Bahmni 0.93 is implemented across multiple healthcare facilities on the same server, allowing different facilities to log in from a shared instance. I want to restrict users so they can only log in from their assigned facility.
For example, if a user belongs to “ABC Facility Center,” they should only be able to log in from ABC Facility Center and not from “DEF Facility Center” or any other facility.
How can I enforce this restriction? cc. @sanjayap @mohant @rijan17 @angshuonline @rahu1ramesh
@santosh I assume that ABC Facility Center / DEF Facility Center are configured as locations in your implementation ?
If yes, then with latest releases of Bahmni Standard, there is a feature to assign locations to providers. The login will be a two step flow, where credential authentication happens and then based on the user, the locations will be displayed. This feature is not available on 0.93
If you have multiple Bahmni Instances running, then you need to figure out restrictions using some sort of IP whitelisting.
We have developed a feature that maps the facility center based on the user and exposes the data through the OpenMRS API. Later, access is restricted using the default location UUID stored in the Bahmni cookies. Thank you @mohant
Hello everyone,
Just sharing a quick update from our implementation. We have successfully developed a custom mechanism to map users to specific facilities, where access is restricted so that a user can log in only from their predefined facility.
In addition, we have completed the implementation of telemedicine email notifications, where doctors are automatically notified via email based on appointment or telemedicine events.
If anyone is interested, I’d be happy to share implementation details, approach, or lessons learned in this thread.
Hope the community finds this useful. @akhilmalhotra @angshuonline
Hi Santosh, looks interesting, did you also have some custom patient restriction, like restricting users to specific patients, may be registered by them. Interested to know, what is use case for restricting user to specific location.
Hi @horaira yes, we have also implemented patient-level restrictions. Patients are visible only within the facility from which they were registered, and access is limited to users logged in under that specific location.
@santosh would love to have it on our PAT call agenda tomorrow.
Have you also developed a referral workflow to avoid duplicate patient records in case the patients need to be referred to a different facility?
@akhilmalhotra Currently, each user is mapped to a specific facility, which is derived from the selected location.
Login is allowed only if all three parameters match: username, password, and facility. If any one of these does not match, the user cannot log in.
During patient registration, the user can select a facility to which the patient record should be sent.
A patient is visible only in the facility where they are registered and the facility to which they are sent.
For now, patients are not visible in any other facilities. This is the current scope of the implementation.