> ## Documentation Index
> Fetch the complete documentation index at: https://docs.seam.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Mobile Key Quick Start

> Create your first mobile key credential to start controlling an access control system with Seam.

In this quick start, create a user identity for a virtual [Salto KS](/device-and-system-integration-guides/salto-ks-access-control-system) access control system. Then, grant the user access to an entrance using a mobile key credential. With mobile keys, developers can create mobile apps that download users' credentials and then use Bluetooth low energy (BLE) or similar communications technologies to unlock granted nearby entrances. For more information about Seam's mobile access solution, see [Mobile Access](/capability-guides/mobile-access/index).

<Info>
  This quick start walks you through the process that applies specifically to
  the Salto KS ACS. There are often differences between access control systems.
  Once you've completed this quick start, learn how to work with your ACS using
  Seam, by reading the [system integration
  guide](/device-and-system-integration-guides#access-control-systems)
  for your ACS.
</Info>

## Overview

This quick start walks you through the following basic steps:

1. [Connect](/core-concepts/workspaces/index#connecting-virtual-devices) an access control system to Seam.
   * To get started quickly, use a virtual ACS in a [sandbox workspace](/core-concepts/workspaces/index#sandbox-workspaces).
2. Install a Seam SDK and create an API key.
3. Create a [user identity](/api/user_identities/object).
   * Seam user identities enable you to match your own mobile app users to ACS users.
4. Assign the user identity to an [access group](../user-management/assigning-users-to-access-groups).
   * Access groups are preconfigured to grant access to specific entrances.\
     While some access control systems use access groups, others specify allowed entrances directly within the credential. For more details, see [Access Permission Assignment Variations](../connect-an-acs-to-seam/understanding-access-control-system-differences#access-permission-assignment-variations).
5. Create a mobile key [ACS credential](../managing-credentials) for the user identity.
6. View the list of entrances to which the user now has access.

:rocket: Let's get started!

***

## Step 1: Connect a Virtual ACS

In this quick start, use Seam Console to connect a virtual ACS to your sandbox workspace. Alternately, you can use the Seam API to create a [Connect Webview](/core-concepts/connect-webviews/index) and then use it to connect an ACS to Seam.

1. Log in to [Seam Console](https://console.seam.co/).

2. In the upper-left corner, click the workspace switcher and select or [create a sandbox workspace](/core-concepts/workspaces/index#create-a-sandbox-workspace).

   <img src="https://mintcdn.com/seam/P0QuBfmp1JAA1zUg/images/workspace-switcher.png?fit=max&auto=format&n=P0QuBfmp1JAA1zUg&q=85&s=1164bfc2d51bb0b1a4987c7a71368aef" alt="Use the Seam Console workspace switcher to switch between workspaces and create new workspaces." width="414" height="87" data-path="images/workspace-switcher.png" />

3. In the top navigation pane, click **ACS Systems**.

   <img src="https://mintcdn.com/seam/3MkQAe40a-b0KYcA/images/acs-quick-start-access-systems-tab.png?fit=max&auto=format&n=3MkQAe40a-b0KYcA&q=85&s=3d282fa03fe9644d76b7b5a6d1fdd061" alt="Click ACS Systems to go to the Access Systems page." style={{width: "550px", height: "auto"}} width="1920" height="287" data-path="images/acs-quick-start-access-systems-tab.png" />

4. On the **Access Systems** page, click **New Access System**.

   Seam Console displays a Connect Webview that enables you to connect a virtual ACS to Seam.

5. In the Connect Webview, authorize the connection.

   1. Click **Continue**.
   2. In the device brand list, click **Salto KS**.
   3. On the Salto KS authorization page:
      1. In the **Email** field, type `jane@example.com`.
      2. In the **Password** field, type `1234`.
      3. Click **Log In**.
      4. When prompted to allow application access, click **Yes, Allow**.
      5. In the sites list, select **Main Site** and then click **Continue**.
      6. When prompted to allow Seam to add a user to the virtual Salto KS Site, click **Allow and Continue**.
      7. Click **Close**.

