Please Note that these features are still in development. This site uses Feenics Model Nuget Package Version: bin.
The following objects are all apart of the Keep object model but for your convenience have been separated into its own section.
From HID Origo Site:
HID Origo was built to accelerate the trend of helping organizations become more secure, efficient and data-driven through cloud technologies. This cloud-based platform provides seamless and consistent service while improving how access control solutions are delivered. In addition, HID Origo opens opportunities for adoption of new, more flexible service subscription models while reducing costs and increasing operational efficiency.
Key Benefits
Reliability: Trust a secure infrastructure backed by the world’s leading cloud vendors, validated by industry certifications and delivered via HID Global’s service level agreements and support
Connectivity: Access and manage a trusted ecosystem of cloud-connected access control devices, applications and trusted mobile identities in one place
Insights: Utilize data to ensure a seamless user experience, provide operational efficiency and make decisions to guide the business forward
KeepAPI exposes new endpoints / resources and extensions to the existing data model to facilitate integration with the HID Mobile Access Credentials product, Origo. Currently all access to the is through the API, with future plans to incorporate the Origo integration into the Windows and Web Client user interfaces.
Origo Integration is a licensable feature. An example license request would be:
{
"Environment": "DEV",
"InstanceKey": "{{ WorkingInstance.Key }}",
"LicensedBy": {
"CompanyName": "Feenics Inc",
"EmailAddress": "ralph.shillington@feenics.com",
"MailingAddress": {
"Street": "301 - 2310 St. Laurent Blvd",
"City": "Ottawa",
"Province": "ON",
"Country": "CA",
"PostalCode": "K1G 5H9"
},
"PhoneNumber": "613-520-2455"
},
"Licensee": {
"CompanyName": "Feenics Inc - Development",
"EmailAddress": "ralph.shillington@feenics.co",
"MailingAddress": {
"Street": "302 - 2310 St. Laurent Blvd",
"City": "Ottawa",
"Province": "ON",
"Country": "CA",
"PostalCode": "K1C 5J9"
},
"PhoneNumber": "613-520-2426"
},
"PurchaseOrder": "RALPH",
"RequestingComponents": [
{
"PrivateProductCode": "ORIGO",
"ValueAdded": 1
}
]
}
Users that will be configuring the Origo integration must have the OrigoAdmin action attached to the Instance object type. Of course administrators with *,* permissions will automatically have this permission.
Configuration can be set or updated by with POST method to the endpoint /api/origo/configuration The currently stored configuration can not be retrieved by the API user since it contains sensitive information. Subsequent POST methods will replace the existing configuration.
Setting the Configuration, will automatically register the instance to receive callback messages.
Response | Condition | Description |
---|---|---|
401 | NotAuthorized | failed to find and operation right for the current user with action of OrigoAdmin on the object type Instance |
409 | Conflict | Missing license for this instance. |
400 | BadRequest | Failed to log into Origo with the supplied credentials |
400 | BadRequest | Failed to register the callback endpoint with Origo |
200 | Ok | Configuration has been saved, and the callback endpoint has been registered with Origo |
In this example, the default defined instance is configured. The example posts the contents of the file origoconfig.json.
The contents of the configuration information is obtained from HID by the customer’s administrator using the HID Origo portal. It’s important to note that the user may have access to both a pre-production and production HID portal
//origoconfig.json
{
"CustomerId": "1000582",
"ClientId": "1000582-SRV1620440120",
"ClientSecret": "password_goes_here",
"GrantType": "client_credentials",
"DefaultPartNumber": "MID-SUB-CRD_FTPN_30176"
}
Example using C#
await client.SetOrigoCustomerConfiguration(root, new OrigoCustomerConfiguration {ClientId = "1000582-SRV1620440120", CustomerId = "1000582", DefaultPartNumber = "MID-SUB-CRD_FTPN_30176", GrantType = "client_credentials", ClientSecret = "password_goes_here"});
Once properly configured, the normal operation of the integration is largely ‘behind the scenes’. There is only one additional Origo specific endpoint that has been added to the PersonInfo resource: /origo/issue.
To issue a mobile credential a cardholder must already exist in the Keep instance. In the case of a Enterprise instances, the card holder may exist in either the root instance, or the shared instance.
Internally the processing of issuing a mobile credential involves several steps:
The ISSUED status will be sent from Origo to Keep (via the preconfigured endpoint that was provisioned at the time of setting the Origo Configuration). This call only occurs after the mobile device has successfully downloaded the credential. It is the callback handler that creates the CardAssignmentInfo object attaches it to the PersonInfo and raises the appropriate event, such that the Mercury Service pushes the Mobile Credential card number to the appropriate controllers.