Managing Credentials

Learn how to manage credentials and assign them to users.

An ACS generally uses digital means of access to authorize an ACS user trying to get through a specific entrance. Examples of credentials include plastic key cards, mobile keys, biometric identifiers, and PIN codes. The electronic nature of these credentials, as well as the fact that access is centralized, enables both the rapid provisioning and rescinding of access and the ability to compile access audit logs.

This guide provides instructions for creating and deleting various types of credentials.

You can assign a credential to an ACS user when you create the credential. You can also assign an existing credential to an ACS user. Further, you can unassign a credential from an ACS user without deleting the credential.

Create a Credential for an ACS User

To create a credential for an ACS user, provide the acs_user_id and the desired access_method. Seam supports the following access methods:

code for a PIN code-based credential
card for a plastic key card-based credential
mobile_key for a Seam mobile key.

Depending on the ACS and the type of credential you are issuing, you can also specify the following properties for the new credential:

PIN code.
Start and end time frame for the validity of the credential.
Whether the credential is a multi-phone sync credential. When creating a Seam mobile key, make sure to issue a multi-phone sync credential by setting is_multi_phone_sync_credential to true.
Manufacturer-specific data.

Make sure to note any manufacturer-specific metadata and restrictions. For details, see the applicable device or system integration guide.

The response includes the acs_credential_id of the newly-created credential, the acs_user_id associated with the credential, and additional attributes of the credential.

If you are creating card-based credentials, and your ACS requires card encoding, see also Creating and Encoding Card-based Credentials.

Create a PIN Code-based Credential

Request:

seam.acs.credentials.create(
  acs_user_id="33333333-3333-3333-3333-333333333333",
  access_method="code",
  code="824759"
)

Response:

AcsCredential(
  acs_credential_id='66666666-6666-6666-6666-666666666666',
  acs_user_id='33333333-3333-3333-3333-333333333333',
  code='824759',
  access_method='code',
  ...
)

Request:

curl -X 'POST' \
  'https://connect.getseam.com/acs/credentials/create' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "code",
  "code": "824759"
}'

Response:

{
  "acs_credential": {
    "acs_credential_id": "66666666-6666-6666-6666-666666666666",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "code": "824759",
    "access_method": "code",
    ...
  },
  "ok": true
}

Request:

await seam.acs.credentials.create({
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  access_method: "code",
  code: "824759"
});

Response:

{
  acs_credential_id: '66666666-6666-6666-6666-666666666666',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  code: '824759',
  access_method: 'code',
  ...
}

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->create(
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  access_method: "code",
  code: "824759"
);

Response:

{
  "acs_credential_id": "66666666-6666-6666-6666-666666666666",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "code": "824759",
  "access_method": "code",
  ...
}

Request:

seam.CredentialsAcs.Create(
  acsUserId: "33333333-3333-3333-3333-333333333333",
  accessMethod: "code",
  code: "824759"
);

Response:

{
  "acs_credential_id": "66666666-6666-6666-6666-666666666666",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "code": "824759",
  "access_method": "code",
  ...
}

Request:

// Coming soon!

Response:

// Coming soon!

Request:

credential, uErr := client.Acs.Credentials.Create(
  context.Background(), &acs.CredentialsCreateRequest{
    AcsUserId: "33333333-3333-3333-3333-333333333333",
    AccessMethod: "code",
    Code: api.String("824759"),
  },
);

Response:

{
  "acs_credential": {
    "acs_credential_id": "66666666-6666-6666-6666-666666666666",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "code": "824759",
    "access_method": "code",
    ...
  },
  "ok": true
}

Create a Card-based Credential

To create a plastic key card-based credential, set the access_method to card. Once you've created a credential, some access control systems require you to encode the card with the credential. To learn whether your ACS requires card encoding, see the system integration guide for your ACS. For card encoding instructions, see Creating and Encoding Card-based Credentials.

Request:

seam.acs.credentials.create(
  acs_user_id="33333333-3333-3333-3333-333333333333",
  access_method="card",
  code="123456"
)

Response:

AcsCredential(
  acs_credential_id='77777777-7777-7777-7777-777777777777',
  acs_user_id='33333333-3333-3333-3333-333333333333',
  access_method='card',
  ...
)

Request:

curl -X 'POST' \
  'https://connect.getseam.com/acs/credentials/create' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "card",
  "code": "123456"
}'

Response:

{
  "acs_credential": {
    "acs_credential_id": "77777777-7777-7777-7777-777777777777",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "access_method": "card",
    ...
  },
  "ok": true
}

Request:

await seam.acs.credentials.create({
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  access_method: "card",
  code: "123456"
});

Response:

{
  acs_credential_id: '77777777-7777-7777-7777-777777777777',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'card',
  ...
}

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->create(
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  access_method: "card",
  code: "123456"
);

Response:

{
  "acs_credential_id": "77777777-7777-7777-7777-777777777777",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "card",
  ...
}

Request:

seam.CredentialsAcs.Create(
  acsUserId: "33333333-3333-3333-3333-333333333333",
  accessMethod: "card",
  code: "123456"
);

Response:

{
  "acs_credential_id": "77777777-7777-7777-7777-777777777777",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "card",
  ...
}

Request:

// Coming soon!

