OpenLMIS Technology

The purpose of this documentation is to provide a high level overview of the technology that is behind OpenLMIS. This could be useful for explaining to non-technical audiences what technologies are used/required to support certain functions.


  • Security Features
    •  OpenLMIS 3 uses the OAuth2 industry standard and runs on HTTPS (SSL). This provides secure authentication and allows integration with other systems in a single sign-on environment. It also uses role-based access control so that user accounts can be assigned granular access to data by program, facility, and role.
  • System Availability
    • OpenLMIS runs using Docker so that it can be hosted in the cloud or on local, in-country servers. Cloud hosting, such as Amazon AWS, will provide a high level of up-time and availability. On Amazon AWS, the OpenLMIS system will only have down times during AWS outages or when upgrades or maintenance are occurring (which should be pre-scheduled with notice to end users). Overall, availability will be determined by the hosting provider and the hosting package selected, not by the OpenLMIS software itself.
  • Applications and Platforms needed on the Hosting Agent 
    •  The Tech Requirements are here: https://github.com/OpenLMIS/openlmis-ref-distro
    • Overall, OpenLMIS can run on any server environment that has Docker. Linux platforms (such as Ubuntu) are able to host OpenLMIS; Windows and Mac are also possible using Docker. Cloud services are recommended, and we specifically have experience with Amazon AWS including high data reliability with RDS and with Elastic Load Balancers (ELB).
    • In order to send notification emails, an email server (SMTP) is required.
  • Audit Trail information (Current details of what is tracked and details of how it can be accessed, if necessary level of effort to add these functionality)
    • Requisitions (including dates, who approved them, all the statuses they moved through, all the values and edits at each step)
    • Facilities
    • To turn on audit logging for additional data in OpenLMIS, some programming effort is required. This can be added to the core product as a Pull Request (the core team is glad to provide guidance to achieve this.)
  • Data Integrity of system (Safe guards put in place for data integrity both legacy and new data)
    •  Data is only available for viewing and editing by authorized users. The APIs all perform security checks so that only authorized users can alter data. Key data elements (such as all Requisition data) are also saved with Audit Logging so that previous versions and the changes each person made can be audited and inspected.
  • Open LMIS Offline Architecture
    • OpenLMIS provides offline data management for Requisitions currently, and other offline features, such as Stock Management, are on the roadmap for upcoming versions. The Offline architecture uses web browser technology to “install” the OpenLMIS application into a user’s web browser (using app cache technology). They can open and use the application without internet connectivity to fill out and edit Requisitions. Once the user has internet access again, they can sync their work with the OpenLMIS server.