   The **Access Systems** page now displays the newly-connected virtual Salto KS access control system.

***

## Step 2: Install a Seam SDK and Create an API Key

1. Download and install a Seam SDK in your favorite programming language.

<Tabs>
  <Tab title="JavaScript">
    ```bash theme={null}
    npm i seam
    ```
  </Tab>

  <Tab title="Python">
    ```bash theme={null}
    pip install seam
    # For some development environments, use pip3 in this command instead of pip.
    ```
  </Tab>

  <Tab title="Ruby">
    ```bash theme={null}
    bundle add seam
    ```
  </Tab>

  <Tab title="PHP">
    ```bash theme={null}
    composer require seamapi/seam
    ```
  </Tab>

  <Tab title="C#">
    Install using [nuget](https://www.nuget.org/packages/Seam).
  </Tab>
</Tabs>

2. Create an API key.
   1. In the top navigation pane of [Seam Console](https://console.seam.co/), click **Developer**.
   2. In the left navigation pane, click **API Keys**.
   3. In the upper-right corner of the **API Keys** page, click **Add API Key**.
   4. In the **Add API Key** dialog, type a name for your new API key and then click **Create API Key**.
   5. Copy the newly-created API key and store it for future use.
3. Open a terminal window and export your API key as an environment variable.

   ```sh theme={null}
   export SEAM_API_KEY=seam_test2bMS_94SrGUXuNR2JmJkjtvBQDg5c
   ```

   The Seam SDK that you have installed automatically uses this API key once you have exported it.

***

## Step 3: Create a User Identity

Create a user identity to represent a mobile app user.

1. Find the ACS system ID.
   1. In the top navigation pane of [Seam Console](https://console.seam.co/), click **ACS Systems**.
   2. On the **Access Systems** page, locate the Salto KS Main Site ACS.
   3. In the **acs\_system\_id** column for the Main Site ACS, click the ID to copy it.
   4. Store this ACS system ID for future use.
2. Create the user identity, as follows:

**Code:**

<CodeGroup>
  ```javascript JavaScript theme={null}
  import { Seam } from 'seam'

  const seam = new Seam() // Seam automatically uses your exported SEAM_API_KEY.

  const jenDoeUser = await seam.userIdentities.create({
    full_name: 'Jen Doe',
    email_address: 'jen.doe@example.com',
    // Use the ACS system ID that you copied earlier from Seam Console.
    acs_system_id: acsSystemId,
  })
  ```

  ```bash cURL theme={null}
  # Use the ACS system ID that you copied earlier from Seam Console.
  jen_doe_user=$(curl -X 'POST' \
    'https://connect.getseam.com/user_identities/create' \
    -H 'accept: application/json' \
    -H "Authorization: Bearer ${SEAM_API_KEY}" \
    -H 'Content-Type: application/json' \
    -d "{
    \"full_name\": \"Jen Doe\",
    \"email_address\": \"jen.doe@example.com\",
    \"acs_system_id\": \"${acs_system_id}\",
  }")
  ```

  ```python Python theme={null}
  from seam import Seam

  seam = Seam()  # Seam automatically uses your exported SEAM_API_KEY.

  jen_doe_user = seam.user_identities.create(
    full_name="Jen Doe",
    email_address="jen.doe@example.com",
    # Use the ACS system ID that you copied earlier from Seam Console.
    acs_system_ids=[acs_system_id]
  )
  ```

  ```ruby Ruby theme={null}
  require "seam"

  seam = Seam.new() # Seam automatically uses your exported SEAM_API_KEY.

  jen_doe_user = seam.user_identities.create(
    full_name: "Jen Doe",
    email_address: "jen.doe@example.com",
    # Use the ACS system ID that you copied earlier from Seam Console.
    acs_system_id: acs_system_id,
  )
  ```

  ```php PHP theme={null}
  <?php
  require 'vendor/autoload.php';

  $seam = new Seam\SeamClient(); // Seam automatically uses your exported SEAM_API_KEY.

  $jen_doe_user = $seam->user_identities->create(
    full_name: "Jen Doe",
    email_address: "jen.doe@example.com",
    // Use the ACS system ID that you copied earlier from Seam Console.
    acs_system_id: $acs_system_id,
  );
  ```

  ```csharp C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

**Output:**

<CodeGroup>
  ```json JavaScript theme={null}
  {
    "user_identity_id": "22222222-2222-2222-2222-222222222222",
    "full_name": "Jen Doe",
    "email_address": "jen.doe@example.com",
    ...
  }
  ```

