Sunbird RC
v2.0.0
v2.0.0
  • Learn
    • Introduction
    • Sunbird RC Overview
      • Why do we need Sunbird RC?
      • Core Capabilities
      • Core Registry Verbs
      • Workflows
      • What Sunbird RC is and what it's not? (WIP)
      • Possibilities
      • Demo Links
    • Technical Overview
      • Registry
        • High-Level architecture
        • Technical Specification Draft
        • Tech Stack and Requirements
      • Credentialling
        • High-Level Architecture
        • Technical Specification Draft
        • Tech Stack and Requirements
    • Adopters
    • Roadmap
  • Use
    • Getting started
      • Pre-requisites
      • Install Sunbird-RC
    • Developer's Guide
      • Functional Registry
        • Installation Guide
          • Registry CLI
            • Setup A Registry Instance
          • Manual installation through docker-compose
          • Production setup through Helm
        • Working with Source Code
        • Configurations
          • Frontend Configurations
          • Frontend - Proxy configuration
          • Audit Configuration
          • Notifications Configuration
          • View Templates Configuration
        • Schema Setup
          • Introduction To Schemas
          • Creating Your Own Schemas
          • Schema Configuration
          • Create Schemas With Custom Password
        • Setup the Backend
        • Setup the Frontend
        • Backup and Restore
          • PostgreSQL
            • SQL Dump
            • File System Level Backup
            • Continuous Archiving and Point-in-Time Recovery (PITR)
          • Cassandra
            • Snapshot-based backup method
            • Incremental backup method
            • Data Restore
        • Generic Identity And Access Management
        • Metrics
        • Custom Keycloak Build
        • Custom QR Code design
        • VC Verification Module
      • Credentialling Services
        • Installation Guide
          • Run for development
          • Docker compose based
          • Helm based
        • Configurations
        • Working with the Vault
    • Integrations
      • SSO with existing systems
      • Digilocker Meripehchaan SSO
      • Digilocker Integration
    • Connectors
      • G2P Connect
      • Open ID for Verifiable Credentials (OID4VCI)
    • Release Notes
      • Registry
      • Credentialling
    • Admin Portal
      • Login
      • Get Started
        • Create Schema
        • Attestation Workflows (WIP)
        • VC Template
          • Custom VC Template (WIP)
        • Ownership (WIP)
        • Publish (WIP)
      • Dashboard
  • API Reference
    • Registry APIs
      • Registry
        • Using The APIs
        • Create An Entity
        • Invite An Entity
        • Generate token
        • Generate admin token
        • Get An Entity
        • Get An Entity By Id
        • Update An Entity
        • Create A Property Of An Entity
        • Update A Property Of An Entity
        • Revoke a Credential
        • Delete An Entity
      • Schema
        • Create Schema
        • Get Schema
        • Update Schema
        • Delete Schema
        • Publish A Schema
      • Attestation API
        • Raise An Attestation
        • Get Attestation Certificate
      • Claims API
        • Get All Claims
        • Get Claim by ID
        • Attest A Claim
      • Discovery API
        • Search An Entity
      • File Storage API
        • Upload A File
        • Get Uploaded File
        • Delete A File/ Multiple Files
      • Metrics APIs
        • Get Count
        • Get Aggregates
    • Credentialling APIs
      • Identity Service APIs
      • Credential Schema APIs
      • Credential Issuance APIs
    • Other APIs
      • Sign API
      • Verify API
      • Swagger JSON API
      • Health API
  • Reference Solutions for Functional Registries
    • Education
      • Education Ecosystem
        • Installation
      • Education Registries
        • Installation
        • User Guide
    • Health Registries
      • Organ Registries
        • Frontend Setup
        • Backend Setup
        • User Guide
      • Health Facility Registry
    • Govt to Person (G2P)
  • Reference Solutions for Digital Credentials
    • Certificate Issuance
      • Installation(WIP)
      • User Guide
    • eLocker
      • High Level Diagram
      • Installation (WIP)
        • Frontend Setup E-locker
      • User Guide
    • Vaccination Platform
    • Skills & Work Credentials
    • Unified Learners Passport (ULP)
      • ULP Capabilities
      • Example Scenario
      • Technical Components (WIP)
      • Demo/Sandbox Links (WIP)
      • Installation Guide (WIP)
        • Frontend Setup
        • Installation through docker-compose
        • Dummy records setup for refrence
  • Links
    • Source Code
    • Releases & Changelogs
    • Website
    • Roadmap
    • Reference links
    • Design
  • Community
    • Discussion Forum
    • Contributors
    • Contributing
    • Contribution Guidebook
    • Code of Conduct
    • Community Events
    • Status By Track
  • HELP
    • Roadmap
    • FAQs
    • Glossary
    • Guide to Electronic Registries and Verifiable Credentials
      • Verifiable Credentials
        • What issues will Verifiable Credentials address?
        • What are the key roles in Verifiable Credentials?
        • What are the components of Verifiable Credentials?
        • What are the benefits of Verifiable Credentials?
        • Digital Credentials vs Verifiable Credentials
        • QR code vs Verifiable QR code
        • Use Cases
      • Electronic Registries
        • Evolution of Electronic Registries
        • What issues will Electronic Registries address?
        • Benefits of Electronic Registries
        • Registry vs Database
        • Design Principles
        • Use Cases
      • Leveraging Existing data stores
    • External Open Source Software Attributions
Powered by GitBook

