OpenCRVS
v1.7
v1.7
  • πŸ‘‹Welcome!
  • CRVS Systems
    • Understanding CRVS
    • Effective digital CRVS systems
    • OpenCRVS within a government systems architecture
    • OpenCRVS Value Proposition
  • Product Specifications
    • Functional Architecture
    • Workflow management
    • Status Flow Diagram
    • User roles & scopes
      • Examples
    • Core functions
      • 1. Notify event
      • 2. Declare event
      • 3. Validate event
      • 4. Register event
      • 5. Print certificate
      • 6. Issue certificate
      • 7. Search for a record
      • 8. View record
      • 9. Correct record
      • 10. Verify record
      • 11. Archive record
      • 12. Vital statistics export
    • Support functions
      • 13. Login
      • 14. Audit
      • 15. Deduplication
      • 16. Performance management
      • 17. Payment
      • 18. Learning
      • 19. User support
      • 20. User onboarding
    • Admin functions
      • 21. User management
      • 22. Comms management
      • 23. Content management
      • 24. Config management
    • Data functions
      • 25. Legacy data import
      • 26. Legacy paper import
  • Technology
    • Architecture
      • Performance tests
    • Standards
      • FHIR Documents
        • Event Composition
        • Person
        • Registration Task
        • Event Observations
        • Locations
    • Security
    • Interoperability
      • Create a client
      • Authenticate a client
      • Event Notification clients
      • Record Search clients
      • Webhook clients
      • National ID client
      • FHIR Location REST API
      • Other ways to interoperate
  • Default configuration
    • Intro to Farajaland
    • Civil registration in Farajaland
    • OpenCRVS configuration in Farajaland
      • Application settings
      • User roles
      • Declaration forms
      • Certified Copies templates
    • Business process flows in Farajaland
  • Setup
    • 1. Planning an OpenCRVS Implementation
    • 2. Establish project and team
    • 3. Gather requirements
      • 3.1 Mapping business processes
      • 3.2 Mapping offices and user types
      • 3.3 Define your application settings
      • 3.4 Designing event declaration forms
      • 3.5 Designing a certified copy
    • 4. Installation
      • 4.1 Quick start: Set-up a local development environment
        • 4.1.1 Install the required dependencies
        • 4.1.2 Install OpenCRVS locally
        • 4.1.3 Starting and stopping OpenCRVS
        • 4.1.4 Log in to OpenCRVS locally
        • 4.1.5 Tooling
          • 4.1.5.1 WSL Support
      • 4.2 Configure: Set-up your own, local, country configuration
        • 4.2.1 Fork your own country configuration repository
        • 4.2.2 Set up administrative address divisions
          • 4.2.2.1 Prepare source file for administrative structure
          • 4.2.2.2 Prepare source file for statistics
        • 4.2.3 Set up CR offices and Health facilities
          • 4.2.3.1 Prepare source file for CRVS Office facilities
          • 4.2.3.2 Prepare source file for health facilities
        • 4.2.4 Set up employee users, and scopes, for testing or production
          • 4.2.3.1 Prepare source file for employees
          • 4.2.3.2 Configure roles and scopes
        • 4.2.5 Set up application settings
          • 4.2.5.1 Managing language content
            • 4.2.5.1.1 Informant and staff notifications
          • 4.2.5.2 Configuring Metabase Dashboards
        • 4.2.6 Configure certificate templates
        • 4.2.7 Configure declaration forms
          • 4.2.7.1 Configuring an event form
        • 4.2.8 Seeding & clearing your local databases
        • 4.2.9 Countryconfig API endpoints explained
      • 4.3 Deploy: Set-up a server-hosted environment
        • 4.3.1 Verify servers & create a "provision" user
        • 4.3.2 TLS / SSL & DNS
          • 4.3.2.1 LetsEncrypt https challenge in development environments
          • 4.3.2.2 LetsEncrypt DNS challenge in production
          • 4.3.2.3 Static TLS certificates
        • 4.3.3 Configure inventory files
        • 4.3.4 Create a Github environment
          • 4.3.4.1 Environment secrets and variables explained
          • 4.3.4.2 VPN Recipes
        • 4.3.5 Provisioning servers
          • 4.3.5.1 SSH access
          • 4.3.5.2 Building, pushing & releasing your countryconfig code
          • 4.3.5.3 Ansible tasks when provisioning
        • 4.3.6 Deploy
          • 4.3.6.1 Running a deployment
          • 4.3.6.2 Seeding a server environment
          • 4.3.6.3 Login to an OpenCRVS server
          • 4.3.6.5 Resetting a server environment
        • 4.3.7 Backup & Restore
          • 4.3.7.1 Restoring a backup
          • 4.3.7.2 Off-boarding from OpenCRVS
    • 5. Quality assurance testing
    • 6. Go-live
      • 6.1 Pre-Deployment Checklist
    • 7. Operational Support
    • 8. Monitoring
      • 8.1 Application logs
      • 8.2 Infrastructure health
      • 8.3 Routine monitoring checklist
      • 8.4 Setting up alerts
      • 8.5 Managing a Docker Swarm
  • General
    • Community
    • Contributing
    • Migration notes
    • Releases and upgrades
    • Release notes
    • Product roadmap
Powered by GitBook
On this page
  • Key Features
  • User Role Scopes
  1. Product Specifications

