Backend security - Administrators highlights

Today only external applications will be granted access to openIMIS api. To manage this, administrator must be able to create, change and remove users as well as granting them access to identified functionalities (services).

User management in (sample) gateway

Please refer to github project README file to add/remove/change a user the authentication mechanism of the gateway.

User management in openIMIS backend

At the moment only core.TechnicalUsers are support (i.e. external applications and administrators).

The initial superuser must be created via the django createsuperuser script from within the backend docker running container (see instructions in openIMIS distribution README).

Once that user created (and registered in the gateway), the initial superuser can connect to django management console via the https://gateway/api/admin.

From there he can create new TechnicalUsers and groups to grant permissions to them: