/
MOSIP → openIMIS Insuree Information Collection Workflows

MOSIP → openIMIS Insuree Information Collection Workflows

This page describes two workflows for collecting individual/insuree information from MOSIP into openIMIS during enrolment or beneficiary verification. Both workflows ensure secure and consent-based data sharing to strengthen identity assurance and reduce enrolment fraud.

 

Workflow 1: QR Code-Based Data Retrieval

https://openimis.atlassian.net/wiki/x/fQDECAE

Workflow 2: eSignet OAuth2-Based Authentication & Consent

https://openimis.atlassian.net/wiki/x/YwDFCAE

 

Security Considerations

  • All QR codes are digitally signed to prevent forgery.

  • eSignet OAuth2 flow enforces mutual TLS, short-lived tokens, and scope-limited data access.

  • Both workflows are compliant with GDPR-like privacy standards and the Digital Convergence Initiative (DCI).

Note on Workflow Adjustments

Due to time and budget constraints in the sandbox project, the community decided to prioritize Workflow 2. This approach provides more added value for individual verification, as the data shared by MOSIP is authenticated in real-time through eSignet with explicit user consent.

While Workflow 1 remains highly relevant for low-income countries with frequent internet and electricity constraints, Workflow 2 was selected for its stronger security posture and alignment with national-level identity assurance needs.

Did you encounter a problem or do you have a suggestion?

Please contact our Service Desk


This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/