User roles & scopes

OpenCRVS supports the creation of multiple custom users with specific permissions (scopes) to control what they can and cannot do in the system. This feature allows countries to define user roles and their corresponding scopes based on their specific needs.

Key Features

Unlimited user role configuration: Administrators can create and configure any number of system user roles.

Custom role naming: Each user role can have a custom name (e.g., Healthcare Worker, Mayor, Registrar).

Scope-based permissions: The functionalities available to each user role can be controlled by assigning specific scopes

User Role Scopes

The following are the key scope categories available for configuration:

1. Declare

β€’ record.declare-birth – Allows a user to declare a birth.

β€’ record.declare-death – Allows a user to declare a death.

β€’ record.declare-marriage – Allows a user to declare a marriage.

β€’ record.declaration-submit-incomplete – Allows a user to send incomplete declarations to an assigned office.

β€’ record.declaration-submit-for-review – Allows a user to send complete declarations for review.

β€’ record.declaration-submit-for-approval – Allows a user to send a declaration for approval.

2. Validate

β€’ record.declaration-submit-for-updates – Allows a user to send a declaration for updates (status: Requires Updates).

β€’ record.declaration-archive – Allows a user to archive a declaration (status: Archived).

β€’ record.declaration-reinstate – Allows a user to reinstate an archived declaration (reverting to the previous status).

β€’ record.unassign-others – Allows a user to unassign another user currently assigned to the record.

3. Register

β€’ record.register – Allows a user to register a record.

4. Certify

β€’ record.registration-print&issue-certified-copies – Allows a user to print and issue a certified copy.

5. Correct

β€’ record.registration-request-correction – Allows a user to request a correction to a record.

β€’ record.registration-correct – Allows a user to correct a record and review correction requests.

6. Performance

β€’ performance.read – Allows a user to view performance reports.

β€’ performance.read-dashboards – Allows a user to view Metabase performance dashboards.

β€’ performance.vital-statistics-export – Allows a user to export vital statistics to CSV.

7. Search

β€’ search.birth – Allows a user to search for all birth records.

β€’ search.death – Allows a user to search for all death records.

β€’ search.marriage – Allows a user to search for all marriage records.

β€’ search.birth:my-jurisdiction – Allows a user to search for birth records in their jurisdiction.

β€’ search.death:my-jurisdiction – Allows a user to search for death records in their jurisdiction.

β€’ search.marriage:my-jurisdiction – Allows a user to search for marriage records in their jurisdiction.

8. Config

β€’ config.update:all – Allows a user to update configuration settings.

9. Organisation

β€’ organisation.read-locations:all – Allows a user to view all locations in the organisation.

β€’ organisation.read-locations:my-jurisdiction – Allows a user to view only locations in their jurisdiction.

β€’ organisation.read-locations:my-office – Allows a user to only view their office’s information.

10. User Management

β€’ user.create:all – Allows a user to create a user in any location.

β€’ user.create:my-jurisdiction – Allows a user to create a user only in their jurisdiction.

β€’ user.update:all – Allows a user to update user details in any location.

β€’ user.update:my-jurisdiction – Allows a user to update user details only in their jurisdiction.

β€’ user.read:all – Allows a user to view any user’s audit page.

β€’ user.read:my-jurisdiction – Allows a user to view audit pages only in their jurisdiction.

β€’ user.read:my-office – Allows a user to view user audit pages in their office.

β€’ user.read:only-my-audit – Allows a user to view only their own audit page.

How to configure user roles & scopes? Learn how to define and assign appropriate permissions to different user roles in your system. 3.2 Mapping offices and user types

User roles & scopes in Farajaland? Learn how we mapped user roles and scopes to support and improve service delivery in Farajaland User roles

PreviousStatus Flow DiagramNextExamples

Last updated 3 months ago