4.2.3.1 Prepare source file for employees

Previous4.2.4 Set up employees & roles for testing or production Next4.2.3.2 Configure role titles

4.2.3.1 Prepare source file for employees

Testing employees

Prepare your source file. This is a file for every test employee who will have initial access to OpenCRVS.

In development or QA environments, these users will be created in an "active" state and will not be required to change their password nor be required to set up reset authentication credentials security questions when logging in. This makes the quality assurance process easier. In development/staging and QA environments, all of these users will be able to submit a test 2FA code of six zeros: "000000" when logging in.

Production employees

Prepare your source file. This is a file for one National System Administrator employee who will have initial access to OpenCRVS.

In production environments, this users will be created in an "pending" state and will be immediately required to change their password on first login, and required to set up reset authentication credentials security questions when logging in. 2FA codes will be delivered to the users' email address.

All of these users will be able to sign in to OpenCRVS initially with the password as documented in the csv.

The National System Admin user csv password is a temporary password and the National System Admin is required to change it on first login, after your first deployment to production.

In production, the National System Administrator user will use the OpenCRVS UI to create all other users. When creating users in production through the OpenCRVS UI, the system generates random, unique, one-time passwords for all new users and they receive these passswords in an email invite. After first login, each user is required to change their password.

CSV format explained

Using our file as an example, you can create employees with all possible roles to quality assure your OpenCRVS instance, or just a single National System Admin role. Our deafult-employees.csv file looks like this:

primaryOfficeId

givenNames

familyName

systemRole

role

mobile

username

password

CRVS_OFFICE_JWMRGwDBXK

Kalusha

Bwalya

FIELD_AGENT

Social Worker

0911111111

k.bwalya

kalushabwalya@gmail.com

test

CRVS_OFFICE_JWMRGwDBXK

Felix

Katongo

REGISTRATION_AGENT

Registration Agent

0922222222

f.katongo

felixkatongo@gmail.com

test

CRVS_OFFICE_JWMRGwDBXK

Kennedy

Mweene

LOCAL_REGISTRAR

Local Registrar

0933333333

k.mweene

kennedymweene@gmail.com

test

Do not change or re-format the header row as the code requires these names to be precise in order to parse the csv. Do not use commas in any cell and do not have any empty rows.

Each row will represent a unique "user" in your country.
The primaryOfficeId column is the identifier for the civil registration office where the user will be located. Notice that the format is "CRVS_OFFICE_<office id>". For example, all of these users aove will be created in Ibombo District Office
The givenNames column must be the users' first names separated by using a space.
The familyName column must be the users' first names separated by using a space.
The systemRole column must be set to one of the following supported system roles only, and this defines user permissions:

FIELD_AGENT

REGISTRATION_AGENT

LOCAL_REGISTRAR

LOCAL_SYSTEM_ADMIN

NATIONAL_SYSTEM_ADMIN

NATIONAL_REGISTRAR

PERFORMANCE_MANAGEMENT

The role column can be any text value to represent the public facing role title for this individual. Role title configuration is explained in the next section.
The mobile column must contain a mobile number without your country code. Ensure that the mobile number validates using whatever phone number regular expression that you intend to use when configuring application settings later. You can ignore this if you are not using phone numbers as a method of communication.
The username column must be a unique username that the user will use to authenticate with when logging in.
The email column must contain a valid email address
The password column will be the password used for initial login. Refer to the note above.

Digital signatures

You can upload transparent PNGs to use for any user's signature at any time by editing the user in the "Team" section of OpenCRVS UI.

Previous4.2.4 Set up employees & roles for testing or production Next4.2.3.2 Configure role titles

Testing employees

Prepare your source file. This is a file for every test employee who will have initial access to OpenCRVS.

Production employees

Prepare your source file. This is a file for one National System Administrator employee who will have initial access to OpenCRVS.

All of these users will be able to sign in to OpenCRVS initially with the password as documented in the csv.

The National System Admin user csv password is a temporary password and the National System Admin is required to change it on first login, after your first deployment to production.

CSV format explained

primaryOfficeId

givenNames

familyName

systemRole

role

mobile

username

password

CRVS_OFFICE_JWMRGwDBXK

Kalusha

Bwalya

FIELD_AGENT

Social Worker

0911111111

k.bwalya

kalushabwalya@gmail.com

test

CRVS_OFFICE_JWMRGwDBXK

Felix

Katongo

REGISTRATION_AGENT

Registration Agent

0922222222

f.katongo

felixkatongo@gmail.com

test

CRVS_OFFICE_JWMRGwDBXK

Kennedy

Mweene

LOCAL_REGISTRAR

Local Registrar

0933333333

k.mweene

kennedymweene@gmail.com

test

Do not change or re-format the header row as the code requires these names to be precise in order to parse the csv. Do not use commas in any cell and do not have any empty rows.

Each row will represent a unique "user" in your country.
The primaryOfficeId column is the identifier for the civil registration office where the user will be located. Notice that the format is "CRVS_OFFICE_<office id>". For example, all of these users aove will be created in Ibombo District Office
The givenNames column must be the users' first names separated by using a space.
The familyName column must be the users' first names separated by using a space.
The systemRole column must be set to one of the following supported system roles only, and this defines user permissions:

FIELD_AGENT

REGISTRATION_AGENT

LOCAL_REGISTRAR

LOCAL_SYSTEM_ADMIN

NATIONAL_SYSTEM_ADMIN

NATIONAL_REGISTRAR

PERFORMANCE_MANAGEMENT

The role column can be any text value to represent the public facing role title for this individual. Role title configuration is explained in the next section.
The mobile column must contain a mobile number without your country code. Ensure that the mobile number validates using whatever phone number regular expression that you intend to use when configuring application settings later. You can ignore this if you are not using phone numbers as a method of communication.
The username column must be a unique username that the user will use to authenticate with when logging in.
The email column must contain a valid email address
The password column will be the password used for initial login. Refer to the note above.

Digital signatures

It is configurable that some users have their signatures digitally printed onto certificates. Usually this is the case for LOCAL_REGISTRAR or NATIONAL_REGISTRAR user types. can be used to create a transparent PNG if you do not have access to any other image editing software. There are many free websites you can find to convert a PNG image file to base64 text, such as .

You can upload transparent PNGs to use for any user's signature at any time by editing the user in the "Team" section of OpenCRVS UI.