Managing Credentials
Learn how to manage credentials and assign them to users.
Last updated
Was this helpful?
Learn how to manage credentials and assign them to users.
Last updated
Was this helpful?
An ACS generally uses digital means of access to authorize an ACS user trying to get through a specific entrance. Examples of credentials include plastic key cards, mobile keys, biometric identifiers, and PIN codes. The electronic nature of these credentials, as well as the fact that access is centralized, enables both the rapid provisioning and rescinding of access and the ability to compile access audit logs.
This guide provides instructions for creating and deleting various types of credentials.
You can assign a credential to an ACS user when you create the credential. You can also assign an existing credential to an ACS user. Further, you can unassign a credential from an ACS user without deleting the credential.
To create a credential for an ACS user, provide the acs_user_id and the desired access_method. Seam supports the following access methods:
code for a PIN code-based credential
card for a plastic key card-based credential
mobile_key for a Seam mobile key.
Depending on the ACS and the type of credential you are issuing, you can also specify the following properties for the new credential:
PIN code.
Start and end time frame for the validity of the credential.
Whether the credential is a multi-phone sync credential.
When creating a Seam mobile key, make sure to issue a multi-phone sync credential by setting is_multi_phone_sync_credential to true.
Manufacturer-specific data.
Make sure to note any manufacturer-specific metadata and restrictions. For details, see the applicable device or system integration guide.
The response includes the acs_credential_id of the newly-created credential, the acs_user_id associated with the credential, and additional attributes of the credential.
If you are creating card-based credentials, and your ACS requires card encoding, see also Creating and Encoding Card-based Credentials.
Request:
seam.acs.credentials.create(
acs_user_id="33333333-3333-3333-3333-333333333333",
access_method="code",
code="824759"
)Response:
AcsCredential(
acs_credential_id='66666666-6666-6666-6666-666666666666',
acs_user_id='33333333-3333-3333-3333-333333333333',
code='824759',
access_method='code',
...
)Request:
curl -X 'POST' \
'https://connect.getseam.com/acs/credentials/create' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "code",
"code": "824759"
}'Response:
{
"acs_credential": {
"acs_credential_id": "66666666-6666-6666-6666-666666666666",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"code": "824759",
"access_method": "code",
...
},
"ok": true
}Request:
await seam.acs.credentials.create({
acs_user_id: "33333333-3333-3333-3333-333333333333",
access_method: "code",
code: "824759"
});Response:
{
acs_credential_id: '66666666-6666-6666-6666-666666666666',
acs_user_id: '33333333-3333-3333-3333-333333333333',
code: '824759',
access_method: 'code',
...
}Request:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->create(
acs_user_id: "33333333-3333-3333-3333-333333333333",
access_method: "code",
code: "824759"
);Response:
{
"acs_credential_id": "66666666-6666-6666-6666-666666666666",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"code": "824759",
"access_method": "code",
...
}Request:
seam.CredentialsAcs.Create(
acsUserId: "33333333-3333-3333-3333-333333333333",
accessMethod: "code",
code: "824759"
);Response:
{
"acs_credential_id": "66666666-6666-6666-6666-666666666666",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"code": "824759",
"access_method": "code",
...
}Request:
// Coming soon!Response:
// Coming soon!Request:
credential, uErr := client.Acs.Credentials.Create(
context.Background(), &acs.CredentialsCreateRequest{
AcsUserId: "33333333-3333-3333-3333-333333333333",
AccessMethod: "code",
Code: api.String("824759"),
},
);Response:
{
"acs_credential": {
"acs_credential_id": "66666666-6666-6666-6666-666666666666",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"code": "824759",
"access_method": "code",
...
},
"ok": true
}To create a plastic key card-based credential, set the access_method to card. Once you've created a credential, some access control systems require you to encode the card with the credential. To learn whether your ACS requires card encoding, see the system integration guide for your ACS. For card encoding instructions, see Creating and Encoding Card-based Credentials.
Request:
seam.acs.credentials.create(
acs_user_id="33333333-3333-3333-3333-333333333333",
access_method="card",
code="123456"
)Response:
AcsCredential(
acs_credential_id='77777777-7777-7777-7777-777777777777',
acs_user_id='33333333-3333-3333-3333-333333333333',
access_method='card',
...
