Skip to main content
This is a low-level API. For granting a person access, use Access Grants—the default and recommended way to grant access to any physical space. We don’t recommend building on the ACS credential API directly unless you specifically need low-level control over individual credentials (or have discussed your use case with the Seam team at support@seam.co).
An ACS generally uses digital means of access to authorize an ACS user trying to get through a specific entrance. Examples of credentials include plastic key cards, mobile keys, biometric identifiers, and PIN codes. The electronic nature of these credentials, as well as the fact that access is centralized, enables both the rapid provisioning and rescinding of access and the ability to compile access audit logs. Examples of ACS user credentials This guide provides instructions for creating and deleting various types of credentials.
You can assign a credential to an ACS user when you create the credential. You can also assign an existing credential to an ACS user. Further, you can unassign a credential from an ACS user without deleting the credential.

Create a Credential for an ACS User

To create a credential for an ACS user, provide the acs_user_id and the desired access_method. Seam supports the following access methods:
  • code for a PIN code-based credential
  • card for a plastic key card-based credential
  • mobile_key for a Seam mobile key.
Depending on the ACS and the type of credential you are issuing, you can also specify the following properties for the new credential:
  • PIN code.
  • Start and end time frame for the validity of the credential.
  • Whether the credential is a multi-phone sync credential.
    When creating a Seam mobile key, make sure to issue a multi-phone sync credential by setting is_multi_phone_sync_credential to true.
  • Manufacturer-specific data.
Make sure to note any manufacturer-specific metadata and restrictions. For details, see the applicable device or system integration guide.
The response includes the acs_credential_id of the newly-created credential, the acs_user_id associated with the credential, and additional attributes of the credential.
If you are creating card-based credentials, and your ACS requires card encoding, see also Creating and Encoding Card-based Credentials.

Create a PIN Code-based Credential

Request:
await seam.acs.credentials.create({
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'code',
  code: '824759',
})
Response:
{
  acs_credential_id: '66666666-6666-6666-6666-666666666666',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  code: '824759',
  access_method: 'code',
  ...
}

Create a Card-based Credential

To create a plastic key card-based credential, set the access_method to card. Once you’ve created a credential, some access control systems require you to encode the card with the credential. To learn whether your ACS requires card encoding, see the system integration guide for your ACS. For card encoding instructions, see Creating and Encoding Card-based Credentials. Request:
await seam.acs.credentials.create({
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'card',
  code: '123456',
})
Response:
{
  acs_credential_id: '77777777-7777-7777-7777-777777777777',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'card',
  ...
}

Create a Seam Mobile Key

Depending on the ACS for which you want to create a credential, you may also need to include system-specific metadata. See the system integration guide for your ACS. For more information about mobile access and issuing mobile credentials, see Mobile Access and Issuing Mobile Credentials from an Access Control System. Request:
await seam.acs.credentials.create({
  acs_user_id: "33333333-3333-3333-3333-333333333333",
  allowed_acs_entrance_ids: [
    "55555555-5555-5555-5555-555555555555",
    "55555555-5555-5555-5555-000000000000"
  ],
  credential_manager_acs_system_id: "88888888-8888-8888-8888-888888888888",
  access_method: "mobile_key",
  is_multi_phone_sync_credential: true,
  starts_at: "2024-03-01T10:40:00Z",
  ends_at: "2024-03-04T10:40:00Z",
  ...
});
Response:
{
  acs_credential_id: '99999999-9999-9999-9999-999999999999',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  access_method: 'mobile_key',
  is_multi_phone_sync_credential: true,
  ...
}

List Credentials

You can list all ACS credentials for a specific ACS user or user identity. You can also list all credentials for an ACS system.

List Credentials by ACS User

To list all ACS credentials for a specific ACS user, provide the acs_user_id. Request:
await seam.acs.credentials.list({
  acs_user_id: '33333333-3333-3333-3333-333333333333',
})
Response:
[
  {
    acs_credential_id: '99999999-9999-9999-9999-999999999999',
    acs_user_id: '33333333-3333-3333-3333-333333333333',
    ...
  },
  ...
]

List Credentials by User Identity

To list all ACS credentials for a specific user identity, provide the user_identity_id. Request:
await seam.acs.credentials.list({
  user_identity_id: '22222222-2222-2222-2222-222222222222',
})
Response:
[
  {
    acs_credential_id: '99999999-9999-9999-9999-999999999999',
    acs_user_id: '33333333-3333-3333-3333-333333333333',
    ...
  },
  ...
]

Get a Credential

To get a credential, provide the acs_credential_id of the credential that you want to retrieve. These details include the user associated with the credential, the access method, the schedule for the credential, if applicable, and so on. Request:
await seam.acs.credentials.get({
  acs_credential_id: '66666666-6666-6666-6666-666666666666',
})
Response:
{
  acs_credential_id: '99999999-9999-9999-9999-999999999999',
  acs_user_id: '33333333-3333-3333-3333-333333333333',
  acs_system_id: '11111111-1111-1111-1111-111111111111',
  access_method: 'mobile_key',
  ...
}

Delete a Credential

To delete a credential, provide the acs_credential_id. Request:
await seam.acs.credentials.delete({
  acs_credential_id: '66666666-6666-6666-6666-666666666666',
})
Response:
void