enrol the registrants who are in draft status.
Enrolment of registrants will be based on the Eligibility criteria set as per the program.
The registrants who pass the eligibility criteria will be enrolled on the program with Enrolled status and those who fail the eligibility criteria will be given Not Eligible status.
This guide will help to provide the form access to the field agent. which helps the agent to download the program form.
The access provider should have the Administrator role in ODK Central.
Login to ODK central with a user having an Administrator role.
Click on the program name in Projects on which the agent access is to be provided.
Navigate to App Users below the program name.
Click on the +Create App User button to add a field agent to the program.
Provide the name of the field agent on the popup window and click on Create button. Agent name will be listed under the App user list.
Navigate to Form Access and select the forms for which access is to be given. Click on the Save button.
This Guide will help to create the OpenG2P registry MTS Connector.
The user must have a Program Manager role.
Navigate to the MTS Connectors using the menu bar.
Navigate to the MTS Connector creation page by clicking the Create button.
Set MTS Input Type as OpenG2P Registry and for other fields configuration please go through Registry MTS Connector.
Click on the Start button under the MTS Connectors list view page to start the created connector.
Click the Save button and the connector will be listed under the MTS Connectors list view page.
This guide will provide the steps to create and approve the disbursement cycle under a program.
The user should have a role which is configured in the Approver Group under Configure the Cycle Manager while creating program.
Navigate to Programs using the menu bar.
Click on the program name for which cycle needs to be created.
After Clicking on Create New Cycle, the new cycle will be added in the cycle section with Draft status.
Navigate inside the cycle using the arrow icon button beside the cycle name.
After clicking on Copy Beneficiaries from Program button program beneficiaries will be copied into the cycle.
Click on Prepare Entitlement to create entitlements to beneficiaries as per the Entitlement Manager configuration
Once the entitlement is ready click on Approve button where cycle status will be moved from Draft to To Approve.
Once more click on Approve button to approve the cycle and the cycle status will be moved from To Approve to Approved.
This guide provides the steps to prepare payment after approving the cycle of a program.
The program cycle should be created for a program.
Navigate to the program for which cycle creation and approval are done.
Click on the Prepare Payment button to create a batch for the approved cycle entitlements.
Once the payment batch is created, navigate to Accounting.
Click on Payment Batches to proceed further with payment.
Click on the payment batch to which payment needs to be done.
On the payment batch, detailed view page click on Send Payment button to make the payment.
Check the payment status in the payments section of the payment batches detailed view page.
This Guide will help to create the ODK MTS Connector.
The user must have a Program Manager role.
ODK form should be available.
Navigate to the MTS Connectors using the menu bar.
Navigate to the MTS Connector creation page by clicking the Create button on the MTS Connector list view page.
Set MTS Input Type as ODK and for other fields configuration please go through ODK MTS Connector Configuration.
Click the Save button and the connector will be listed under the MTS Connectors list view page.
Click on Start in the MTS Collectors list view page to start the created connector.
This guide provides the steps to create a Payment Interoperability Layer Payment Manager.
The user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on Payment Interoperability Layer Payment Manager.
Click on Create button which will navigate to the Payment Interoperability Layar Payment Manager creation page.
In the payment manager creation page provide a name for the payment manager, select the program name, select Automatically Create batch if required, provide the Payment End Point URL and Select the Payee DFSP ID Type.
Once the payment manager is saved it will be listed under the payment manager list view page which further can be used under the program configuration for which it is mapped.
This guide provides the steps to create a Default Payment Manager.
The user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on Payment Interoperability Layer Payment Manager.
Click on Create button which will navigate to the Default Payment Manager creation page.
In the payment manager creation page provide a name for the payment manager, select the program name, select Automatically Create batch if required and select the Currency.
Once the payment manager is saved it will be listed under the payment manager list view page which further can be used under the program configuration for which it was created.
This guide provides the steps to create Payment Hub EE Payment Manager.
The user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on Payment Hub EE Payment Manager.
Click on Create button which will navigate to the Payment Hub EE Payment Manager creation page.
In the payment manager creation page provide a name for the payment manager, select the program name, select Automatically Create batch if needed, and all the other configurations will auto-populate and can be changed accordingly.