)Request:
curl -X 'POST' \
'https://connect.getseam.com/acs/credentials/create' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "card",
"code": "123456"
}'Response:
{
"acs_credential": {
"acs_credential_id": "77777777-7777-7777-7777-777777777777",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "card",
...
},
"ok": true
}Request:
await seam.acs.credentials.create({
acs_user_id: "33333333-3333-3333-3333-333333333333",
access_method: "card",
code: "123456"
});Response:
{
acs_credential_id: '77777777-7777-7777-7777-777777777777',
acs_user_id: '33333333-3333-3333-3333-333333333333',
access_method: 'card',
...
}Request:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->create(
acs_user_id: "33333333-3333-3333-3333-333333333333",
access_method: "card",
code: "123456"
);Response:
{
"acs_credential_id": "77777777-7777-7777-7777-777777777777",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "card",
...
}Request:
seam.CredentialsAcs.Create(
acsUserId: "33333333-3333-3333-3333-333333333333",
accessMethod: "card",
code: "123456"
);Response:
{
"acs_credential_id": "77777777-7777-7777-7777-777777777777",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "card",
...
}Request:
// Coming soon!Response:
// Coming soon!Request:
credential, uErr := client.Acs.Credentials.Create(
context.Background(), &acs.CredentialsCreateRequest{
AcsUserId: "33333333-3333-3333-3333-333333333333",
AccessMethod: "card",
Code: api.String("123456"),
},
);Response:
{
"acs_credential": {
"acs_credential_id": "77777777-7777-7777-7777-777777777777",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "card",
...
},
"ok": true
}Depending on the ACS for which you want to create a credential, you may also need to include system-specific metadata. See the system integration guide for your ACS. For more information about mobile access and issuing mobile credentials, see Mobile Access and Issuing Mobile Credentials from an Access Control System.
Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
seam.acs.credentials.create(
acs_user_id="33333333-3333-3333-3333-333333333333",
allowed_acs_entrance_ids=[
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000"
],
credential_manager_acs_system_id="88888888-8888-8888-8888-888888888888",
access_method="mobile_key",
is_multi_phone_sync_credential=True,
starts_at="2024-03-01T10:40:00Z",
ends_at="2024-03-04T10:40:00Z",
...
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
AcsCredential(
acs_credential_id='99999999-9999-9999-9999-999999999999',
acs_user_id='33333333-3333-3333-3333-333333333333',
access_method='mobile_key',
is_multi_phone_sync_credential=True,
...
)Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
curl -X 'POST' \
'https://connect.getseam.com/acs/credentials/create' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"allowed_acs_entrance_ids": [
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000"
],
"credential_manager_acs_system_id": "88888888-8888-8888-8888-888888888888",
"access_method": "mobile_key",
"is_multi_phone_sync_credential": true,
"starts_at": "2024-03-01T10:40:00Z",
"ends_at": "2024-03-04T10:40:00Z",
...
}'Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential": {
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "mobile_key",
"is_multi_phone_sync_credential": true,
...
},
"ok": true
}Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
await seam.acs.credentials.create({
acs_user_id: "33333333-3333-3333-3333-333333333333",
allowed_acs_entrance_ids: [
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000"
],
credential_manager_acs_system_id: "88888888-8888-8888-8888-888888888888",
access_method: "mobile_key",
is_multi_phone_sync_credential: true,
starts_at: "2024-03-01T10:40:00Z",
ends_at: "2024-03-04T10:40:00Z",
...
});Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
acs_credential_id: '99999999-9999-9999-9999-999999999999',
acs_user_id: '33333333-3333-3333-3333-333333333333',
access_method: 'mobile_key',
is_multi_phone_sync_credential: true,
...
}Request:
# Coming soon!Response:
# Coming soon!Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
$seam->acs->credentials->create(
acs_user_id: "33333333-3333-3333-3333-333333333333",
allowed_acs_entrance_ids: [
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000"
],
credential_manager_acs_system_id: "88888888-8888-8888-8888-888888888888",
access_method: "mobile_key",
is_multi_phone_sync_credential: true,
starts_at: "2024-03-01T10:40:00Z",
ends_at: "2024-03-04T10:40:00Z",
...