  ```json cURL theme={null}
  {
    "user_identity": {
      "user_identity_id": "22222222-2222-2222-2222-222222222222",
      "full_name": "Jen Doe",
      "email_address": "jen.doe@example.com",
      ...
    },
    "ok": true
  }
  ```

  ```json Python theme={null}
  UserIdentity(
    user_identity_id='22222222-2222-2222-2222-222222222222',
    full_name='Jen Doe',
    email_address='jen.doe@example.com',
    ...
  )
  ```

  ```json Ruby theme={null}
  <Seam::Resources::UserIdentity:0x005f0
    user_identity_id="22222222-2222-2222-2222-222222222222"
    full_name="Jen Doe"
    email_address="jen.doe@example.com"
    ...
  >
  ```

  ```json PHP theme={null}
  {
    "user_identity_id": "22222222-2222-2222-2222-222222222222",
    "full_name": "Jen Doe",
    "email_address": "jen.doe@example.com",
    ...
  }
  ```

  ```json C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

***

## Step 4: Assign the User Identity to an Access Group

Add the user identity to an access group. For Salto KS, access groups specify the entrances to which users have access.

Some other access control systems do not use access groups and, instead, specify allowed entrances directly within the credential. For more details, see [Access Permission Assignment Variations](../connect-an-acs-to-seam/understanding-access-control-system-differences#access-permission-assignment-variations).

1. Find the access group ID.
   1. In the top navigation pane of [Seam Console](https://console.seam.co/), click **ACS Systems**.
   2. On the **Access Systems** page, click the Salto KS Main Site ACS.
   3. On the **Main Site** page, click the **Access Groups** tab.
   4. Locate the Main Group, click **...**, and click **Copy Id**.
   5. Store this access group ID for future use.
2. Assign the user identity to the Main Group, as follows:

**Code:**

<CodeGroup>
  ```javascript JavaScript theme={null}
  await seam.acs.accessGroups.addUser({
    // Use the access group ID that you copied earlier from Seam Console.
    acs_access_group_id: accessGroupId,
    user_identity_id: jenDoeUser.user_identity_id,
  })
  ```

  ```bash cURL theme={null}
  # Use the access group ID that you copied earlier from Seam Console.
  curl -X 'POST' \
    'https://connect.getseam.com/acs/access_groups/add_user' \
    -H "Authorization: Bearer ${SEAM_API_KEY}" \
    -H 'Content-Type: application/json' \
    -d "{
    \"acs_access_group_id\": \"${access_group_id}\",
    \"user_identity_id\": \"$(jq -r '.user_identity.user_identity_id' <<< ${jen_doe_user})\"
  }"
  ```

  ```python Python theme={null}
  seam.acs.access_groups.add_user(
    # Use the access group ID that you copied earlier from Seam Console.
    acs_access_group_id = access_group_id,
    user_identity_id = jen_doe_user.user_identity_id
  )
  ```

  ```ruby Ruby theme={null}
  seam.acs.access_groups.add_user(
    # Use the access group ID that you copied earlier from Seam Console.
    acs_access_group_id: access_group_id,
    user_identity_id: jen_doe_user.user_identity_id
  )
  ```

  ```php PHP theme={null}
  $seam->acs->access_groups->add_user(
    // Use the access group ID that you copied earlier from Seam Console.
    acs_access_group_id: $access_group_id,
    user_identity_id: jen_doe_user.user_identity_id
  );
  ```

  ```csharp C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

**Output:**

<CodeGroup>
  ```json JavaScript theme={null}
  void
  ```