Once the payment manager is saved it will be listed under the payment manager list view page which further can be used under the program configuration for which it was created.
This guide provides the steps to create a default eligibility manager
user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on Default Eligibility Manager.
Click Create a button on the default eligibility manager list view page.
Provide the name for the eligibility manager and select the program name from the drop-down for which the eligibility manager is created.
Click the Save button to save the eligibility manager and it will be listed under the eligibility manager list view page.
This guide provides steps to create and configure the payment manager.
The user must have the Program Manager role.
Navigate to Programs using the menu bar.
Click on the program name for which configuration to be done.
Navigate to the Configuration section on Program detailed view page.
Click on Add a line in the Payment Manager section.
Click on the Create button on the Add: Payment Managers pop-up window.
Select the payment manager type.
Provide the details in the payment manager creation manager.
Click on the Save button and then click on the Save & Close button which will save the payment manager to that program under configuration.
This guide provides steps to create and configure the deduplication manager inside the program.
The user must have the Program Manager role.
Navigate to Programs using the menu bar.
Click on the program name for which configuration to be done.
Navigate to the Configuration section on Program detailed view page.
Click on Add a line in the Deduplication Manager section.
Click on the Create button on the Add: Deduplication Managers pop-up window.
Select the deduplication manager type.
Once the name is provided to the deduplication manager, Create and Edit buttons will appear to click on Create and Edit button to create a deduplication manager.
Select the ID type from the Supported ID Document Types drop-down.
Click on the Save button and then click on the Save & Close button which will save the deduplication manager to that program under configuration.
Use +Add filter to set eligibility criteria using . You may specify multiple eligibility criteria.
If a payment manager is already created (), search and select the same or else once the name is provided to the program manager, Create and Edit buttons will appear. Click on Create and Edit to create a payment manager.
TBD
There are 2 types of deduplication managers available that can be created and then can be configured to the program accordingly.
This guide will provide the steps to create an SMS notification manager.
The user should have a Program Manager role assigned.
Navigate to Programs using the menu bar
Click on Configuration and then on SMS Notification Manager.
Click the Create button to navigate to the SMS notification manager creation page.
TBD
This guide provides steps to create an ID Deduplication manager.
The user should be assigned to the Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on ID Deduplication Manager.
Click the Create button to navigate to the ID deduplication manager creation page.
In the ID deduplication manager creation page provide a name for the ID deduplication manager, and select the program name and the ID type from the Supported ID Document Types drop-down.
Once the ID deduplication manager is saved it will be listed under the ID deduplication manager list view page which can further be used under the program configuration for which it is mapped.
This guide provides steps to create and configure the notification manager.
The user must have the Program Manager role.
Navigate to Programs using the menu bar.
Click on the program name for which configuration to be done.
Navigate to the Configuration section on Program detailed view page.
Click on Add a line in the Notification Manager section.
Click on the Create button on the Add: Notification Managers pop-up window.
Select the notification manager type.
Once the name is provided to the deduplication manager, Create and Edit buttons will appear. Click on Create and Edit to create a deduplication manager.
Click on the Save & Close button which will save the notification manager to that program under configuration.
This guide provides the steps to create an ID document eligibility manager
user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on ID document Eligibility Manager.
Click Create a button on the ID document eligibility manager list view page.
Provide the name for the eligibility manager and select the program name from the drop-down for which the eligibility manager is created.
Click the Save button to save the eligibility manager and it will be listed under the eligibility manager list view page.
This guide provides steps to create a Phone Number Deduplication manager.
The user should be assigned to the Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on ID Deduplication Manager.
Click the Create button to navigate to the Phone Number Deduplication manager creation page.
In the Phone Number Deduplication manager creation page provide a name for the Phone Number Deduplication manager, and select the program name.
Once the Phone Number Deduplication manager is saved it will be listed under the Phone Number Deduplication manager list view page which can further be used under the program configuration for which it is mapped.
This guide provides steps to create and configure the eligibility manager inside the program.
The user must have the Program Manager role.
Navigate to Programs using the menu bar.
Click on the program name for which configuration to be done.
Navigate to the Configuration section on Program detailed view page.
Click on Add a line in the Eligibility Manager section.