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "mobile_key",
"is_multi_phone_sync_credential": true,
...
}Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
seam.CredentialsAcs.Create(
acsUserId: "33333333-3333-3333-3333-333333333333",
allowedAcsEntranceIds: new List<string>
{
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000"
},
credentialManagerAcsSystemId: "88888888-8888-8888-8888-888888888888",
accessMethod: "mobile_key",
isMultiPhoneSyncCredential: true,
startsAt: "2024-03-01T10:40:00Z",
endsAt: "2024-03-04T10:40:00Z",
...
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "mobile_key",
"is_multi_phone_sync_credential": true,
...
}Request:
// Coming soon!Response:
// Coming soon!Request:
This request contains manufacturer-specific metadata that may vary by manufacturer.
startsAt, err := time.Parse(time.RFC3339, "2024-03-01T10:40:00Z")
endsAt, err := time.Parse(time.RFC3339, "2024-03-04T10:40:00Z")
if err != nil {
return err
}
credential, uErr := client.Acs.Credentials.Create(
context.Background(), &acs.CredentialsCreateRequest{
AcsUserId: "33333333-3333-3333-3333-333333333333",
AllowedAcsEntranceIds: {
"55555555-5555-5555-5555-555555555555",
"55555555-5555-5555-5555-000000000000",
},
CredentialManagerAcsSystemId: api.String("88888888-8888-8888-8888-888888888888"),
AccessMethod: "mobile_key",
IsMultiPhoneSyncCredential: api.Bool(true),
StartsAt: api.Time(startsAt),
EndsAt: api.Time(endsAt),
...
},
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_user": {
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"access_method": "mobile_key",
"is_multi_phone_sync_credential": true,
...
},
"ok": true
}You can list all ACS credentials for a specific ACS user or user identity. You can also list all credentials for an ACS system.
To list all ACS credentials for a specific ACS user, provide the acs_user_id.
Request:
seam.acs.credentials.list(
acs_user_id="33333333-3333-3333-3333-333333333333"
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
AcsCredential(
acs_credential_id='99999999-9999-9999-9999-999999999999',
acs_user_id='33333333-3333-3333-3333-333333333333',
...
),
...
]Request:
# Use GET or POST.
curl -X 'GET' \
'https://connect.getseam.com/acs/credentials/list' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_user_id": "33333333-3333-3333-3333-333333333333"
}'Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credentials": [
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...
],
"ok": true
}Request:
await seam.acs.credentials.list({
acs_user_id: "33333333-3333-3333-3333-333333333333"
});Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
{
acs_credential_id: '99999999-9999-9999-9999-999999999999',
acs_user_id: '33333333-3333-3333-3333-333333333333',
...
},
...
]Request:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->list(
acs_user_id: "33333333-3333-3333-3333-333333333333"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
},
...
]Request:
seam.CredentialsAcs.List(
acsUserId: "33333333-3333-3333-3333-333333333333"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...Request:
// Coming soon!Response:
// Coming soon!Request:
acs_credentials, uErr := client.Acs.Credentials.List(
context.Background(), &acs.CredentialsListRequest{
AcsUserId: api.String("33333333-3333-3333-3333-333333333333"),
},
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credentials": [
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...
],
"ok": true
}To list all ACS credentials for a specific user identity, provide the user_identity_id.
Request:
seam.acs.credentials.list(
user_identity_id="22222222-2222-2222-2222-222222222222"
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
AcsCredential(
acs_credential_id='99999999-9999-9999-9999-999999999999',
acs_user_id='33333333-3333-3333-3333-333333333333',
...
),
...
]Request:
# Use GET or POST.
curl -X 'GET' \
'https://connect.getseam.com/acs/credentials/list' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"user_identity_id": "22222222-2222-2222-2222-222222222222"
}'Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credentials": [
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...
],
"ok": true
}Request:
await seam.acs.credentials.list({
user_identity_id: "22222222-2222-2222-2222-222222222222"
});Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
{
acs_credential_id: '99999999-9999-9999-9999-999999999999',
acs_user_id: '33333333-3333-3333-3333-333333333333',
...