  ```json cURL theme={null}
  {
    "ok": true
  }
  ```

  ```json Python theme={null}
  None
  ```

  ```json Ruby theme={null}
  nil
  ```

  ```json PHP theme={null}
  void
  ```

  ```json C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

***

## Step 5: Create a Mobile Key Credential

Create a mobile key credential for the user identity.

**Code:**

<CodeGroup>
  ```javascript JavaScript theme={null}
  const mobileKey = await seam.acs.credentials.create({
    user_identity_id: jenDoeUser.user_identity_id,
    is_multi_phone_sync_credential: true,
    access_method: 'mobile_key',
  })
  ```

  ```bash cURL theme={null}
  mobile_key=$(curl -X 'POST' \
    'https://connect.getseam.com/acs/credentials/create' \
    -H 'accept: application/json' \
    -H "Authorization: Bearer ${SEAM_API_KEY}" \
    -H 'Content-Type: application/json' \
    -d "{
    \"user_identity_id\": \"$(jq -r '.user_identity.user_identity_id' <<< ${jen_doe_user})\",
    \"is_multi_phone_sync_credential\": true,
    \"access_method\": \"mobile_key\"
  }")
  ```

  ```python Python theme={null}
  mobile_key = seam.acs.credentials.create(
    user_identity_id = jen_doe_user.user_identity_id,
    is_multi_phone_sync_credential = True,
    access_method = "mobile_key"
  )
  ```

  ```ruby Ruby theme={null}
  mobile_key = seam.acs.credentials.create(
    user_identity_id: jen_doe_user.user_identity_id,
    is_multi_phone_sync_credential: true,
    access_method: "mobile_key"
  )
  ```

  ```php PHP theme={null}
  $pin_code_credential = $seam->acs->credentials->create(
    user_identity_id: $jen_doe_user->user_identity_id,
    is_multi_phone_sync_credential: true,
    access_method: "mobile_key"
  );
  ```

  ```csharp C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

**Output:**

<CodeGroup>
  ```json JavaScript theme={null}
  {
    acs_credential_id: '66666666-6666-6666-6666-666666666666',
    acs_system_id: '11111111-1111-1111-1111-111111111111',
    user_identity_id: '22222222-2222-2222-2222-222222222222',
    access_method: 'mobile_key',
    ...
  }
  ```

  ```json cURL theme={null}
  {
    "acs_credential":{
      "acs_credential_id": "66666666-6666-6666-6666-666666666666",
      "acs_system_id": "11111111-1111-1111-1111-111111111111",
      "user_identity_id": "22222222-2222-2222-2222-222222222222",
      "access_method": "mobile_key",
      ...
    }
  }
  ```

  ```json Python theme={null}
  AcsCredential(
    acs_credential_id='66666666-6666-6666-6666-666666666666',
    acs_system_id='11111111-1111-1111-1111-111111111111',
    user_identity_id='22222222-2222-2222-2222-222222222222',
    access_method='mobile_key',
    ...
  )
  ```

  ```json Ruby theme={null}
  <Seam::Resources::AcsCredential:0x005f0
    acs_credential_id="66666666-6666-6666-6666-666666666666"
    acs_system_id="11111111-1111-1111-1111-111111111111"
    user_identity_id= "22222222-2222-2222-2222-222222222222"
    access_method="mobile_key"
    ...
  >
  ```

