# Auth Partner

## Overview

Below is the workflow that includes the registration process for an Auth or Credential partner and the steps that need to be followed for using the partner portal.

* The partner self-registers through the portal.
* Partner selects the relevant Policy Group.
* Partner admin uploads the CA certificate.
* Partner admin or partner uploads the partner certificate.
* Partner admin or Partner maps the Partner Policy.
* Partner admin approves or rejects partner policy mapping.
* Partner logins after the approval and generates the API key for the approved partner policy mapping using an unique label.

### Self-registration

* The Auth/ Credential partner can register themselves on MOSIP PMS portal by clicking **Register** on the landing page.
* They need to fill up a form with the details below:
  * First and Last name
  * Organization Name
  * Partner type (Authentication Partner/ Credential Partner)
  * Address, e-mail, phone number
  * Username and password

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-6ccb41f7d7daa8de349823e55e361ce42eb39feb%2Fauth-partner-self-register.PNG?alt=media\&token=6a11817d-eb42-4390-8384-23d396198ac8)

To view the details entered, click **Home** to see the dashboard.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-1ae524b80952dd91b7622fe4d507d28fde7d7129%2Fauth-partner-map-policy-page.PNG?alt=media\&token=8723c1b8-2d45-48c1-b0c1-2cc91d8a57cf)

### Policy Group mapping

On successful registration, the partner can see their username displayed on the top right corner.

1. Partner selects the relevant Policy Group from **Map Policy Group** dropdown.
2. Clicks **Save**.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-18ee6824cf53ceed03676ca276e20871fc56e200%2Fauth-partner-dashboard.PNG?alt=media\&token=f8c92280-6691-417f-b01a-3811e99c6746)

### Upload of Certificates

#### CA Certificate upload

The Partner admin needs to upload the CA certificate to enable the partner for using the portal. To do so, the Partner admin:

1. Clicks **Upload CA Certificate** option on the left navigation pane of the partner portal.
2. Selects the Partner Domain.
3. Chooses the certificate to upload (only files with extensions as .cer or .pem).
4. Clicks **Upload**.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-d84f2a04e051fa04c9f25cd4b15172ddca3398dc%2Fca-cert-data-upload.PNG?alt=media\&token=bc9a93b1-b6e5-41d3-8448-cf6346182a81)

![](https://github.com/mosip/documentation/blob/1.2.0/docs/_images/ca-cert-data-success.PNG)

The uploaded certificates can be viewed by clicking on `View Certificates-> View`.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-ac265bb062fee83c5591cc475e22c2cc9f284eb1%2Fauth-partner-view-cert.PNG?alt=media\&token=8c25d0dc-4af8-4b14-aa48-e61a408c2aff)

#### Partner Certificate upload

Similarly, the Partner certificates can be added by the Partner admin/ partner.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-c0f4589e40a00ef6d522d1b107fb02871992358a%2Fauth-partner-upload-cert-page1.PNG?alt=media\&token=d9b08d39-2cef-40d6-a28a-cb0dbab8e9bd)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-86d488d6441621a61a50c3f362980756a4758e0e%2Fauth-partner-upload-cert-page2.PNG?alt=media\&token=891bae0f-b47d-4a4b-9d3b-e8b83ade36ee)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-f24a5bac70ace0d1f26bee19f721ec67939df6b7%2Fauth-partner-upload-cert-success.PNG?alt=media\&token=6be1b7ca-cd82-4a63-8967-4528b9ae7594)

### Mapping policy to policy group

Once the certificates are uploaded,

1. Partner maps the policy to the Policy group by clicking on **Partner Policy Mapping -> +Map Policy**.
2. Partner enters the Partner Name.
3. Selects the Auth Policy Name from the dropdown.
4. Enters a value for the Request Details (unique value) and clicks **Save**.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-afbb2dbbb83c1782cee08f36468aad99a8487c09%2Fauth-partner-policy-mapping-default-page.PNG?alt=media\&token=3662dd2b-0fc0-4bdc-ab46-16f1b5626a31)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-c4e95482f8de73915158e2e2c428e54f776f2245%2Fauth-partner-policy-mapping-data.PNG?alt=media\&token=8c0b1131-a893-4ae3-a91a-97d9d82fc4c6)

