# 4.2.3.1 Prepare source file for employees ### 👥 Setting Up Employees #### 🧪 Test Employees (Development & QA) Prepare a file named [**`default-employees.csv`**](https://github.com/opencrvs/opencrvs-countryconfig/blob/develop/src/data-seeding/employees/source/default-employees.csv).\ This file contains all the **test employees** who should have initial access to your **development**, **staging**, or **QA** OpenCRVS environments. In these non-production environments: * Users are created in an **active** state. * They are **not required** to: * Change their password on first login * Set up reset-authentication security questions * QA users can always log in using the test **2FA code**: ``` 000000 ``` This setup allows your team to perform end-to-end testing quickly without authentication friction. *** #### 🏛️ Production Employee Prepare a separate file named [**`prod-employees.csv`**](https://github.com/opencrvs/opencrvs-countryconfig/blob/develop/src/data-seeding/employees/source/prod-employees.csv).\ This file should contain **only one user**: * The **National System Administrator** In production: * This user is created in a **pending** state. * On first login they must: * Change their password * Set up reset-authentication security questions * **2FA codes are delivered via email**, not bypassed. * The CSV password for this user is a **temporary one**. After the National System Administrator logs in for the first time, they are responsible for creating all other production users. When creating users in production: * OpenCRVS generates **random, one-time passwords** * New users receive these credentials via **email invitation** * Each user must change their password on first login *** ### 📄 CSV Format Explained Use the Farajaland [`default-employees.csv`](https://github.com/opencrvs/opencrvs-countryconfig/blob/develop/src/data-seeding/employees/source/default-employees.csv) file as a reference. #### Important rules: * **Do not modify** the header row — the import code depends on those exact column names. * **Do not use commas** in any cell. * **Do not include empty rows**. * Each CSV row represents **one unique user** in your country. #### Column details: | Column | Description | | ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | | **primaryOfficeId** | The office id in your crvs-facilities.csv row associated with the office where the user works. | | **givenNames** | The user’s first and middle names, separated by spaces. | | **familyName** | The user’s family name(s), separated by spaces. | | **role** | Must match a role ID defined in your custom roles & scopes configuration. | | **mobile** | Mobile number with country code. Must match the phone number regex you plan to enforce. (Optional if SMS/phone is not used.) | | **username** | A unique username for login. | | **email** | A valid email address for password resets and 2FA. | | **password** | Initial login password. Test users log in directly; production users must change this immediately. | *** ### ✍️ Digital Signatures Some users — usually **civil registrars** — may have their signature printed digitally on certificates. You can upload a signature image at any time by editing the user in the **Team** section of the OpenCRVS UI. #### Preparing signature files: * Use a **transparent PNG** for best results. * If you need a PNG editor, free online tools can help you: * Remove backgrounds * Export a transparent PNG