Response:

// Coming soon!

Request:

credential, uErr := client.Acs.Credentials.Create(
  context.Background(), &acs.CredentialsCreateRequest{
    AcsUserId: "33333333-3333-3333-3333-333333333333",
    AccessMethod: "card",
    Code: api.String("123456"),
  },
);

Response:

{
  "acs_credential": {
    "acs_credential_id": "77777777-7777-7777-7777-777777777777",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "access_method": "card",
    ...
  },
  "ok": true
}

Create a Seam Mobile Key

Depending on the ACS for which you want to create a credential, you may also need to include system-specific metadata. See the system integration guide for your ACS. For more information about mobile access and issuing mobile credentials, see Mobile Access and Issuing Mobile Credentials from an Access Control System.

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

seam.acs.credentials.create(
  acs_user_id="33333333-3333-3333-3333-333333333333",
  allowed_acs_entrance_ids=[
    "55555555-5555-5555-5555-555555555555",
    "55555555-5555-5555-5555-000000000000"
  ],
  credential_manager_acs_system_id="88888888-8888-8888-8888-888888888888",
  access_method="mobile_key",
  is_multi_phone_sync_credential=True,
  starts_at="2024-03-01T10:40:00Z",
  ends_at="2024-03-04T10:40:00Z",
  ...
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

AcsCredential(
  acs_credential_id='99999999-9999-9999-9999-999999999999',
  acs_user_id='33333333-3333-3333-3333-333333333333',
  access_method='mobile_key',
  is_multi_phone_sync_credential=True,
  ...
)

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

curl -X 'POST' \
  'https://connect.getseam.com/acs/credentials/create' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "allowed_acs_entrance_ids": [
    "55555555-5555-5555-5555-555555555555",
    "55555555-5555-5555-5555-000000000000"
  ],
  "credential_manager_acs_system_id": "88888888-8888-8888-8888-888888888888",
  "access_method": "mobile_key",
  "is_multi_phone_sync_credential": true,
  "starts_at": "2024-03-01T10:40:00Z",
  "ends_at": "2024-03-04T10:40:00Z",
  ...
}'

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential": {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "access_method": "mobile_key",
    "is_multi_phone_sync_credential": true,
    ...
  },
  "ok": true
}

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

await seam.acs.credentials.create({
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  allowed_acs_entrance_ids: [
    "55555555-5555-5555-5555-555555555555",
    "55555555-5555-5555-5555-000000000000"
  ],
  credential_manager_acs_system_id: "88888888-8888-8888-8888-888888888888",
  access_method: "mobile_key",
  is_multi_phone_sync_credential: true,
  starts_at: "2024-03-01T10:40:00Z",
  ends_at: "2024-03-04T10:40:00Z",
  ...
});

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  acs_credential_id: '99999999-9999-9999-9999-999999999999',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'mobile_key',
  is_multi_phone_sync_credential: true,
  ...
}

Request:

# Coming soon!

Response:

# Coming soon!

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

$seam->acs->credentials->create(
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  allowed_acs_entrance_ids: [
    "55555555-5555-5555-5555-555555555555",
    "55555555-5555-5555-5555-000000000000"
  ],
  credential_manager_acs_system_id: "88888888-8888-8888-8888-888888888888",
  access_method: "mobile_key",
  is_multi_phone_sync_credential: true,
  starts_at: "2024-03-01T10:40:00Z",
  ends_at: "2024-03-04T10:40:00Z",
  ...
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "mobile_key",
  "is_multi_phone_sync_credential": true,
  ...
}

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

seam.CredentialsAcs.Create(
  acsUserId: "33333333-3333-3333-3333-333333333333",
  allowedAcsEntranceIds: new List<string>
    {
      "55555555-5555-5555-5555-555555555555",
      "55555555-5555-5555-5555-000000000000"
    },
  credentialManagerAcsSystemId: "88888888-8888-8888-8888-888888888888",
  accessMethod: "mobile_key",
  isMultiPhoneSyncCredential: true,
  startsAt: "2024-03-01T10:40:00Z",
  endsAt: "2024-03-04T10:40:00Z",
  ...
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "access_method": "mobile_key",
  "is_multi_phone_sync_credential": true,
  ...
}

Request:

// Coming soon!

