OpenAccess User Guide - Lenel

1 User GuideLenel OnGuard OpenAccess User GuideThis Guide is item number DOC-1057-EN-US, revision , November 2018. 2018 United Technologies Corporation. All rights , OnGuard , Prism , BlueDiamond , and UltraView are registered trademarks or trademarks of UTC Fire & Security Americas Corporation, Inc. Lenel is a part of UTC Climate, Controls & Security, a unit of United Technologies trademarks are the property of their respective in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the prior express written permission of UTC Fire & Security Americas Corporation, Inc.

2 , which such permission may have been granted in a separate agreement ( , end user license agreement or software license agreement for the particular application).Non-English versions of Lenel documents are offered as a service to our global audiences. We have attempted to provide an accurate translation of the text, but the official text is the English text, and any differences in the translation are not binding and have no legal software described in this document is furnished under a license agreement and may only be used in accordance with the terms of that Reports for Windows is a trademark of Business Objects, and FlashPoint are trademarks of Integral Technologies, of this product were created using LEADTOOLS 1991-2011, LEAD Technologies, Inc.

3 ALL RIGHTS RESERVED. Active Directory, Microsoft, SQL Server, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other is a registered trademark of Oracle International product names mentioned may be trademarks or registered trademarks of their respective companies and are hereby DOES NOT REPRESENT THAT SOFTWARE, HARDWARE OR RELATED SERVICES MAY NOT BE HACKED, COMPROMISED AND/OR CIRCUMVENTED. Lenel DOES NOT WARRANT THAT SOFTWARE, HARDWARE OR RELATED SERVICES WILL WORK PROPERLY IN ALL ENVIRONMENTS AND APPLICATIONS AND DOES NOT WARRANT ANY SOFTWARE, HARDWARE OR RELATED SERVICES AGAINST HARMFUL ELECTROMAGNETIC INTERFERENCE INDUCTION OR RADIATION (EMI, RFI, ETC.)

4 EMITTED FROM EXTERNAL SOURCES. THE ABILITY OF SOFTWARE, HARDWARE AND RELATED SERVICES TO WORK PROPERLY DEPENDS ON A NUMBER OF PRODUCTS AND SERVICES MADE AVAILABLE BY THIRD PARTIES OVER WHICH Lenel HAS NO CONTROL INCLUDING, BUT NOT LIMITED TO, INTERNET, CELLULAR AND LANDLINE CONNECTIVITY; MOBILE DEVICE AND RELATED OPERATING SYSTEM COMPATABILITY; OR PROPER installation , CONFIGURATION AND MAINTENANCE OF AUTHORIZED HARDWARE AND OTHER MAY MAKE CERTAIN BIOMETRIC CAPABILITIES ( , FINGERPRINT, VOICE PRINT, FACIAL RECOGNITION, ETC.), DATA RECORDING CAPABILITIES ( , VOICE RECORDING), AND/OR DATA/INFORMATION RECOGNITION AND TRANSLATION CAPABILITIES AVAILABLE IN PRODUCTS Lenel MANUFACTURES AND/OR RESELLS.

5 Lenel DOES NOT CONTROL THE CONDITIONS AND METHODS OF USE OF PRODUCTS IT MANUFACTURES AND/OR RESELLS. THE END-USER AND/OR INSTALLER AND/OR RESELLER/DISTRIBUTOR ACT AS CONTROLLER OF THE DATA RESULTING FROM USE OF THESE PRODUCTS, INCLUDING ANY RESULTING PERSONALLY IDENTIFIABLE INFORMATION OR PRIVATE DATA, AND ARE SOLELY RESPONSIBLE TO ENSURE THAT ANY PARTICULAR installation AND USE OF PRODUCTS COMPLY WITH ALL APPLICABLE PRIVACY AND OTHER LAWS, INCLUDING ANY REQUIREMENT TO OBTAIN CONSENT. THE CAPABILITY OR USE OF ANY PRODUCTS MANUFACTURED OR SOLD BY Lenel TO RECORD CONSENT SHALL NOT BE SUBSTITUTED FOR THE CONTROLLER'S OBLIGATION TO INDEPENDENTLY DETERMINE WHETHER CONSENT IS REQUIRED, NOR SHALL SUCH CAPABILITY OR USE SHIFT ANY OBLIGATION TO OBTAIN ANY REQUIRED CONSENT TO Warnings and DisclaimersTHESE PRODUCTS ARE INTENDED FOR SALE TO, AND installation BY, AN EXPERIENCED SECURITY PROFESSIONAL.

