Users
A user is typically a person who requires access to and within your installation. This service is responsible for managing user resources such as keys, as well as their association with access rights.
Resource name of the user. It must have the format of installations/*/users/*. For example: installations/surelock-homes-hq/users/john-watson.
The personal name, forename or given name ("first name"). It could also contain a middle name. First name is not used because the given name is not placed first in some cultures.
The display name of the user, formed by concatenating the first and last name values.
Activation time independent of any time zone or calendar.
Expiration time independent of any time zone or calendar.
The URI to view the user photo.
The card key resource that belongs to the user.
The electronic key resource that belongs to the user.
The app key resource that belongs to the user.
The wallet key resource that belongs to the user.
The passcode resource that belongs to the user.
Indicates whether this user is blocked or not. A blocked user cannot perform any admin actions, that is, if they have a management role this will no longer be valid. If the user has a key then it will no longer unlock access points.
The name of the parent user of this user. Only users who have had keys shared with them will have this field set.
The surname or family name ("last name"). It could also contain more than one surname so that both matrilineal and patrilineal surnames can be included in one place. Last name is not used because the family name is not placed last in some cultures.
Email address.
The file resource name for the user photo. It must have the format of installations/surelock-homes-hq/files/01DSYSJ1PR36VVC3MRFRV4DC7G.
The resource name of the manager resource that owns this user. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Resource name of the user's access right association. It must have the format of installations/*/users/*/access-rights/*. For example: installations/surelock-homes-hq/users/john-watson/access-rights/baskerville.
The access right resource name to bind as an association to the parent access point. For example: installations/surelock-homes-hq/access-rights/baskerville.
Display name of the associated entity. In this case an access right.
The schedules for the user's access right. If set, this can only be more restrictive than the schedules defined in the associated access right.
The computed effective schedules for the user's access right based on the given parent resource.
Activation time independent of any time zone or calendar. User access right's association activation time rules: 1. Activation time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. If no activation time is provided, the current time is used, truncated to the nearest earlier multiple of 10 minutes. For example, if the current time is 14:46, the system will use 14:40.
Expiration time independent of any time zone or calendar. User access right's association expiration time rules: 1. Expiration time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. When specifying expiration time, it must: - Be at least 10 minutes after activation time. - Always be a multiple of 10 minutes. The system does not round or adjust expiration time for you. For example, if you attempt to set 10:15, the system will reject it.
The resource name of the manager resource that owns this user access right. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user access right. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user access right is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Output only. Resource name of the user's card key. It must have the format of installations/*/users/*/card-key. For example: installations/surelock-homes-hq/users/john-watson/card-key.
Unique identifier of the physical card. Length dependent of technology. Max length for ISO14443-3 is 10 bytes.
Indicates whether this card key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call EncodeCardKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The card key is not assigned to a physical card.PENDING2. The card key is pending activation.ACTIVE3. The card key is active and ready to be used.Indicates whether this card key has pending updates or not. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call OutdateCardKey.
Resource name of the user's app key. It must have the format of installations/*/users/*/app-key. For example: installations/surelock-homes-hq/users/john-watson/app-key.
Indicates whether this app key has been assigned or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call AssignAppKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The app key is not assigned.PENDING2. The app key is pending activation.ACTIVE3. The app key is active and ready to be used.Indicates whether this app key has pending updates or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call OutdateAppKey.
Resource name of the user's wallet key. It must have the format of installations/*/users/*/wallet-key. For example: installations/surelock-homes-hq/users/john-watson/wallet-key.
Indicates whether this wallet key has been assigned or not. This field cannot be modified using a standard UpdateWalletKey operation. To change the value of this field, you must call AssignWalletKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The wallet key is not assigned.PENDING2. The wallet key is pending activation.ACTIVE3. The wallet key is active and ready to be used.Indicates whether this wallet key has pending updates or not. This field cannot be modified using a standard UpdateWalletKey operation. To change the value of this field, you must call OutdateWalletKey.
Output only. Resource name of the user's passcode. It must have the format of installations/*/users/*/passcode. For example: installations/surelock-homes-hq/users/john-watson/passcode.
Indicates whether this passcode has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard passcode update operation. To change the value of this field, you must call AssignPasscode. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The passcode is not assigned.ACTIVE2. The passcode is active and ready to be used.Output only. Resource name of the user's electronic key. It must have the format of installations/*/users/*/electronic-key. For example: installations/surelock-homes-hq/users/john-watson/electronic-key.
Globally unique identifier that is used across all devices manufactured by SALTO.
Indicates whether this electronic key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateElectronicKey operation. To change the value of this field, you must call EncodeElectronicKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The electronic key is not assigned to a physical device.PENDING2. The electronic key is pending activation.ACTIVE3. The electronic key is active and ready to be used.Indicates whether this electronic key has pending updates or not. This field cannot be modified using a standard UpdateElectronicKey operation. To change the value of this field, you must call OutdateElectronicKey.
Days when it's valid.
Start time of day when schedule starts being valid.
End time of day when schedule ends being valid.
Day type
DAY_TYPE_UNSPECIFIED0. UnspecifiedNORMAL1. Normal dayHOLIDAY2. HolidaysSPECIAL_13. Special day type 1SPECIAL_24. Special day type 2In case day_type is NORMAL, the specific day of the week.