  ```json PHP theme={null}
  {
    "acs_credential_id": "66666666-6666-6666-6666-666666666666",
    "acs_system_id": "11111111-1111-1111-1111-111111111111",
    "user_identity_id": "22222222-2222-2222-2222-222222222222",
    "access_method": "mobile_key",
    ...
  }
  ```

  ```json C# theme={null}
  // Coming soon!
  ```
</CodeGroup>

***

## Step 6: View Your New Credential

You can use Seam Console, the Seam API, or the [Seam CLI](../../../core-concepts/seam-console/seam-online-cli) to view the list of entrances to which the ACS user now has access.

To use Seam Console to view information about your new PIN code credential:

1. In the top navigation pane of [Seam Console](https://console.seam.co/), click **ACS Systems**.

2. On the **Access Systems** page, click the Salto KS Main Site ACS.

3. In the **Users** table, click **Jen Doe**, the ACS user that you created.

   <img src="https://mintcdn.com/seam/d6yLSFlGuXxmvz_6/images/mobile-key-quick-start-user.png?fit=max&auto=format&n=d6yLSFlGuXxmvz_6&q=85&s=59324e533bec419d56d586830dec72c2" alt="Click the ACS user to view their credentials." style={{width: "550px", height: "auto"}} width="1188" height="270" data-path="images/mobile-key-quick-start-user.png" />

4. In the **Credentials** tab for the ACS user, note the mobile key credential (multi-phone sync credential) that you created.

5. Click the **Access Groups** tab for the ACS user.

6. Click the **Main Group** access group.

7. On the **Main Group** page click the **Entrances** tab and then view the entrances to which this access group grants the ACS user access.

   <img
     src="https://mintcdn.com/seam/d6yLSFlGuXxmvz_6/images/pin-code-quick-start-access-group-entrances.png?fit=max&auto=format&n=d6yLSFlGuXxmvz_6&q=85&s=e5ee4cad81fb6e545141a49361aa1da5"
     alt="View the entrances to which the ACS user has access as a member of the
   access group."
     width="1550"
     height="419"
     data-path="images/pin-code-quick-start-access-group-entrances.png"
   />

<Info>
  This quick start shows the server-side portion of the mobile access
  development process. The other piece of this process is to develop a mobile
  app that downloads the user's mobile keys and then uses BLE or similar
  technology to unlock nearby entrances to which the user's credentials grant
  access. For details, see [Integrating into your mobile
  application](/capability-guides/mobile-access/mobile-device-sdks/index).
</Info>

***

## Next Steps

Now that you've created a mobile key credential, try out the other ACS quick starts.

* [PIN Code Quick Start](/low-level-apis/access-systems/acs-quick-starts/pin-code-quick-start)
* [Key Card Quick Start](/low-level-apis/access-systems/acs-quick-starts/encodable-key-card-quick-start)

Then, [connect your ACS to Seam](/low-level-apis/access-systems/connect-an-acs-to-seam/index).

***

## Learn More

For a deeper dive into ACS concepts and instructions, see the following topics:

1. Learn about ACS concepts.
   * [Access Control System Resources](../connect-an-acs-to-seam/access-control-system-resources)
   * [Understanding ACS Differences](../connect-an-acs-to-seam/understanding-access-control-system-differences)
2. Create user identities.
   * [Managing Mobile App User Accounts with User Identities](/capability-guides/mobile-access/managing-mobile-app-user-accounts-with-user-identities)
3. For relevant access control systems, assign user identities to access groups.
   * [Adding User Identities to Access Groups](/api/acs/access_groups/add_user)
4. Learn about available entrances.
   * [Retrieving Entrance Details](../retrieving-entrance-details)
5. Create credentials for ACS users.
   * [Managing Credentials](../managing-credentials)
6. Learn more about the Seam mobile access solution.
   * [Mobile Access](/capability-guides/mobile-access/index)
   * [Integrating into your mobile application](/capability-guides/mobile-access/mobile-device-sdks/index)
7. See the Seam [Access Control Systems API reference](/api/acs/object).
