Admin Portal User Guide

Overview

Admin application is a web-based application used by a privileged group of administrative personnel to manage various master data. The various resources that can be managed by an Admin are:

1. Center (registration centers)

2. Device

3. Machine

4. Users (Admin, registration staff)

Along with the resource and data management, the admin can generate master keys, check registration status, retrieve lost RID, resume processing of paused packets.

To get started with using the Admin portal, an admin user must be assigned to a zone.

First Admin user

1. Setup of hierarchial zones

2. Create Admin roles in KeyCloak

3. Create first admin user in KeyCloak

4. Assign first user to root zone

The above are done automatically as part of default sandbox installation.

Login

1. Select the preferred language.

2. Login with KeyCloak credentials.

Actions

1. Map the other users(admins/registration operators/supervisors) to respective zones

2. Create centers and assign the users to a particular center

3. Highly recommended: Ensure to revoke the first super user's zone mapping and role after first user actions are completed.

Admin roles and their default accessibility matrix

• GLOBAL_ADMIN

• ZONAL_ADMIN

• REGISTRATION_ADMIN

• MASTERDATA_ADMIN

• KEY_MAKER

GLOBAL_ADMIN	ZONAL_ADMIN	REGISTRATION_ADMIN	MASTERDATA_ADMIN	KEY_MAKER
Centers	Devices	Packet Status	All Master Data	GenerateMasterKey
User Zone Mapping	Machines	Pause/ Resume RID	Bulk Upload
All Master Data	User Zone Mapping	Retrieve Lost RID	GenerateCSR
Bulk Upload	User Center Mapping	Packet Upload	GetCertificate
GenerateCSR	All Master Data	UploadCertificate
GetCertificate	Bulk Upload	UploadOtherDomainCertificate
UploadCertificate	GenerateCSR
UploadOtherDomainCertificate	UploadCertificate
	UploadOtherDomainCertificate

Center

• This portal allows an Admin to view, create, edit, activate, deactivate and decommission registration centers.

• An Admin can manage only centers under their administrative zones.

The administrator can filter the list of registration centers based on parameters like Center name, Center type, Status, Location code.

• The system does not fetch the details of decommissioned registration centers but only active and inactive centers are displayed.

• If the admin does not find a center, they can click the Center not available in logged in language button. Clicking on this button, displays the list of centers that are already created in other languages. On selecting a particular center, the information will be auto-populated in the Create page and be made available to the admin for modifications.

• Language specific fields can be modified to create a center with the currently logged in language.

Create center

• A center is created with multiple attributes and is mapped to the administrative zone that it belongs to.

• A center can only be mapped to the configured location hierarchy level.

• While defining centers, an admin can also define the working days of the week for a center and any exceptional holidays that might be applicable for a particular center.

Update center

• An admin can update a center even after it has been created. The updates can include adding the details that were missed during creation of the center or changing the details of a center as required.

• To update, click the Edit option from the Actions menu against a center name.

Note- Updates made to language specific fields updates data only for that language in the database while updates made to non-language dependent fields updates data against all the language entries for that center.

Activate/deactivate/decommission center

• Select the Deactivate/Decommission option from the Actions menu against the center.

• Activation/Deactivation/Decommission of a center in one language will be applied to the same center created in all the languages.

To know more, refer Activate/deactivate/decommission resources

Devices

• Using this portal, an admin can manage the devices a country will use for registering residents like devices used for bio-metric capture (Fingerprint, Iris, Web camera, etc.), printers, scanners.

• This portal allows an Admin to view, create, edit, activate, deactivate and decommission registration centers.

• The admin portal allows an admin to view the list of all the devices available in the jurisdiction of their administrative zone.

• The system does not fetch the details of decommissioned devices but only the active and inactive devices.

Note- Device entity is language agnostic(independent of languages).

The Admin can filter the list of Registration centers based on parameters like Device Name, Mac Address, Serial Number, Status, Map Status, Device Type, Device Spec ID.

Create devices

A Device can be created with the multiple attributes and be mapped to the Administrative Zone it belongs to.

Update devices

• An admin can update missing information or change device details even after it is created.

• To update, click the Edit option from the Actions menu against a device.

Activate/deactivate/decommission device

Select the Deactivate/Decommission option from the Actions menu against the device.

Map/un-map/re-map device to a center

• Admin portal allows an Admin to map/un-map each device to a center.

• This mapping specifies as to which center the device will be used in.

• A device can only be mapped to a center which belongs under the device’s Administrative Zone.

• To do so, select the device and choose a Center Name from the dropdowm.

Machines

• Admin portal allows an administrator to manage the machines a country will use for registering residents.

• This portal allows an Admin to view, create, edit, activate, deactivate and decommission machines.

• The admin portal allows an admin to view the list of all the machines available in the jurisdiction of their administrative zone.

• The system does not fetch the details of decommissioned machines but only shows the active and inactive machines.

The administrator can filter the list of machines based on parameters like Machine name, Mac address, Serial number, Status, Machine type.

Create machines

• A machine can be created with the attributes like Machine ID, machine name, mac address, serial number, machine spec ID and administrative zone the machine belongs to.

• While entering data through UI in multiple languages, the dropdown values and numeric values entered in primary language gets automatically captured in all language.

• But the text fields (e.g., machine name) needs to be manually input in all the languages. A machine can be mapped to the administrative zone which is at the any zonal hierarchy.

Update machines

• An admin can update missing details or make changes to machine details even after it is created.