Click on the Create button on the Add: Eligibility Managers pop-up window.
Select the eligibility manager type.
Once the name is provided to the eligibility manager, Create and Edit buttons will appear. Click on Create and Edit button to create an eligibility manager.
Set the eligibility criteria's using Add Filter button on the creation page.
Click on the Save button and then click on the Save & Close button which will save the eligibility manager to that program under configuration.
This guide will provide the steps to create an Email notification manager.
The user should have a Program Manager role assigned.
Navigate to Programs using the menu bar.
Click on Configuration and then on Email Notification Manager.
Click the Create button to navigate to the email notification manager creation page.
Email notification manager creation page
Name: Provide a name for the manager
Program: Select the program from the drop-down for which the manager is created
On Enrolled In Program Template: Select the template from the drop-down for program enrolment notification.
On Cycle Started Template: Select the template from the drop-down for the program cycle started notification.
On Cycle Ended Template: Select the template from the drop-down for the program cycle-ended notification.
Select Send Immediately to send the email notification to beneficiaries after the program enrollment, at the start of the cycle and at the end of a cycle.
After clicking on the Save button notification will be saved under the email notification manager list view page.
This guide will provide the steps to create a Fast2SMS notification manager.
Navigate to Programs using the menu bar.
Click on Configuration and then on Fast2SMS Notification Manager.
Click the Create button to navigate to the Fast2SMS notification manager creation page.
Fast2SMS notification manager creation page
Name: Provide a name for the manager
Program: Select the program from the drop-down for which the manager is created
On Enrolled In Program Template: Select the template from the drop-down for program enrolment notification.
On Cycle Started Template: Select the template from the drop-down for the program cycle started notification.
On Cycle Ended Template: Select the template from the drop-down for the program cycle-ended notification.
Send API Endpoint: Provide the service provider API endpoint.
Access Token: Provide the access token of the service provider.
After clicking on the Save button notification will be saved under the Fast2SMS notification manager list view page.
This guide provides the steps to create an phone number eligibility manager
user should have a Program Manager role.
Navigate to Programs using the menu bar.
Click on Configuration and then on ID document Eligibility Manager.
Click Create a button on the phone number eligibility manager list view page.
Provide the name for the eligibility manager and select the program name from the drop-down for which the eligibility manager is created.
Click the Save button to save the eligibility manager and it will be listed under the eligibility manager list view page.
The guide here provides steps to submit reimbursement using Service Provider Portal.
The Service Provider Portal user has login access to the portal using MOSIP ID/National ID. The user should be able to scan the QR code from the entitlement voucher using .
Login into the Service Provider Portal using MOSIP ID/National ID. In the example below, the National ID of the Philippines (PhilSys ID) is shown.
Upon successful login, you will see the Reimbursements dashboard.
Select the desired beneficiary and click on Apply. Applying for the reimbursement takes you to the Submission Form page.
Enter the details from the scan into the Submission Form and click Submit. This will show a user prompt to confirm the details. Click Submit.
Successful submission will show a confirmation page with details such as the application Id and submission date.
You can optionally click Go to Home to view the submitted reimbursements. You should see that the status of reimbursement has changed to Applied.
The guide here provides steps to install the SmartScanner app. This app allows users to scan the QR code in the entitlement voucher.
The user must possess an Android Phone with activated.
Download the SmartScanner APK file named idpass-smart-scanner-untagged-<version>.apk on your Android mobile from .
Go to the Downloads folder in Android Mobile and click on the .apk file that you downloaded in the first step. A user prompt will appear with the options CANCEL and INSTALL. Click on INSTALL.
For first-time installation, a user prompt may appear to allow unknown apps. Click on Settings. If no prompt appears and the application installs, then go to step#5.
Enable the option Allow apps from this source, click on the downloaded file, and install the application as described in step#2.
If the SmartScanner app is successfully installed, then this icon will appear on the mobile screen.
Open the SmartScanner app. It should show the option Voucher Code.
Click on the Voucher Code and scan the QR code shown here.
If the SmartScanner app is successfully installed, then the scan will show these details.
The guide here provides steps to install WireGuard App and activate the tunnel. This app allows users to create an encrypted VPN for secure communication.
