|
| 1 | +OpenSPP IDPASS |
| 2 | +============== |
| 3 | + |
| 4 | +The OpenSPP Idpass module (technical name: ``spp_idpass``) provides OpenSPP with the capability to securely generate and manage digital identification passes for program registrants, streamlining beneficiary verification and access to social protection services. |
| 5 | + |
| 6 | +Purpose |
| 7 | +------- |
| 8 | + |
| 9 | +The OpenSPP Idpass module enables efficient and reliable identification of beneficiaries and groups through several key capabilities: |
| 10 | + |
| 11 | +- Automated ID Generation: automatically generates printable ID passes for individuals and groups by leveraging existing registrant data within OpenSPP. This reduces manual effort and ensures consistent identification documents. |
| 12 | +- Configurable ID Templates: administrators can define and manage multiple ID pass templates, each with customizable expiry rules and specific configurations for integration with external ID generation services. This offers flexibility for different program requirements. |
| 13 | +- Secure External Integration: integrates with external ID generation services through secure API calls, allowing OpenSPP to utilize specialized services for producing high-quality digital IDs, while ensuring data security. |
| 14 | +- Centralized ID Management: once generated, the ID pass is stored as a digital file on the registrant's record, and their identification profile is updated. This provides a centralized and verifiable source of identification for beneficiaries. |
| 15 | +- Group ID Issuance: supports issuing ID passes for groups, automatically identifying the principal recipient or head of the group to ensure accurate representation on the ID document. |
| 16 | + |
| 17 | +Dependencies and Integration |
| 18 | +---------------------------- |
| 19 | + |
| 20 | +The module integrates with core OpenSPP components and other registry modules: |
| 21 | + |
| 22 | +- Extends the ``res.partner`` model (from the ``base`` module and further enhanced by G2P Registry Base) to store the generated ID pass file and its filename directly on the registrant's profile. |
| 23 | +- Leverages registrant data managed by G2P Registry Base to populate the ID pass (names, birth details, gender) and integrates with ``g2p.id.type`` to categorize the generated ID pass as a specific type of identification and with ``g2p.reg.id`` to record the issued ID number. |
| 24 | +- For group IDs, uses relationships from the G2P Registry Membership module to correctly identify the "Head" or "Principal Recipient" whose details will appear on the group's ID. |
| 25 | + |
| 26 | +Additional Functionality |
| 27 | +------------------------ |
| 28 | + |
| 29 | +ID Pass Template Configuration |
| 30 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 31 | + |
| 32 | +Users can define and manage various "ID Pass Templates" within the module, allowing for flexible ID generation. Each template specifies: |
| 33 | + |
| 34 | +- An external API endpoint and authentication credentials (username, password) for secure communication with an ID generation service. |
| 35 | +- An optional authentication token URL to generate temporary access tokens, enhancing security. |
| 36 | +- The ID's expiry length (for example, 1 year, 6 months, or 30 days) and a unique filename prefix for generated PDF documents. |
| 37 | + |
| 38 | +Templates can be activated or deactivated to control which ID generation sources are currently in use. |
| 39 | + |
| 40 | +Automated ID Issuance for Registrants |
| 41 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 42 | + |
| 43 | +From a registrant's profile, users can initiate an "Issue ID Pass" wizard. The system automatically gathers relevant registrant data (such as names, birth information, gender, and profile picture) and securely transmits it to the configured external ID generation service. |
| 44 | + |
| 45 | +For groups, the module identifies the designated "Head" or "Principal Recipient" using data from the G2P Registry Membership module, ensuring their details are correctly used for the ID. Upon successful generation, the module stores the ID pass PDF directly on the registrant's record and updates their official ``g2p.reg.id`` with the new ID number. |
| 46 | + |
| 47 | +Protected Default ID Type |
| 48 | +~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 49 | + |
| 50 | +The module introduces a default "ID Pass" type within the ``g2p.id.type`` framework. This specific ID type is protected from accidental deletion or modification by users, ensuring that the core functionality for ID Pass generation remains stable and available for all programs. |
| 51 | + |
| 52 | +Secure API Communication |
| 53 | +~~~~~~~~~~~~~~~~~~~~~~~~ |
| 54 | + |
| 55 | +All communication with external ID generation APIs is handled securely. When required by the external service, the module can generate authentication tokens using the provided credentials. Robust error handling provides clear messages if the external service encounters issues, and all API requests include timeouts to prevent hangs. |
| 56 | + |
| 57 | +Conclusion |
| 58 | +---------- |
| 59 | + |
| 60 | +The OpenSPP Idpass module centralizes and automates the secure generation and management of digital identification passes, streamlining beneficiary identification and enhancing program delivery across social protection initiatives. |
| 61 | + |
0 commit comments