• To update, click the Edit option from the Actions menu against a machine.

Note- Updates made to language specific fields updates data only for that language in the database while updates made to non-language dependent fileds updates data against all the language entries for that center.

Activate/deactivate/decommission machine

An admin can deactivate or decommission a machine through the admin portal.

Map/un-map/re-map machine to a center

• Admin portal allows an Admin to map/un-map each machine to a center.

• This mapping specifies as to which center the machine will be used in.

• A machine can only be mapped to a center which belongs under the machine’s Administrative Zone.

• To do so, select the machine and choose a Center Name from the dropdowm.

Users

• MOSIP uses Keycloak as an IAM (Identity access management tool) for managing Users. These users are internal users of MOSIP including Registration Officers, Registration Supervisors, Zonal Admins, Global Admins etc.

• using this portal, an Admin can map the users to a zone and a center.

User Zone Mapping

• Once the user is created in KeyCloak, they need to be mapped to a zone to get access to specific information available in that zone.

• Admin portal allows an admin to map users to a zone. This mapping specifies as to which zone the user will belong to.

• A user can only be mapped to a zone which belongs under the user’s Administrative Zone.

• A user can later be un-mapped from the zone in case a user needs to be moved to another zone. In such cases, the user will later need to be mapped to the new zone. Below image displays the list of users that are mapped to a zone.

Map/Un-map/re-map user to a zone

To map a user to a zone,

1. Click Resources-> User Zone mapping

2. Click +Map Zone

3. Select the User Name, Administrative Zone from the dropdown.

4. Click Save.

To re-map a user to a zone,

1. Click Resources-> User Zone mapping

2. Select Remap from the Actions menu against the mapped user.

3. Update the User Name/ Administrative Zone from the dropdown.

4. Click Save.

Note- If the center is already mapped, the admin needs to unmap the center to remap the zone.

User Center Mapping

• Once the user is mapped to a zone, they will be listed in the screen below. Now, the user will be mapped to a center to be able to manage their assigned center.

• Admin portal allows an admin to map users to a center. This mapping specifies as to which center the user will be used in.

• A user can only be mapped to a center which belongs under the user’s Administrative Zone.

• A user can later be un-mapped from the Center in cases where a User is needed to be moved to another Center. In such cases, the user will later need to be mapped to the new center. In case the user is required to be mapped to a Registration center outside the Administrative Zonal restriction, the Administrative Zone of the user must be changed.

Map/un-map/re-map user to a registration center

To map a user to a center,

1. Click Resources-> User Center Mapping

2. Select Map from the Actions menu against the mapped user.

3. Select the Center Name from the dropdown against the User Name, Administrative Zone.

4. Click Save.

Packet status (based on RID)

• A Registration packet generated in Registration client is sent to Registration Processor for further processing and UIN generation.

• Using this Portal, A Registration Admin can view the status of a packet by entering the RID of the packet.

• The packet status will contain all the stages the packet has passed through along with the last stage the packet is in.

• In case the packet has not been processed or is marked for Re-Send/Re-Register, the admin will be able to view specific comments indicating the reason for that particular status.

Pause/Resume RID

• The Registration Admin has the privilege to view the registration packets that are in a paused state.

• Admin can use this portal to resume or reject paused packets. They would have 3 options:

  • Resume processing (from where it was paused)

  • Resume from the beginning

  • Reject

Once processing of a packet is resumed, it will be removed from this list

Retrieve lost RID

• The Registration Admin can use this feature to retrieve lost RID.

• For instance, if the resident did not provide any valid email and/or phone number and has lost the RID slip received during the registration, in order to find their RID details, the resident contact MOSIP helpline and share details such as name, centre name, registration date and postal code to the admin, who will use the lost RID feature and try to retrieve the RID number.

A few filters may be applied to retrieve the RID.

Note: This feature is currently under development.

Master Data

• Admin portal allows an Admin to manage the Masterdata applicable for a country.

• These data includes list of Genders, list of Holidays, Templates, Center Types, Machine Types etc.

To know more, refer to Master Data guide.

Bulk upload

• If a country decides to uplaod the data through the .csv files, they could use this feature to upload the existing data into the MOSIP platform.

• The listing screen displays the uploaded data transaction information.

• As the information inside .csv files may be huge, it would go through the batch job to process the information and store it in the tables. Also, it may take time to get unique transaction ID against the particular action.

Master Data

To upload Master data using Admin portal,

1. Go to Bulk Upload > Master Data

2. On the master data dashboard, click Upload Data.

3. Select the operation (insert/update/delete)

4. Select the table name into which the data needs to be uploaded into.

5. Click Choose file to select the data and click Upload

To view the format for inserting data in a particular table, click on the Download icon. A CSV file gets downloaded in which the first row represents the column names and the rest of the rows are the data which will be inserted into the table(sample).

Packets

To upload packets using Admin portal,

1. Go to Bulk Upload > Packets

2. On the packet upload dashboard, click Upload Packet.

3. Select the following from the dropdown:

   • Center name

   • Source (currently displays Registration Client)

   • Process (New, Update UIN, Lost, Biometric correction)

   • Supervisor status (Approved/Rejected)

4. Click Choose file to select the packets and click Upload.

For uploading the packets through the Admin portal, ensure that the packets are available in the machine or the external hard disk connected from where the Admin Portal is being used.

KeyManager

• The admin user can manage the key using this feature.

GenerateMasterKey

GenerateCSR

GetCertificate

UploadCertificate

UploadOtherDomainCertificate