4.2.3.1 Prepare source file for employees
Testing employees
Prepare your default-employees.csv source file. This is a csv file for every test employee who will have initial access to OpenCRVS.
In development or QA environments, these users will be created in an "active" state and will not be required to change their password nor be required to set up reset authentication credentials security questions when logging in. This makes the quality assurance process easier. In development/staging and QA environments, all of these users will be able to submit a test 2FA code of six zeros: "000000" when logging in.
Production employees
Prepare your prod-employees.csv source file. This is a csv file for one National System Administrator employee who will have initial access to OpenCRVS.
In production environments, this users will be created in an "pending" state and will be immediately required to change their password on first login, and required to set up reset authentication credentials security questions when logging in. 2FA codes will be delivered to the users' email address.
All of these users will be able to sign in to OpenCRVS initially with the password as documented in the csv.
The National System Admin user csv password is a temporary password and the National System Admin is required to change it on first login, after your first deployment to production.
In production, the National System Administrator user will use the OpenCRVS UI to create all other users. When creating users in production through the OpenCRVS UI, the system generates random, unique, one-time passwords for all new users and they receive these passswords in an email invite. After first login, each user is required to change their password.
CSV format explained
Using our default-employees.csv file as an example, you can create employees with all possible roles to quality assure your OpenCRVS instance, or just a single National System Admin role. Our deafult-employees.csv file looks like this:
| primaryOfficeId | givenNames | familyName | systemRole | role | mobile | username | password | |
|---|---|---|---|---|---|---|---|---|
CRVS_OFFICE_JWMRGwDBXK | Kalusha | Bwalya | FIELD_AGENT | Social Worker | 0911111111 | k.bwalya | kalushabwalya@gmail.com | test |
CRVS_OFFICE_JWMRGwDBXK | Felix | Katongo | REGISTRATION_AGENT | Registration Agent | 0922222222 | f.katongo | felixkatongo@gmail.com | test |
CRVS_OFFICE_JWMRGwDBXK | Kennedy | Mweene | LOCAL_REGISTRAR | Local Registrar | 0933333333 | k.mweene | kennedymweene@gmail.com | test |
Do not change or re-format the header row as the code requires these names to be precise in order to parse the csv. Do not use commas in any cell and do not have any empty rows.
Each row will represent a unique "user" in your country.
The primaryOfficeId column is the identifier for the civil registration office where the user will be located. Notice that the format is "CRVS_OFFICE_<office id>". For example, all of these users aove will be created in Ibombo District Office
The givenNames column must be the users' first names separated by using a space.
The familyName column must be the users' first names separated by using a space.
The systemRole column must be set to one of the following supported system roles only, and this defines user permissions:
FIELD_AGENT
REGISTRATION_AGENT
LOCAL_REGISTRAR
LOCAL_SYSTEM_ADMIN
NATIONAL_SYSTEM_ADMIN
NATIONAL_REGISTRAR
PERFORMANCE_MANAGEMENT
The role column can be any text value to represent the public facing role title for this individual. Role title configuration is explained in the next section.
The mobile column must contain a mobile number without your country code. Ensure that the mobile number validates using whatever phone number regular expression that you intend to use when configuring application settings later. You can ignore this if you are not using phone numbers as a method of communication.
The username column must be a unique username that the user will use to authenticate with when logging in.
The email column must contain a valid email address
The password column will be the password used for initial login. Refer to the note above.
Digital signatures
It is configurable that some users have their signatures digitally printed onto certificates. Usually this is the case for LOCAL_REGISTRAR or NATIONAL_REGISTRAR user types. This website can be used to create a transparent PNG if you do not have access to any other image editing software. There are many free websites you can find to convert a PNG image file to base64 text, such as this one.
You can upload transparent PNGs to use for any user's signature at any time by editing the user in the "Team" section of OpenCRVS UI.
Last updated