openspp.orgWhat's new in OpenSPP v2
Contents
What's new in OpenSPP v2#
For: All audiences
OpenSPP v2 is a major platform evolution bringing modern architecture, enhanced security, and powerful new features for social protection programs.
Executive summary#
Area |
What's new |
|---|---|
Foundation |
Odoo 19 with improved performance |
Architecture |
Unified |
API |
REST API V2 with OAuth 2.0 and bundle transactions |
Standards |
DCI integration, W3C Verifiable Credentials |
Security |
Data classification, PII encryption, field-level access |
Configuration |
OpenSPP Studio for no-code customization |
Data management |
Configuration-driven change requests, enhanced event tracking |
Grievances |
Built-in GRM module for complaints and appeals |
Platform changes#
Odoo 19 upgrade#
OpenSPP v2 runs on Odoo 19:
Performance: 2-3x faster database queries with PostgreSQL 17/18
UI/UX: Modern interface with improved mobile support
Security: Updated cryptography and security patches
Requirements: Python 3.11+, PostgreSQL 12+ (17/18 recommended)
New namespace#
All modules now use the unified spp.* namespace.
Before |
After |
|---|---|
Mixed |
Everything is |
Unclear ownership |
Clear OpenSPP identity |
Migration: Automatic database scripts handle the rename. External integrations need to update model references from g2p.* to spp.*.
New features#
API v2#
A complete API redesign using FastAPI and FHIR-inspired patterns:
External identifiers only: Never exposes database IDs
Consent-based filtering: Field-level access based on user consent
Bundle transactions: Atomic multi-operation requests
OAuth 2.0: JWT tokens with scoped access
Performance: <100ms for single reads, <500ms for 100-result searches
DCI compliance#
Native Digital Convergence Initiative (DCI) integration for government interoperability:
Social Registry Server: Expose beneficiary data to MIS systems
CRVS Client: Import birth/death events from civil registration
IBR Client: Check enrollment in other programs (prevent duplication)
Federated Lookups: Query other social registries
Verifiable credentials#
Issue cryptographically verifiable credentials for beneficiaries:
Credential type |
Purpose |
|---|---|
Entitlement |
Prove benefit eligibility |
Program membership |
Prove enrollment |
Profile/identity |
Prove identity |
Features selective disclosure (holder chooses what to reveal), offline verification, and efficient revocation checking.
OpenSPP Studio#
No-code configuration for implementers who work with tools like KoBoToolbox:
Registry field builder: Add custom fields without developers
Event type designer: Create event types, import from Kobo
Change request builder: Define modification workflows
Eligibility rule builder: Visual criteria, auto-generates CEL
See OpenSPP Studio for details.
Change request v2#
Replaces 10+ specialized modules with one configurable system:
Configuration-driven: Create types without code
11 built-in types: Add/remove member, split/merge household, etc.
Approval workflows with audit trails
Event tracking for full history
See Change request types for configuration.
Grievance Redress Mechanism#
Built-in module for complaints, appeals, and feedback:
Multi-channel intake (portal, call center, field staff)
Configurable SLAs with auto-escalation
Appeals process with independent review
Confidentiality handling for sensitive cases
Security enhancements#
Data classification & PII encryption#
Comprehensive data protection with four sensitivity levels:
Level |
Examples |
Protection |
|---|---|---|
Public |
Program names |
None |
Internal |
Gender, status |
Audit logging |
Confidential |
Names, DOB |
Masking, recommended encryption |
Restricted |
National IDs, bank accounts |
Required encryption, strict access |
Encryption features:
AES-256-GCM with searchable blind indexes
Key management: Vault, AWS/GCP/Azure KMS, or config file
Transparent to users
Vocabulary system#
Replace hardcoded selection lists with international standards:
Domain |
Standard |
|---|---|
Gender |
ISO 5218 |
Disability |
WHO ICF |
Occupation |
ILO ISCO-08 |
Country |
ISO 3166-1 |
Extensible via UI, multi-language, hierarchical. See Vocabulary System.
Breaking changes#
API#
V1 endpoints deprecated (compatibility layer available)
Database IDs no longer exposed in responses
Models#
All
g2p.*models renamed tospp.*(automatic migration)Change request modules consolidated into
spp_change_request_v2Some selection fields replaced with vocabulary references
Security#
PII fields require data classification
Field-level access control enforced
New security groups for Studio
Requirements#
Python 3.11+ (was 3.10+)
PostgreSQL 12+ (17/18 recommended)
New deployments#
Choose deployment profile (Agriculture, Social Protection, etc.)
Install core modules (typically 10-15)
Configure via Studio
Import master data (areas, programs, vocabularies)
Set up security and go live
See Get started to begin.
Next steps#
Get started - Install and set up your first program
Configuration guide - Configure OpenSPP for your needs
Learn - Understand core concepts