Response:

// Coming soon!

Request:

This request contains manufacturer-specific metadata that may vary by manufacturer.

startsAt, err := time.Parse(time.RFC3339, "2024-03-01T10:40:00Z")
endsAt, err := time.Parse(time.RFC3339, "2024-03-04T10:40:00Z")
if err != nil {
  return err
}

credential, uErr := client.Acs.Credentials.Create(
  context.Background(), &acs.CredentialsCreateRequest{
    AcsUserId: "33333333-3333-3333-3333-333333333333",
    AllowedAcsEntranceIds: {
        "55555555-5555-5555-5555-555555555555",
        "55555555-5555-5555-5555-000000000000",
      },
    CredentialManagerAcsSystemId: api.String("88888888-8888-8888-8888-888888888888"),
    AccessMethod: "mobile_key",
    IsMultiPhoneSyncCredential: api.Bool(true),
    StartsAt: api.Time(startsAt),
    EndsAt: api.Time(endsAt),
    ...
  },
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_user": {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "access_method": "mobile_key",
    "is_multi_phone_sync_credential": true,
    ...
  },
  "ok": true
}

List Credentials

You can list all ACS credentials for a specific ACS user or user identity. You can also list all credentials for an ACS system.

List Credentials by ACS User

To list all ACS credentials for a specific ACS user, provide the acs_user_id.

Request:

seam.acs.credentials.list(
  acs_user_id="33333333-3333-3333-3333-333333333333"
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  AcsCredential(
    acs_credential_id='99999999-9999-9999-9999-999999999999',
    acs_user_id='33333333-3333-3333-3333-333333333333',
    ...
  ),
  ...
]

Request:

# Use GET or POST.
curl -X 'GET' \
  'https://connect.getseam.com/acs/credentials/list' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_user_id": "33333333-3333-3333-3333-333333333333"
}'

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credentials": [
    {
      "acs_credential_id": "99999999-9999-9999-9999-999999999999",
      "acs_user_id": "33333333-3333-3333-3333-333333333333",
      ...
    }
    ...
  ],
  "ok": true
}

Request:

await seam.acs.credentials.list({
  acs_user_id: "33333333-3333-3333-3333-333333333333"
});

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  {
    acs_credential_id: '99999999-9999-9999-9999-999999999999',
    acs_user_id: '33333333-3333-3333-3333-333333333333',
    ...
  },
  ...
]

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->list(
  acs_user_id: "33333333-3333-3333-3333-333333333333"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    ...
  },
  ...
]

Request:

seam.CredentialsAcs.List(
  acsUserId: "33333333-3333-3333-3333-333333333333"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  ...
}
...

Request:

// Coming soon!

Response:

// Coming soon!

Request:

acs_credentials, uErr := client.Acs.Credentials.List(
  context.Background(), &acs.CredentialsListRequest{
    AcsUserId: api.String("33333333-3333-3333-3333-333333333333"),
  },
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credentials": [
    {
      "acs_credential_id": "99999999-9999-9999-9999-999999999999",
      "acs_user_id": "33333333-3333-3333-3333-333333333333",
      ...
    }
    ...
  ],
  "ok": true
}

List Credentials by User Identity

To list all ACS credentials for a specific user identity, provide the user_identity_id.

Request:

seam.acs.credentials.list(
  user_identity_id="22222222-2222-2222-2222-222222222222"
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  AcsCredential(
    acs_credential_id='99999999-9999-9999-9999-999999999999',
    acs_user_id='33333333-3333-3333-3333-333333333333',
    ...
  ),
  ...
]

Request:

# Use GET or POST.
curl -X 'GET' \
  'https://connect.getseam.com/acs/credentials/list' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "user_identity_id": "22222222-2222-2222-2222-222222222222"
}'

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credentials": [
    {
      "acs_credential_id": "99999999-9999-9999-9999-999999999999",
      "acs_user_id": "33333333-3333-3333-3333-333333333333",
      ...
    }
    ...
  ],
  "ok": true
}

Request:

await seam.acs.credentials.list({
  user_identity_id: "22222222-2222-2222-2222-222222222222"
});

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  {
    acs_credential_id: '99999999-9999-9999-9999-999999999999',
    acs_user_id: '33333333-3333-3333-3333-333333333333',
    ...
  },
  ...
]

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->list(
  user_identity_id: "22222222-2222-2222-2222-222222222222"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

[
  {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    ...
  },
  ...
]

Request:

seam.CredentialsAcs.List(
  userIdentityId: "22222222-2222-2222-2222-222222222222"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  ...
}
...

