Understanding Access Control System Differences
Seam provides the flexibility to support various ACSs, including manufacturer-specific differences.
Last updated
Was this helpful?
Seam provides the flexibility to support various ACSs, including manufacturer-specific differences.
Last updated
Was this helpful?
Seam's universal API provides the flexibility to manage a variety of . Variations among ACSs include the methods that you use to assign access permissions to users. For example, some ACSs grant scheduled access to through configured , while others specify entrance permissions and schedules as properties of . Other variations include the following:
Whether an ACS is cloud-based or on-premises
The specific licenses, if any, that each ACS manufacturer requires you to purchase
The manufacturer-specific ACS properties and metadata that you must configure to create and assign credentials to ACS users
To understand the manufacturer-specific nuances of your ACS, see the relevant .
Seam supports connecting to ACSs that are either cloud-based or on-premises.
Cloud-based ACSs are hosted on the internet and are accessible by Seam over a secure connection. This type of ACS provides the benefits and ease of remote management. In addition, you can monitor real-time data and analytics.
On-premises ACSs can also be connected to the internet but are typically protected by a firewall. To integrate with these systems, Seam requires the , an application installed on a local computer. Once installed, the acts as a secure intermediary, handling network requests between Seam and the on-premises network, and enables secure communication through the firewall.
For detailed information about installing the Seam Bridge and connecting an on-premises ACS to Seam, see .
This section describes various ways in which ACSs handle assigning access permissions to users.
To assign access permissions in an access group-based ACS, you add ACS users to the access groups. Then, you create credentials to specify the access mechanisms—such as key cards, PIN codes, or mobile keys—and assign these credentials to the ACS users.
The following process describes the configuration steps for your application to grant access in an access group-based ACS:
Connect the ACS system.
When the ACS connects to Seam, Seam automatically creates the acs_system. Seam also syncs the entrances and access groups from the connected ACS as acs_entrance and acs_access_group resources.
Note that because Seam automatically syncs these entrance and access group resources from the ACS, you cannot create, edit, or delete them using the Seam API.
Create credentials.
Your application creates acs_credentials with the following attributes:
ID of the acs_user to associate with this credential
Access method for the credential, such as code, card, or mobile_key
The following process describes the configuration steps for your application to grant access in a credential-based ACS:
ID of the acs_user to associate with this credential
Access method for the credential, such as code, card, or mobile_key
Set of entrances to which this credential grants access
Start and end date and time during which this credential grants access
Access group-based ACSs use access groups as an efficient way to assign access permissions to . Each access group contains a list of entrances and the corresponding access schedule. Seam syncs all the access group and entrance information from the ACS.
Create ACS users.
Your application creates an acs_user for each user within this ACS. Each acs_user is configured with a set of attributes, such their name, email address, and phone number, as applicable.
If you need to grant a single application user access to multiple ACSs—for example, if an application user needs access to multiple buildings, each of which uses a separate ACS, or if a single building has different ACSs for different floors—you can use Seam to link acs_users in different acs_systems.
Add ACS users to access groups.
Your application each acs_user to an acs_access_group. Note that the access group defines the entrances and access schedules for all the ACS users in this access group.
Depending on the access method and specific ACS, your application can also configure additional credential properties. For more information about manufacturer-specific variations, see the for your ACS.
You can also perform other management actions, as needed, such as and , and existing credentials, and ACS users, and , and and .
In a credential-based ACS, the resource contains the list of entrances to which the credential grants access. The acs_credential also contains the schedule that specifies when this access is valid. You specify each schedule by configuring a starts_at and ends_at date and time.
Connect the ACS system.
When the ACS connects to Seam, Seam automatically creates the . Seam also syncs the entrances from the connected ACS as acs_entrance resources. Note that because Seam automatically syncs these entrance resources from the ACS, you cannot create, edit, or delete them using the Seam API.
Create ACS users.
Your application an for each user within this ACS. Each acs_user is configured with a set of attributes, such their name, email address, and phone number, as applicable.
If you need to grant a single application user access to multiple ACSs—for example, if an application user needs access to multiple buildings, each of which uses a separate ACS—you can use Seam to link acs_users in different acs_systems.
Create credentials.
Your application acs_credentials with the following attributes:
Depending on the access method and specific ACS, your application can also configure additional credential properties. For more information about manufacturer-specific variations, see the for your ACS.
You can also perform other management actions, as needed, such as and existing credentials, and ACS users, and , and and .
To learn about the manufacturer-specific variations for ACSs, see the corresponding .