* Once this is done, you will see a message saying `Policy mapping grequest submitted successfully`.
* Also, the status is displayed as "In progress" and this means that the partner cannot generate the API key until the request is approved by the Partner admin.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-5ca87a0a6616799bd3fcf503b4afe942267d9cad%2Fauth-partner-policy-mapping-request-success.PNG?alt=media\&token=2c2b68d2-65c4-49d9-ae28-2c41ed1c19a4)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-b82fa4a154bd95759c71b5eca791cb321687e795%2Fauth-partner-policy-mapping-page-view.PNG?alt=media\&token=f09a4956-b839-426c-8ece-a1a1647e9bd7)

### Approval/ Rejection of partner policy mapping

Once the Partner Policy Mapping request is raised by the partner, the Partner admin has the privilege to approve/ reject the mapping. To do so,

1. Partner admin logs into the PMS portal and clicks on `Partner Policy Mapping` in the left navigation pane.
2. Selects the policy mapping that needs an approval.
3. From the action menu against the policy mapping, selects **Manage Policy**.
4. Clicks **Approve**.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-8c2d460fcaee2c95b5c556b6a42f6fcfb7cb53b1%2Fpartner-admin-policy-mappings-view-policy.PNG?alt=media\&token=0b0485b5-c58f-424b-8809-fb56ac71066c)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-7228e04d3628ba1aea120427b232fc0012783568%2Fpartner-admin-policy-mappings-manage-policy.PNG?alt=media\&token=639f47ce-9a79-44b5-9225-db182015cf22)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-e849c5abe6e1fdf9815c6b6e355db4d8a2fc1942%2Fpartner-admin-policy-mappings-approve.PNG?alt=media\&token=89dc406a-b77c-409b-a549-5681f6c3f43e)

Once the request is approved, the partner can view the status being updated to `Approved` instead of `InProgress`.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-99d33f9200047f16695524a0e56729b6b7cc6fe3%2Fauth-partner-policy-mapping-data-approved.PNG?alt=media\&token=1bc0b50c-b93f-4c9a-9e9b-2bcab9e109fb)

### Generating the API Key

Partner logins after the Partner Policy Mapping is approved by the Partner admin and generates the API key with an unique label. To do so,

1. Partner clicks `Partner Policy Mapping` on the left navigation pane.
2. From the actions menu, click **Generate API Key**.
3. Partner enters a unique value for the `Label` field.
4. Click **Generate**.

The API key is generated and can be used by the partner.

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-692a095a7d39b47de167c8ca8e5766d06f44b17c%2Fauth-partner-generate-apikey-option.PNG?alt=media\&token=ff27a525-9c1e-4ac9-a934-22f393e42a88)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-3d6a938538cd0281ebc47c51d03ea8ec343cdb00%2Fauth-partner-generate-apikey-page.PNG?alt=media\&token=85c9fda6-cc5f-4e8c-bba8-0ab1962a1432)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-9de7957357e5c9d02d173afcc16f8fde117646f5%2Fauth-partner-genearted-apikeys-page.PNG?alt=media)

![](https://1836199994-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F4EyCrLbFom7vj7UcMIUZ%2Fuploads%2Fgit-blob-02da3ed82bd4730b73c5781b4f06cc4596223ef5%2Fauth-partner-generate-apikey-success.PNG?alt=media\&token=76c19cac-e3df-488f-915d-8d05e596ad82)

The partner can also deactivate a particular API Key by clicking on the cross-mark (X) next to it. Please note, once deactivated, it cannot be activated again. You may need to generate a new API key as per requirement.