Copyright (c) 2023 EkStep Foundation under MIT License

On this page
  • Backend Setup
  • Other Services
Edit on GitHub
  1. Reference Solutions for Functional Registries
  2. Health Registries
  3. Organ Registries

Backend Setup

PreviousFrontend SetupNextUser Guide

Last updated 1 year ago

Backend Setup

Getting Code for Backend

Visit the following github url and clone the code. Navigate to demo-donor-registry folder

git clone https://github.com/Sunbird-RC/demo-donor-registry

Setting up a Registry Instance

Navigate into demo-donor-registry folder and run the following command

docker-compose up -d

This will start all the required services.

Setting up Keycloak

Once all the services are started, Go to the browser and open localhost:8080. This will open up the keycloak admin portal. Use username as admin and password as admin.

Once logged in, navigate to clients. Select admin-api. Go to the credentials tab and click on regenerate secret. Copy this secret. Create a .env file in the project repo and add KEYCLOAK_SECRET as a environment variable with the value of the secret in the following format

KEYCLOAK_SECRET=<copied_secret>

Again navigate to the keycloak homepage. Navigate to the Clients tab in the left subsection. Click on the Create button available on the right side of the screen. Enter client ID as donor-service. Client Protocol as openid-connect and click on save button.

This will create a new client named donor-service in keycloak. This will be used to communicate with the registry from the donor-service microservice.

Once the client is created, you will see the donor-service clients configurations. Change the access type to confidential and enable the toggle button for Service Accounts Enabled. Add appropriate redirect URL where you have hosted your UI

After the client configurations are saved, in the top tabs section you will see a credentials tab. Open that and copy the client secret present in that input box and add a environment variable in .env file as follows

SERVICE_ACCOUNT_CLIENT_SECRET=<copied_secret>

Recreate registry so that it reflects the keycloak secrets. This can be done using

docker-compose up -d –force-recreate –no-deps registry donor-service

Keycloak Configurations :-

If you want to enable sending sms with OTP, you will need to add following configurations

Environment Variable
Description

MOCK_OTP

Boolean which indicates whether actual message needs to be sent or dummy OTP of 1234 needs to be used

MESSAGE_TEMPLATE

OTP Message template

NOTIFICATION_SERVICE_URL

Notification Service url

REGISTER_URL

Donor registry UI Hosted URL

INVALID_USERNAME

Message to be sent to user if he is using incorrect Username or username is Not registered

VALID_OTP

Message for user to enter valid otp

INVALID_REGISTRATION

Message to be displayed to user for Abha number or mobile number not registered

OTP_MAX_RETRY_LIMIT

Number of attempts user can enter his OTP

MAX_RETRIES_LIMIT_MESSAGE

Message to be displayed to user after user fails to login in maximum number of login attempts

MAX_RESEND_TRIES

Number of attempts for user to get OTP

FORGOT_ABHA

Url which redirects user to recover his Abha number

Restart keycloak after changing any of the above ENV

docker-compose up -d –force-recreate –no-deps keycloak

If any service has not started you can recreate that service with the same command

docker-compose up -d –force-recreate –no-deps <service_name>

Other Services

  1. Donor Service

Following are the configurations needed for donor-service

Environment Variable
Description

ABHA_CLIENT_URL

API url to retrieve token to be used for abdm apis to create or access abha kyc information

