Partners
Last updated
Was this helpful?
Last updated
Was this helpful?
The MOSIP platform requires integration with several other systems. Typically, a System Integrator (SI) would assemble all the pieces together to build a complete national ID solution. All entities that participate in providing the external components are called MOSIP Partners.
Authentication Partner
Entities that use MOSIP for authentication like banks, telecom, Govt. institutes etc.
Auth_Partner
Online Verification Partner
Online_Verification_Partner
Credential Partner
Provider of credentials like printed ID card, QR code etc. to residents
Credential_Partner
Device Partner
Provider of biometric devices that connect to registration client and authentication apps
Device_Provider
FTM Partner
FTM_Provider
Manual Adjudication Partner
Providers of Manual Adjudication Systems(MAS); enrollment data is shared with MAS
Manual_Adjudication
ABIS Partner
ABIS_Partner
MISP
MOSIP Infra Service Provider (MISP) provide network infrastructure/channel/pipe to various Authentication Partners to connect to the MOSIP system. Example, broadband service providers.
MISP_Partner
* Label: Reference in partner_type
table of mosip_pms
database.
Partner policies control the data that needs to be shared with a partner. The policies reside in auth_policy
table of mosip_pms
DB.
Auth policy
AP
Datashare policy
all partners except AP
Specifies data to be shared with partners
Refer to the default policies loaded while installing MOSIP.
Onboarding of a partner refers to registering a partner in a particular deployment of MOSIP. Partners need to be onboarded to establish trust. The onboarding process consists of loading partner details in database, exchanging certificates etc, detailed in the later sections. Such onboarding is required to be done on any fresh MOSIP installation. For instance, if you install a sandbox, you would need to follow the onboarding process for each partner.
The sections below describe onboarding process for each type of partner.
MISP should have a trusted X.509 certificate with chain of CA certificates.
MISP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (MISP_type
) (This functionality will be available on the portal in 1.2.x version of MOSIP)
MISP uploades all certificates.
MOSIP Admin generates MISP license key and provides to MISP.
Policy for the AP must be pre-defined (see Partner policies).
AP should have a trusted X.509 certificate with chain of CA certificates.
AP registers with MISP and obtains MISP license key (this steup is outside of MOSIP system).
The MISP used by AP should have been already onboarded on to MOSIP.
AP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (Auth_Partner
) etc.
AP uploades all certificates.
AP selects the policy group and policy. This request is sent to MOSIP Admin for approval.
On approval, AP generates API key that can be used along with MISP license key to interact with IDA system.
DP should have a trusted X.509 certificate with chain of CA certificates.
DP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (Device_Provider
) etc.
DP uploades all certificates.
Any approval from MOSIP? (TODO)
FTMP should have a trusted X.509 certificate with chain of CA certificates.
FTMP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (FTM_Provider
) etc.
FTMP uploades all certificates.
TODO
Datashare policy must be pre-defined (see Partner policies).
CP should have a trusted X.509 certificate with chain of CA certificates.
CP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (Credential_Partner
) etc.
CP uploades all certificates.
CP selects the policy group and policy.
CP maps policy to one of the supported credential types.
CP adds biometric extractors for the policy.
Datashare policy must be pre-defined (see Partner policies).
OVP should have a trusted X.509 certificate with chain of CA certificates.
OVP self-registers on PMS portal providing partner id, name, organisation name (same as in certificate), partner type (Credential_Partner
) etc. (Using APIs, as OVP support on PMS Portal is available in later version of MOSIP.)
OVP uploades all certificates.
OVP selects the policy group and policy.
OVP maps policy to auth
credential type.
OVP adds biometric extractors for the policy.
The MOSIP Partner Programme (MPP) was initiated to help stakeholders connect with MOSIP, and become part of an ecosystem invested in building foundational digital ID systems that are trustworthy, secure, efficient, and interoperable, while being customised to specific needs.
Refer MPP document here for further details.
Refer Partner Management Services.
Authorised and entrusted partners who host module to provide authentication service to various partners. Even MOSIPs IDA module an is an Online Verification Partner.
Providers of compatible integrated in biometric devices
Provider of
Specifies and fields to be shared during authentication.