LogoLogo
1.1
1.1
  • 🏠Overview
  • 🏢Architecture
  • 📋Registration
    • Registration Interfaces
      • ODK Collect App
      • Self Service Portal
      • API Interface
      • Manual Entry
      • Bulk Export From CSV
    • ID Verification
    • Registry
  • 🅿️Program Management
    • Eligibility Assessment
    • Proxy Means Test
    • Enrolment
    • Deduplication
    • Program Cycles
    • Entitlement
    • Notifications
  • 💵Payments
    • Payment Modes
    • Payment Manager
    • Payment Batches
    • ID Account Mapper
    • Payment Rails
    • Reimbursements
      • Service Provider Portal
  • 🔐Privacy & Security
  • 📊Monitoring and Reporting
  • 🔧System Administration
    • Developer Mode
    • Role-Based Access Control
    • Internationalization (i18n)
    • Document Store
    • Apps
  • ⛓️Workflows
    • Cash grant scenario
    • Immediate Individual Assistance On-Demand
    • Service Provider Reimbursement
  • 🔗Integrations
    • M-PESA Integration
    • Mojaloop Integration
    • MOSIP Integration
      • ODK MTS Connector
      • Registry MTS Connector
      • Integration with e-Signet
  • 📦Releases
    • 1.1.0
      • Release Notes
  • ↔️REST API
  • ⚒️Testing
  • 👥Community
    • Contributing
    • Code of Conduct
  • 📗License
  • Guides
    • 📔How-To Guides
      • Install WireGuard Client on Desktop/Laptop
      • Install WireGuard Client on Android Device
      • Create User and Assign Role
      • Create a Custom Group
      • Create Program
      • Create Self-Service Portal Form
      • Map Self-Service Portal Form
      • Self Register Online
      • Integrate with MOSIP e-Signet
      • Create ODK Form
      • Provide Form Access to Field Agent
      • Download Form on ODK Collect
      • Register Offline
      • Create MTS Connector
        • Create ODK MTS Connector
        • Create OpenG2P Registry MTS Connector
      • Create Eligibility Manager Types
        • Create Default Eligibility Manager
        • Create ID Document Eligibility Manager
        • Create Phone Number Eligibility Manager
      • Create Eligibility Manager under Program
      • Configure Proxy Means Test
      • Enrol Registrants into Program
      • Configure ID Types
      • Create Deduplication Manager under Program
      • Create Deduplication Manager Types
        • Create ID Deduplication Manager
        • Create Phone Number Deduplication
      • Deduplicate Registrants
      • Create Notification Manager Types
        • Create SMS Notification Manager
        • Create Email Notification Manager
        • Create Fast2SMS Notification Manager
      • Create Notification Manager under Program
      • Send Notifications to Individual Registrants
      • Configure Program Manager under Program
      • Create and Approve Program Cycle
      • Multi-Stage Approval
      • Create Entitlement Voucher Template
      • Create Entitlement Manager Type
        • Create Default Entitlement Manager
        • Create Voucher Entitlement Manager
      • Configure Entitlement Manager under Program
      • Create Payment Manager Types
        • Create Payment Hub EE Payment Manager
        • Create Payment Interoperability Layer Payment Manager
        • Create Default Payment Manager
        • Create Cash Payment Manager
        • Create File Payment Manager
      • Configure Payment Manager in Program
      • Prepare and Send Payment
      • Install SmartScanner App
      • Submit Reimbursement Using the Service Provider Portal
      • Reimburse the service provider
    • 📙Documentation Guides
      • Creating Diagrams
      • OpenG2P Module Doc Template
      • Writing Guidelines For How-To Guides
    • 👩‍💻Developer Zone
      • Getting Started
      • Installing OpenG2P On Linux
      • Technology Stack
      • Modules
        • G2P Entitlement In-kind
        • G2P SelfServicePortal
        • OpenG2P Program Payment: G2P Connect Payment Manager
        • G2P Notifications: Wiserv SMS Service Provider
        • G2P Registry: Rest API
        • G2P Formio
        • G2P Registry: Base
        • G2P Registry: Individual
        • G2P: Proxy Means Test
    • 📘Deployment Guide
      • Deployment on Kubernetes
        • K8s Cluster Requirements
        • K8s Cluster Setup
        • Rancher Server Setup
        • NFS Server Setup
        • SSL Certificates using Letsencrypt
      • Post Install Configuration
      • Access to Deployed Setup
      • Packaging OpenG2P Docker
Powered by GitBook
LogoLogo

Copyright © OpenG2P. This work is licensed under Creative Common Attribution (CC-BY-4.0) International license unless otherwise noted.

On this page
  • Introduction
  • Registrant authentication using OpenID Connect
  • Registrant authentication using ID Authentication
  1. Registration

ID Verification

PreviousBulk Export From CSVNextRegistry

Last updated 1 year ago

Introduction

OpenG2P registration interfaces can be integrated with OIDC clients and ID authentication systems to authenticate registrants. OpenG2P employs different ID authentication mechanisms in its registration interfaces. While these are the preferred mechanisms, OpenG2P is not tied to these mechanisms and can integrate with other OIDC-compliant clients of authentication systems for foundational/functional ID.

Registrant authentication using OpenID Connect

OpenG2P's Self-Service Portal can be integrated with an OpenID Connect Client such as e-Signet to build a trustworthy authentication interface. The OIDC Client utilizes an authentication system of any foundational or functional ID database to authenticate the registrants in the backend.

A few key points to note in this process are:

  • The challenge could be OTP, biometric, or QR code.

  • The registrant shares the UIN, challenge, and consent via the authentication client.

  • The Self-Service Portal must get an Authorization Code before requesting the Access Token.

  • The Self-Service Portal gets access to the registrant's details after it receives the Access Token from the authentication system.

Registrant authentication using ID Authentication

A high-level representation of the interactions between different components during authentication is shown below:

UIN, challenge, and consent are shared in separate transactions. To view the e-Signet authentication process in detail, click .

OpenG2P integrates with MOSIP Token Seeder (MTS) using MTS Connector to authenticate registrants registered using the ODK Collect App. The Unique ID Number (UIN) and demographic details provided by registrants are verified by calling APIs of the (IDA) system. The MOSIP IDA responds with an Authentication Token upon successful verification. MTS is a standalone service offered by MOSIP. Learn more about MOSIP integration .

MTS Connectors can take inputs from both ODK Central and OpenG2P registry. Since one MTS Connector takes only one type of input, separate MTS connectors are required for ODK Central and OpenG2P registry. Learn more about OpenG2P registry MTS Connectors .

📋
here
MOSIP ID Authentication
here
here