What version of G2P Bridge should I use?

General
1

Hello Team, what version is the most stable to implement? Or should I say what version of the documentation should I use? I already tried setting up with multiple versions that is deployment ready in production but I always get stucked specially with keymanager errors. Sample case is when I test an endpoint in G2P Bridge API, I always get JWT Invalid error.

Thank you Team!

2

Hello Jeffrey,

G2P-Bridge package version - 3.0.0 is the latest package

This package will install openg2p-g2p-bridge-partner-api (v2.1.0), openg2p-g2p-bridge-celery-beat-producers (v2.1.0) and openg2p-g2p-bridge-celery-workers (v2.1.0)

Some questions for you - in order to enable us help you better

1. Where are you from? Which department are you working for?

2. What is the project that you are working for?

If you can share some insights into what you are trying, we can try and help you perhaps with more detailed responses.

Venky

3

Hello Venky,

Thank you for your response. For your questions

  1. I’m from Philippines, working for Department of Social Welfare and Development

  2. The project we are working on is a digital cash disbursement system for beneficiaries.

Our country doesn’t have an existing MOSIP implementation. Is MOSIP keymanager required for our setup? Or can we skip it?

4

Hello Jeffrey,

Keymanager is just a component from the MOSIP project. The OpenG2P platform installs the Keymanager service as part of the package installation.

In that sense, OpenG2P does not require a MOSIP installation in the country. We are not dependent on the overall MOSIP platform. We just use a component from that project.

You can view it as just another microservice.

The Keymanager service allows

  1. Generate Private Keys and Store these private Keys securely. We can use these Private Keys to sign data that we publish outside.

  2. Upload and Store Public Keys from external Partners - We can use these Public Keys to validate signatures of data that we get from external Partners.

In case of the G2P-Bridge use case that you have mentioned – we can imagine G2P-Bridge to receive

  1. Disbursement Instructions from other departments (benefit programs) - In this case, we can treat other departments as partners and we can validate their signatures in the API requests that we receive.

  2. G2P Bridge will have to send these disbursements as Payment Instructions to Sponsor Banks to effect the actual payments. In this scenario, you will need to sign the data using your own Private Key.

We use Keymanager to do these signature related functions.

Venky