CLIENT_ID

Client ID for abha kyc apis

CLIENT_SECRET

Client secret for abha kyc apis

REDIS_URL

Url to access redis

BASE_URL

ABHA Kyc Api base url

SERVICE_ACCOUNT_CLIENT_SECRET

Client secret for donor-service client id in keycloak

KEYCLOAK_URL

Url to access keycloak

REGISTRY_URL

Url to access Registry

EXPIRE_PROFILE

To Store the transactionId of esign in redis with Expiry. EXPIRE_PROFILE is a integer with this expiry time

ESIGN_ESP_URL

Esign Url

ESIGN_ESP_PDF_URL

Url to fetch the signed document

ESIGN_FORM_SIGN_URL

Url which opens up for esign’ing the document

NUMBER_OF_DIGITS

Number of digits which you want to use to create unique NOTTO-ID.

UNIQUE_ABHA_ENABLED

Boolean value if true, indicates you want to have one pledge per abha number

NOTIFICATION_SERVICE_URL

Notification url to be used to send out sms/emails

LOGIN_LINK

Login link to donor registry

INVITE_TEMPLATE_ID

Template ID for Sms to be sent out to donor when the donor has successfully pledged

NOTIFY_TEMPLATE_ID

Template ID for Sms to be sent out to the contact mentioned in the notification Details so that he knows the donor and who has successfully pledged

UPDATE_TEMPLATE_ID

Template ID for Sms to be sent out to donor when the donor has successfully edited the pledged

UNPLEDGE_TEMPLATE_ID

Template ID for Sms to be sent out to donor when the donor has successfully unpledged

LOG_LEVEL

Log level like info which will only print that logs

  1. Code ->

    Configs ->

    Signing Keys

    You can place your signing keys in the document in the path

    demo-donor-registry/imports/config.json. Based on the issuer’s name, the key will be picked in order to create signed credentials. Sample for the keys is as follows for scholarship as a issuer

  2. Technical ->

    Code ->

    Configs ->

  3. Technical ->

    Code ->

    Configs ->

  4. Certificate PDF Service

    This service will take a template as a pdf and return a pdf with the actual certificate.

    Technical ->

  5. Notification Service ->

    Used to send notifications

    Technical ->

SMPP_ENTITY_ID

Entity ID used to send out SMS

SMPP_PASSWORD

SMS API password

SMPP_SOURCE

Source with which SMS will be sent

SMPP_USER_NAME

SMS API Username

SMS_URL

SMS URL of provider

  1. Verification Service

Verification of credential refers to verifying the authenticity of the credential that the actor possesses. When a credential is issued, it is signed via issuers private key. This can then be verified by an issuer's public key which is made available to whoever is trying to verify the credentials. This is taken care by certificate-signer service. Certificate signer service provides an API which takes signed Credentials as input. From the issuer name, it fetches the public key of the issuer. Using this public key, the verifier verifies the authenticity of the credential.

You need to have access to sandbox environment of and you should have access to abdm APIs from this.

Sandbox environment will have the URL of .

Code -> Configs ->

Certificate signer ->

Notification service ->

Certificate/Presentation service ->

Code ->

Code -> Configs ->

Claims ->

Elastic Search ->

MinIO ->

Refer to API

https://healthid.abdm.gov.in
https://healthidsbx.abdm.gov.in/
https://github.com/Sunbird-RC/demo-donor-registry/tree/main/backend/donor-service
https://github.com/Sunbird-RC/sunbird-rc-core/tree/main/services/certificate-signer
https://docs.sunbirdrc.dev/developer-documentation/configuration#certificate-signer-service
https://github.com/Sunbird-RC/sunbird-rc-core/tree/main/services/notification-service
https://docs.sunbirdrc.dev/developer-documentation/configuration#notification-service
https://github.com/Sunbird-RC/sunbird-rc-core/tree/main/services/certificate-api
https://docs.sunbirdrc.dev/developer-documentation/configuration#certificate-api-service
https://github.com/Sunbird-RC/demo-donor-registry/tree/main/backend/certificate-pdf-service
https://github.com/Sunbird-RC/demo-donor-registry/tree/main/backend/notification-service
this
certificate-signer
notification-ms
certificate-api
Claim Service
Elastic Search
File storage