HID mobile credentials allow for using a smart phone or device to gain entry when presented at a HID mobile-ready reader. The credential is stored on the phone within the HID Mobile Access App and can be found on the Apple App Store or Google Play Store.
Access It! Universal.NET Licensing
The following licensing option must be enabled within Access It! Universal.NET.
- Mobile Credentials - Yes
The following components are required to complete the integration.
- Access It!® Universal.NET min s/w v8
- Smartphone with HID Mobile Access App installed
- Customer-provided HID Organization ID
- Customer-provided HID Client ID (System Account)
- Customer-provided HID Client Password (System Account)
- HID Mobile ID configured as a default
HID-specific data can be obtained through the HID Origo Management Portal.
Server Setup
- Within Access It! Universal.NET, navigate to the Servers section located under the System menu
- Edit the Access It! Universal.NET server
- Click the Mobile Credentials tab
- Under the HID section, leave the Auth Base Url and API Base Url at default settings
- Under the HID section, enter the HID Organization ID
- Under the HID section, enter the HID Client ID
- Under the HID section, enter the HID Client Secret/Password
- Click Save
- Close the Access It! Universal.NET workstation
- Stop the Access It! Universal.NET service
- Start the Access It! Universal.NET service
Assigning Credentials
When importing or capturing a cardholder image, ensure the image size is under 400 pixels tall.
- Within Access It! Universal.NET, navigate to the Cardholders section located under the Main menu
- Click New to create a new Cardholder/Card
- When at the step to enter card information, select credential type of HID Mobile Credential
If using multiple Mobile ID types, the default set in the HID Origo Management Portal will be used. To choose a different mobile ID type, click the Choose credential button. - Enter a valid email address for the cardholder
- Select send invitation to automatically send the credential to the email address
- Save the Cardholder/Card
- The system will email which includes a link and invitation code that may be redeemed through the HID Mobile Access App
Resending Invitation Code (Optional)
- Within Access It! Universal.NET, navigate to the Cardholders section located under the Main menu
- Edit an existing HID mobile credential
- Check the Send invitation checkbox
- Save the Card
- The system will email which includes a link and invitation code that may be redeemed through the HID Mobile Access App
Verify/Revoke Credential
- Within Access It! Universal.NET, navigate to the Cardholders section located under the Main menu
- Edit an existing HID mobile credential
- Click the Credential status button
- A window will open reporting current status of the credential as well as an option to Revoke the Mobile ID.
- Save the Card
- The system will email which includes a link and invitation code that may be redeemed through the HID Mobile Access App
Importing via Data Exchange
Data Exchange allows for bulk importing and/or updating records from an external source. When configured correctly, this mechanism can be used to bulk assign mobile credentials.
The below are items that are specific to mobile credential imports:
The Date Exchange license must be enabled in order to bulk insert HID mobile credentials.
- The data source must map a "dummy" card number
Once the mobile credential is issued the imported "dummy' card number will be updated with the actual credential number. - Facility code -2 must be mapped to the Facility Code field
- The users email address must be mapped to the Contact Information field
- The number 3 must be mapped to the Credential Type field in order to create HID credentials
Data Exchange
More on the Data Exchange package setup can be found in the following KB articles.
- Data Exchange Package - Microsoft Access
- Data Exchange Package - Microsoft Active Directory
- Data Exchange Package - Microsoft Excel
- Data Exchange Package - Microsoft SQL Server
- Data Exchange Package - ODBC
- Data Exchange Package - Text File
HID Mobile Access
For more information regarding HID Mobile Access visit the HID Mobile Access Solutions web page.
HID Mobile Access App
For more information regarding HID Mobile Access App visit the HID Mobile Access App user guide.
Error:
Status Code:BadRequest
{"errorCode":"400","errorMessage":"The Customer ID xxxxxxx is invalid. Please provide a valid Customer ID.","uuid":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}
Resolution:
Either the Access It! Universal.NET service has not yet been restarted or the Auth base url and the Api base url are incorrect within the System | Mobile Credentials tab.
The correct paths are:
- Auth base url: https://api.origo.hidglobal.com/authentication/customer/
- Api base url: https://ma.api.assaabloy.com/credential-management
Error:
Cannot insert the value NULL into column 'CardNumber', table 'AIUniversal.dbo.Cards'; column does not allow nulls. INSERT fails.
The INSERT statement conflicted with the FOREIGN KEY constraint "FK_BadgeInfo_Cards". The conflict occurred in database "AIUniversal", table "dbo.Cards", column 'CardID'.
Resolution:
Within the HID Origo Management Portal, The Mobile ID is not set to Default.
- Login into the HID Origo Management Portal
- Select the : at the top right of the screen and select HID Origo Services
- Select Mobile Identities
- Select Settings
- Expand Mobile ID Settings using the arrow
- Select the Mobile ID
- Click Set as Default
The Mobile ID will not state that it is default. You must select the credential and Set as Default and once that is completed, again it will NOT state that it is default. - Click Save
Even after clicking the Save button, the Mobile ID will not state that it is default, but now it will work properly.
Error:
Status Code:PreconditionFailed
HTTP Status:412
ScimType:mutability
Detail:Default Part Number does not exist for your company.
Schema(s): urn:hid:scim:api:ma:2.2:Error
Resolution:
Within the HID Origo Management Portal, The Mobile ID is not set to Default.
- Login into the HID Origo Management Portal
- Select the : at the top right of the screen and select HID Origo Services
- Select Mobile Identities
- Select Settings
- Expand Mobile ID Settings using the arrow
- Select the Mobile ID
- Click Set as Default
The Mobile ID will not state that it is default. You must select the credential and Set as Default and once that is completed, again it will NOT state that it is default. - Click Save
Even after clicking the Save button, the Mobile ID will not state that it is default, but now it will work properly.
Error:
Status Code: Conflict
HTTP Status:409
ScimType:uniqueness
Detail:This user with given Email ID is already enrolled.
Schema(s): urn:hid:scim:api:ma:2.2:Error
Resolution:
This error occurs if the assigned email address was manually added through the HID portal. The user must be deleted and the recreated via Access It! Universal.NET.
Error:
HID Mobile application reports Mobile ID Rejected
Resolution:
This occurs if the Mobile Keyset (MOB Key) does not match between credential and phone. Issue can also occur if antipassback is enabled within the reader.