6 UTC FIRE & SECURITY CANNOT PROVIDE ANY ASSURANCE THAT ANY PERSON OR ENTITY BUYING ITS PRODUCTS, INCLUDING ANY "AUTHORIZED DEALER", IS PROPERLY TRAINED OR EXPERIENCED TO CORRECTLY INSTALL SECURITY RELATED more information on warranty disclaimers and product safety information, please check or scan the following code: OpenAccess User Guide3 Table of ContentsCHAPTER 1 Introduction .. 11 Expectations and Behaviors of OpenAccess ..12 Confirming the Installed Version of OnGuard .. 12 Stopping and Restarting the Services .. 12 Authorization .. 12 User-Defined Fields.

7 13 OpenAccess and Brute Force Attack Protection .. 13 Using OpenAccess to Issue Mobile Badges .. 13 Authenticated Token and Inactivity Timeouts .. 13 OpenAccess Custom Configuration ..14 Authentication .. 14 Caching Properties .. 15 Badge Printing Properties .. 16 Queuing .. 17 Job Runner/Thread Pool Properties .. 17 Timeout Settings .. 18 Event Context Provider Settings .. 18 Definitions, Acronyms, Abbreviations ..18 OpenAccess Architecture ..19 References and Applicable Documents ..19 CHAPTER 2 Getting Started .. 21 License for OpenAccess ..21 Application ID and Getting Started with Development.

8 21 Starting OpenAccess ..22 Stopping and Restarting the Services ..22LS OpenAccess Service ..23 Authorization ..23 Table of Contents4 OpenAccess User GuideAuthentication .. 24 Deploying the LS Event Context Provider Service .. 24 Enabling Verbose Logging .. 24 Starting the OpenAccess Tool .. 25 Sample Applications .. 25 Sample Web Applications .. 25 Sample C# Applications .. 27 Sample Java Application .. 28 Swagger Specification and Interactive Documentation .. 29 Using Response Headers to Develop Secure Web Applications .. 29 CHAPTER 3 Using OpenAccess .

9 31 Searching for Objects .. 31 Date/Time Format .. 32 Date/Time Format When Using OpenAccess API Calls .. 32 Date/Time Format When Using Events .. 32 Binary Format .. 32 String Format .. 33 Features and Limitations .. 33 Cardholders and Visitors .. 33 Badges .. 33 Directory Accounts .. 33 Visits .. 33 User-Defined Fields .. 34 User-Defined List Values .. 34 SegmentID .. 34 Receiving Events .. 35 Durable vs. Transient Event Subscribers .. 35 Using Event Filters with Subscriptions .. 35 Cross-Origin Resource Sharing .. 40 Version .. 41 OpenAccess and Brute Force Attack Protection.

10 41 CHAPTER 4 REST API Reference .. 43 General OpenAccess API Calls .. 44get version .. 44get keepalive .. 45get feature_availability .. 45get queue .. 46get queue/{id} .. 47delete queue/{id} .. 48add partner_values .. 48modify partner_values .. 49 Login and Logout .. 50get directories .. 50add authentication .. 51delete authentication .. 53 OpenAccess User Guide5 Table of Contentsget session .. 54get identity_provider_url .. 55 Receive Events ..56get event_subscriptions .. 56get event_subscriptions with id .. 59add event_subscriptions .. 60modify event_subscriptions with id.