Request:

// Coming soon!

Response:

// Coming soon!

Request:

acs_credentials, uErr := client.Acs.Credentials.List(
  context.Background(), &acs.CredentialsListRequest{
    UserIdentityId: api.String("22222222-2222-2222-2222-222222222222"),
  },
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credentials": [
    {
      "acs_credential_id": "99999999-9999-9999-9999-999999999999",
      "acs_user_id": "33333333-3333-3333-3333-333333333333",
      ...
    }
    ...
  ],
  "ok": true
}ACS

Get a Credential

To get a credential, provide the acs_credential_id of the credential that you want to retrieve. These details include the user associated with the credential, the access method, the schedule for the credential, if applicable, and so on.

Request:

seam.acs.credentials.get(
  acs_credential_id="66666666-6666-6666-6666-666666666666"
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

AcsCredential(
  acs_credential_id='99999999-9999-9999-9999-999999999999',
  acs_user_id='33333333-3333-3333-3333-333333333333',
  acs_system_id='11111111-1111-1111-1111-111111111111',
  access_method='mobile_key',
  ...
)

Request:

curl -X 'POST' \
  'https://connect.getseam.com/acs/credentials/get' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_credential_id": "66666666-6666-6666-6666-666666666666"
}'

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential": {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "acs_system_id": "11111111-1111-1111-1111-111111111111",
    "access_method": "mobile_key",
    ...
  },
  "ok": true
}

Request:

await seam.acs.credentials.get({
  acs_credential_id: "66666666-6666-6666-6666-666666666666"
});

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  acs_credential_id: '99999999-9999-9999-9999-999999999999',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  acs_system_id: '11111111-1111-1111-1111-111111111111',
  access_method: 'mobile_key',
  ...
}

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->get(
  acs_credential_id: "66666666-6666-6666-6666-66666666"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "acs_system_id": "11111111-1111-1111-1111-111111111111",
  "access_method": "mobile_key",
  ...
}

Request:

seam.CredentialsAcs.Get(
  acsCredentialId: "66666666-6666-6666-6666-66666666"
);

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential_id": "99999999-9999-9999-9999-999999999999",
  "acs_user_id": "33333333-3333-3333-3333-333333333333",
  "acs_system_id": "11111111-1111-1111-1111-111111111111",
  "access_method": "mobile_key",
  ...
}

Request:

// Coming soon!

Response:

// Coming soon!

Request:

acs_credential, uErr := client.Acs.Credentials.Get(
  context.Background(), &acs.CredentialsGetRequest{
    AcsCredentialId: "66666666-6666-6666-6666-66666666",
  },
)

Response:

This response contains manufacturer-specific metadata that may vary by manufacturer.

{
  "acs_credential": {
    "acs_credential_id": "99999999-9999-9999-9999-999999999999",
    "acs_user_id": "33333333-3333-3333-3333-333333333333",
    "acs_system_id": "11111111-1111-1111-1111-111111111111",
    "access_method": "mobile_key",
    ...
  },
  "ok": true
}

Delete a Credential

To delete a credential, provide the acs_credential_id.

Request:

seam.acs.credentials.delete(
  acs_credential_id="66666666-6666-6666-6666-666666666666"
)

Response:

None

Request:

curl -X 'POST' \
  'https://connect.getseam.com/acs/credentials/delete' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer ${API_KEY}" \
  -H 'Content-Type: application/json' \
  -d '{
  "acs_credential_id": "66666666-6666-6666-6666-666666666666"
}'

Response:

{
  "ok": true
}

Request:

await seam.acs.credentials.delete({
  acs_credential_id: "66666666-6666-6666-6666-666666666666"
});

Response:

void

Request:

# Coming soon!

Response:

# Coming soon!

Request:

$seam->acs->credentials->delete(
  acs_credential_id: "66666666-6666-6666-6666-666666666666"
);

Response:

void

Request:

seam.CredentialsAcs.Delete(
  acsCredentialId: "66666666-6666-6666-6666-666666666666"
);

Response:

void

Request:

// Coming soon!

Response:

// Coming soon!

Request:

_, uErr := client.Acs.Credentials.Delete(
  context.Background(), &acs.CredentialsDeleteRequest{
    acsCredentialId: "66666666-6666-6666-6666-666666666666",
  },
);

Response:

void

PreviousRetrieving Entrance Details NextAssigning Credentials to ACS Users

Last updated 7 months ago

Was this helpful?