Privileges: Difference between revisions

From Telcred documentation
Jump to navigation Jump to search
No edit summary
No edit summary
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
In Telcred Access Manager, privileges express access rights. You can think of a privilege as a key that opens one or more doors with a specified credential (e.g. card + PIN), optionally restricted to times defined by a [[Schedules|schedule]].
In Telcred Access Manager, privileges express access rights. You can think of a privilege as a key that opens one or more doors with one or more specified credentials (e.g. mobile and card + PIN), optionally restricted to times defined by a [[Schedules|schedule]].


The possible credentials are:
The possible credentials are:
Line 5: Line 5:
* Card + PIN
* Card + PIN
* PIN only
* PIN only
* Mobile remote
* Remote (The [[Telcred_Personal|Telcred Personal]] app)
* Mobile on site (Open with the Telcred_Personal app when on site, as defined by the GPS coordinates for the site)
* Mobile at door (Open with the Telcred_Personal app by scanning an NFC tag at the door)
* API 1
* API 1
* API 2
* API 2

Mobile remote, Mobile on site, and Mobile at door all concern the [[Telcred_Personal|Telcred Personal]] mobile app. Mobile remote allows the user to open from anywhere. Mobile on site allows the user to remote open doors when the user is on site. This is determined by comparing the phone's current GPS position with the coordinates for the site defined in [[Site Manager]]. Mobile at door allows the user to open a door by scanning an NFC tag at the door.


The purpose of API 1 and API 2 are to let an external system request access by supplying the door identity and a credential identifier that could represent e.g. a license plate, a face, or the customer's own smartphone app.
The purpose of API 1 and API 2 are to let an external system request access by supplying the door identity and a credential identifier that could represent e.g. a license plate, a face, or the customer's own smartphone app.
Line 14: Line 18:




Start by giving the privilege a meaningful name.
[[File:create-privilege.png|border|Create privilege]]


The next parameter is ''type'', and there are two options: "Regular" and "Use whitelist when possible". The whitelist option is only relevant for doors with locks from [[SimonsVoss SmartIntego]] and is further explained [[SmartIntego settings|here]].


Select which credentials should be used. For privileges of type ''Use whitelist where possible'' the only credential type available is ''card only''.
Start by giving the privilege a meaningful name. A good name indicates which door(s) the privilege opens and with which credential (e.g. card + PIN).

The next parameter is ''type'', and there are two options: "Regular" and "Use whitelist when possible". The whitelist option is only relevant for doors with locks from [[SimonsVoss SmartIntego]]. If the privilege has been defined with this type, the credential ID will be stored in the lock's own whitelist. In contrast, for privileges of type ''Regular'', it is the controller that makes the access control decision.

Select which credential should be used. For privileges of type ''Use whitelist where possible'' the only credential type available is ''card only''.


''Active'' can be either ''Always'' or ''Only during...'' (specified by a schedule). For privileges of type ''Use whitelist where possible'' it is not possible to specify a schedule.
''Active'' can be either ''Always'' or ''Only during...'' (specified by a schedule). For privileges of type ''Use whitelist where possible'' it is not possible to specify a schedule.


Finally, select the door(s) the privilege should be able to open by selecting them in the list to the right and moving them over to the left by clicking the left arrow. It is possible to specify the doors that the privilege should open either by including the individual [[Doors|doors]] or one or more [[Door groups|door groups]]. It is perfectly fine to mix individual doors and door groups in the same privilege.
Finally, select the door(s) the privilege should be able to open. It is possible to specify the doors that the privilege should open either by including the individual [[Doors|doors]] or one or more [[Door groups|door groups]]. It is perfectly fine to mix individual doors and door groups in the same privilege.

It is possible to share a privilege with another organization in the same system. Privilege sharing is explained in the section about [[Delegation|delegation]].

Latest revision as of 11:11, 11 October 2024

In Telcred Access Manager, privileges express access rights. You can think of a privilege as a key that opens one or more doors with one or more specified credentials (e.g. mobile and card + PIN), optionally restricted to times defined by a schedule.

The possible credentials are:

  • Card only
  • Card + PIN
  • PIN only
  • Mobile remote
  • Mobile on site (Open with the Telcred_Personal app when on site, as defined by the GPS coordinates for the site)
  • Mobile at door (Open with the Telcred_Personal app by scanning an NFC tag at the door)
  • API 1
  • API 2

Mobile remote, Mobile on site, and Mobile at door all concern the Telcred Personal mobile app. Mobile remote allows the user to open from anywhere. Mobile on site allows the user to remote open doors when the user is on site. This is determined by comparing the phone's current GPS position with the coordinates for the site defined in Site Manager. Mobile at door allows the user to open a door by scanning an NFC tag at the door.

The purpose of API 1 and API 2 are to let an external system request access by supplying the door identity and a credential identifier that could represent e.g. a license plate, a face, or the customer's own smartphone app.

To create a new privilege, select Privileges in the main menu and click Add new.


Start by giving the privilege a meaningful name.

The next parameter is type, and there are two options: "Regular" and "Use whitelist when possible". The whitelist option is only relevant for doors with locks from SimonsVoss SmartIntego and is further explained here.

Select which credentials should be used. For privileges of type Use whitelist where possible the only credential type available is card only.

Active can be either Always or Only during... (specified by a schedule). For privileges of type Use whitelist where possible it is not possible to specify a schedule.

Finally, select the door(s) the privilege should be able to open. It is possible to specify the doors that the privilege should open either by including the individual doors or one or more door groups. It is perfectly fine to mix individual doors and door groups in the same privilege.