The user must possess an Android Phone. The user should reach out to the system administrator to generate the Wireguard conf file before proceeding with the installation.
Search for "wireguard" in the Android Play Store.
Install the WireGuard app, open it, and click on the + icon to add the tunnel.
A list of options will appear from the bottom of the app. Click the Import from file or archive option.
Select the WireGuard conf file provided by the system administrator. On successful tunnel creation, the tunnel name will appear at the top of the app.
Activate the tunnel in WireGuard.
The beneficiary details are available by scanning the QR code on the entitlement voucher (also called Guarantee Letter) using the . The scan should show details similar to the format in the image below.
This page lists all the technologies used in building OpenG2P. Free and open-source softwares with clear long-term support availability have been chosen. Certain choices can be replaced with other free or commercial options for deployment.
Domain | Tools/Technologies | Version | Licence Type |
---|---|---|---|
This guide provides steps to integrate as the authentication provider.
MOSIP IDA is installed
The e-Signet server is installed and configured to connect to MOSIP IDA
MOSIP IDA APIs are accessible from the machine running the e-Signet server
Both Yes/No and KYC APIs are enabled on MOSIP IDA
e-Signet APIs are accessible from machines running OpenG2P
Biometric auth devices (already onboarded on MOSIP) are available for authentication
Email and SMS are enabled on MOSIP IDA for OTP authentication
MOSIP Partner Management Services (PMS) Portal or APIs must be accessible to both MOSIP Partner Admin and OpenG2P Admin
MOSIP Partner Specific User Token (PSUT) ID type is configured. See .
Create an Auth Partner for OpenG2P on MOSIP.
Guide for MOSIP 1.1.5 (TBD)
Create a MISP Partner for OpenG2P on MOSIP.
Note down the following from the above steps:
Auth Partner ID
Auth Policy ID
Auth API Key
MISP License Key
Auth partner signed certificate
IDA Partner certificate (App id: IDA, Ref Id: PARTNER)
This method is applicable if MOSIP Partner Management APIs are available. These steps are executed by MOSIP Partner Admin
Create an e-Signet OIDC client using PMS OIDC API:
logoUri
: URL of your logo accessible publicly.
grantTypes
= ["authorization_code"]
clientAuthMethods
= ["private_key_jwt"]
redirectUris
: URLs of the form https://<your web portal>/auth_oauth/signin
Note down the Client ID as an output of the above step.
This method is applicable if MOSIP Partner Management APIs are not available.
Create an e-Signet OIDC client using the following API:
clientId:
Arbitrary string.
clientName:
Arbitrary string.
authContextRefs
:
userClaims
:
logoUri
: URL of your logo accessible publicly.
grantTypes
= ["authorization_code"]
clientAuthMethods
= ["private_key_jwt"]
redirectUris
: URLs of the form https://<your web portal>/auth_oauth/signin
These steps are executed by OpenG2P Admin on the OpenG2P Admin interface.
Go to Settings -> General Settings (Menu) -> General Settings (Panel) -> Integrations (Section) -> Oauth Providers
Create a new OIDC Provider with the following details:
for MOSIP 1.2.0
authParnterId:
Partner ID in step.
policyId
: Policy ID in step.
publicKey:
Generate .
relyingParnterId:
Partner ID in step.
publicKey:
Generated .
Parameter | Value |
---|
Operating System
Ubuntu Server
20.04
Free
Business Apps
Odoo
15.0
LGPL
ID System
MOSIP
1.2
MPL 2.0
Development - Language Runtime
Python
3.5+
Database
Postgres
Postgres License BSD 2-clause "Simplified License"
ID Verification
MOSIP Token Seeder
MPL 2.0
ID Verification
eSignet
MPL 2.0
Analytics Engine
Elasticsearch
Elastic License 2.0
Data streaming
Debezium
Apache 2.0
Offline data collection
ODK
Apache 2.0
Visualization
Kibana
Elastic License 2.0
S3 Storage
MinIO
AGPL 3.0
Development - API Documentation
Swagger
Apache License 2.0
Task Management
Jira
Commercial (OpenG2P has a free license)
Source Code Management
GitHub
Commercial (OpenG2P uses Free plan)
Deployment
Docker
Apache 2.0
DevOps tools
Ansible
GNU GPL v3.0
DevOps tools
Github actions
Free
DevOps tools
Prometheus
Apache License 2.0
DevOps tools
Grafana
Apache License 2.0
Messaging
Apache Kafka
Apache License 2.0
Web Server/HTTP proxy server
Nginx
Capitalize the first letter of every word in the guide title.