},
...
]Request:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->list(
user_identity_id: "22222222-2222-2222-2222-222222222222"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
[
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
},
...
]Request:
seam.CredentialsAcs.List(
userIdentityId: "22222222-2222-2222-2222-222222222222"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...Request:
// Coming soon!Response:
// Coming soon!Request:
acs_credentials, uErr := client.Acs.Credentials.List(
context.Background(), &acs.CredentialsListRequest{
UserIdentityId: api.String("22222222-2222-2222-2222-222222222222"),
},
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credentials": [
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
...
}
...
],
"ok": true
}ACSTo get a credential, provide the acs_credential_id of the credential that you want to retrieve. These details include the user associated with the credential, the access method, the schedule for the credential, if applicable, and so on.
Request:
seam.acs.credentials.get(
acs_credential_id="66666666-6666-6666-6666-666666666666"
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
AcsCredential(
acs_credential_id='99999999-9999-9999-9999-999999999999',
acs_user_id='33333333-3333-3333-3333-333333333333',
acs_system_id='11111111-1111-1111-1111-111111111111',
access_method='mobile_key',
...
)Request:
curl -X 'POST' \
'https://connect.getseam.com/acs/credentials/get' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_credential_id": "66666666-6666-6666-6666-666666666666"
}'Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential": {
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"acs_system_id": "11111111-1111-1111-1111-111111111111",
"access_method": "mobile_key",
...
},
"ok": true
}Request:
await seam.acs.credentials.get({
acs_credential_id: "66666666-6666-6666-6666-666666666666"
});Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
acs_credential_id: '99999999-9999-9999-9999-999999999999',
acs_user_id: '33333333-3333-3333-3333-333333333333',
acs_system_id: '11111111-1111-1111-1111-111111111111',
access_method: 'mobile_key',
...
}Request:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->get(
acs_credential_id: "66666666-6666-6666-6666-66666666"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"acs_system_id": "11111111-1111-1111-1111-111111111111",
"access_method": "mobile_key",
...
}Request:
seam.CredentialsAcs.Get(
acsCredentialId: "66666666-6666-6666-6666-66666666"
);Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"acs_system_id": "11111111-1111-1111-1111-111111111111",
"access_method": "mobile_key",
...
}Request:
// Coming soon!Response:
// Coming soon!Request:
acs_credential, uErr := client.Acs.Credentials.Get(
context.Background(), &acs.CredentialsGetRequest{
AcsCredentialId: "66666666-6666-6666-6666-66666666",
},
)Response:
This response contains manufacturer-specific metadata that may vary by manufacturer.
{
"acs_credential": {
"acs_credential_id": "99999999-9999-9999-9999-999999999999",
"acs_user_id": "33333333-3333-3333-3333-333333333333",
"acs_system_id": "11111111-1111-1111-1111-111111111111",
"access_method": "mobile_key",
...
},
"ok": true
}To delete a credential, provide the acs_credential_id.
Request:
seam.acs.credentials.delete(
acs_credential_id="66666666-6666-6666-6666-666666666666"
)Response:
NoneRequest:
curl -X 'POST' \
'https://connect.getseam.com/acs/credentials/delete' \
-H 'accept: application/json' \
-H "Authorization: Bearer ${API_KEY}" \
-H 'Content-Type: application/json' \
-d '{
"acs_credential_id": "66666666-6666-6666-6666-666666666666"
}'Response:
{
"ok": true
}Request:
await seam.acs.credentials.delete({
acs_credential_id: "66666666-6666-6666-6666-666666666666"
});Response:
voidRequest:
# Coming soon!Response:
# Coming soon!Request:
$seam->acs->credentials->delete(
acs_credential_id: "66666666-6666-6666-6666-666666666666"
);Response:
voidRequest:
seam.CredentialsAcs.Delete(
acsCredentialId: "66666666-6666-6666-6666-666666666666"
);Response:
voidRequest:
// Coming soon!Response:
// Coming soon!Request:
_, uErr := client.Acs.Credentials.Delete(
context.Background(), &acs.CredentialsDeleteRequest{
acsCredentialId: "66666666-6666-6666-6666-666666666666",
},
);Response:
void