Use second-person pronouns i.e. you, your, etc. in the instructions/steps.
It is mandatory to do spelling and grammatical corrections using tools such as Grammarly.
Use the italicized font for UI elements i.e. dashboard names, button labels, information fields, etc.
Use the exact name and case for the UI elements.
Use quotes for a phrase/word if the phrase/word has to be represented as is.
Provide a link at the first mention of a new/different topic. For example, if the guide is talking about installing the SmartScanner app, and the WireGuard app is mentioned, then provide the link for WireGuard.
Use clear and crisp images.
The filename for images should follow the naming convention of every word in lower case, and words separated by hyphens i.e. view-all-programs.png.
Client ID |
Auth Flow |
|
Token map |
|
Client Authentication Method |
|
Private Key Method |
Assertion Type |
|
Authorization URL | e-Signet's authorize endpoint. |
Userinfo URL | e-Signet's userinfo API |
Token URL | e-Signet's token API |
JWKS URL | e-Signet's JWKS API |
Use G2P Reg ID |
|
G2P Registrant ID Type | MOSIP PSUT ID Type |
Partner Creation Call Validate URL |
| Specifies whether to call the MOSIP e-KYC API to fetch data into OpenG2P |
Partner Creation Validate Response |
|
Default Group User Creation |
| Specifies all users signing up through this OIDC Provider (e-Signet) are only going to be portal users |
Login Attribute Mapping On User Creation |
| To allow users to sign in with their email and password after initial signup with e-Signet. |
Creating editable diagrams in open formats using open source tools is challenging. Here, we suggest Draw.io for creating diagrams and saving them directly in GitHub repository.
On Draw.io website choose Device as your storage.
Select the format of the diagram as XML.drawio.
Create the diagram and save it on your local machine. Make sure you follow the file naming convention of lowercase with hyphens as word separations.
Fork openg2p-documentation
repository to your Github account.
Disable workflow in your repository fork:
On Github, upload/commit the .drawio
file to your fork of openg2p-documentation
repository in the branch of choice to the following folder: .gitbook/assets
.
Send a Pull Request.
After the PR is merged on the upstream repo a Gitbook Action Workflow will get triggered to convert the same to PNG format with *.png
extension. The PNG file will be available in the same folder as the .drawio
file. In this case, it will be the repository's .gitbook/assets
folder.
On Gitbook, insert the PNG image using the URL options shown by Gitbook. The URL to be given will be the GitHub URL e.g. https://github.com/OpenG2P/openg2p-documentation/raw/1.0.0/.gitbook/assets/add-deduplication-manager.png. Make sure you pick this URL in Raw format which will be available on the Download button on Github
If a .drawio
already exists in the .gitbook/assets
folder then you must directly edit the repository version of the same by following the procedure given below.
Fork the openg2p-documentation
repository to your local Github account. Disable workflow as shown above.
On the Draw.io website choose Github as your storage.
Authorize the Draw.io app on Github (follow the steps prompted).
Select the diagram in .drawio
format from openg2p-documentation
--> your branch --> .gitbook/assests
folder.
Make changes.
Save the diagram - it will get Git-committed to your repository.
Send a Pull Request to OpenG2P/openg2p-documentation
repo.
Upon acceptance of the Pull Request, a Github Action Workflow will trigger the conversion of the.drawio
file to .png
.
If you have not added the URL of the PNG to your Gitbook pages follow step 6 of Creating New Diagram.
If the URL already exists in Gitbook, the updated image should appear after a page refresh.
Delete the diagram from Gitbook listing found here:
Delete the diagram from Github repository openg2p-documentation
from the corresponding branch
The output of the .
Private key used for JWK creation in the .
Example:
Example:
Example:
Example:
As configured in step 9 of .
One of the given parameter is not valid
One of the given parameter is not valid
OK
OK