DAY_OF_WEEK_UNSPECIFIED0. UnspecifiedMONDAY1. MondayTUESDAY2. TuesdayWEDNESDAY3. WednesdayTHURSDAY4. ThursdayFRIDAY5. FridaySATURDAY6. SaturdaySUNDAY7. SundayHours of day in 24 hour format. Should be from 0 to 23.
Minutes of hour of day. Must be from 0 to 59.
Seconds of minutes of the time. Must be from 0 to 59.
Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
Representation of an electronic key, belonging to a user
Output only. Resource name of the user's electronic key. It must have the format of installations/*/users/*/electronic-key. For example: installations/surelock-homes-hq/users/john-watson/electronic-key.
Globally unique identifier that is used across all devices manufactured by SALTO.
Indicates whether this electronic key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateElectronicKey operation. To change the value of this field, you must call EncodeElectronicKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The electronic key is not assigned to a physical device.PENDING2. The electronic key is pending activation.ACTIVE3. The electronic key is active and ready to be used.Indicates whether this electronic key has pending updates or not. This field cannot be modified using a standard UpdateElectronicKey operation. To change the value of this field, you must call OutdateElectronicKey.
Representation of a passcode, belonging to a user
Output only. Resource name of the user's passcode. It must have the format of installations/*/users/*/passcode. For example: installations/surelock-homes-hq/users/john-watson/passcode.
Indicates whether this passcode has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard passcode update operation. To change the value of this field, you must call AssignPasscode. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The passcode is not assigned.ACTIVE2. The passcode is active and ready to be used.Representation of a wallet key, belonging to a user
Resource name of the user's wallet key. It must have the format of installations/*/users/*/wallet-key. For example: installations/surelock-homes-hq/users/john-watson/wallet-key.
Indicates whether this wallet key has been assigned or not. This field cannot be modified using a standard UpdateWalletKey operation. To change the value of this field, you must call AssignWalletKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The wallet key is not assigned.PENDING2. The wallet key is pending activation.ACTIVE3. The wallet key is active and ready to be used.Indicates whether this wallet key has pending updates or not. This field cannot be modified using a standard UpdateWalletKey operation. To change the value of this field, you must call OutdateWalletKey.
Representation of an app key, belonging to a user
Resource name of the user's app key. It must have the format of installations/*/users/*/app-key. For example: installations/surelock-homes-hq/users/john-watson/app-key.
Indicates whether this app key has been assigned or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call AssignAppKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The app key is not assigned.PENDING2. The app key is pending activation.ACTIVE3. The app key is active and ready to be used.Indicates whether this app key has pending updates or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call OutdateAppKey.
Representation of a card key, belonging to a user
Output only. Resource name of the user's card key. It must have the format of installations/*/users/*/card-key. For example: installations/surelock-homes-hq/users/john-watson/card-key.
Unique identifier of the physical card. Length dependent of technology. Max length for ISO14443-3 is 10 bytes.
Indicates whether this card key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call EncodeCardKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The card key is not assigned to a physical card.PENDING2. The card key is pending activation.ACTIVE3. The card key is active and ready to be used.Indicates whether this card key has pending updates or not. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call OutdateCardKey.
The user object
Resource name of the user. It must have the format of installations/*/users/*. For example: installations/surelock-homes-hq/users/john-watson.
The personal name, forename or given name ("first name"). It could also contain a middle name. First name is not used because the given name is not placed first in some cultures.
The display name of the user, formed by concatenating the first and last name values.
Activation time independent of any time zone or calendar.
Expiration time independent of any time zone or calendar.
The URI to view the user photo.
The card key resource that belongs to the user.
The electronic key resource that belongs to the user.
The app key resource that belongs to the user.
The wallet key resource that belongs to the user.
The passcode resource that belongs to the user.
Indicates whether this user is blocked or not. A blocked user cannot perform any admin actions, that is, if they have a management role this will no longer be valid. If the user has a key then it will no longer unlock access points.
The name of the parent user of this user. Only users who have had keys shared with them will have this field set.
The surname or family name ("last name"). It could also contain more than one surname so that both matrilineal and patrilineal surnames can be included in one place. Last name is not used because the family name is not placed last in some cultures.
Email address.
The file resource name for the user photo. It must have the format of installations/surelock-homes-hq/files/01DSYSJ1PR36VVC3MRFRV4DC7G.
The resource name of the manager resource that owns this user. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
The user's access right association
Resource name of the user's access right association. It must have the format of installations/*/users/*/access-rights/*. For example: installations/surelock-homes-hq/users/john-watson/access-rights/baskerville.
The access right resource name to bind as an association to the parent access point. For example: installations/surelock-homes-hq/access-rights/baskerville.
Display name of the associated entity. In this case an access right.
The schedules for the user's access right. If set, this can only be more restrictive than the schedules defined in the associated access right.
The computed effective schedules for the user's access right based on the given parent resource.
Activation time independent of any time zone or calendar. User access right's association activation time rules: 1. Activation time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. If no activation time is provided, the current time is used, truncated to the nearest earlier multiple of 10 minutes. For example, if the current time is 14:46, the system will use 14:40.
Expiration time independent of any time zone or calendar. User access right's association expiration time rules: 1. Expiration time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. When specifying expiration time, it must: - Be at least 10 minutes after activation time. - Always be a multiple of 10 minutes. The system does not round or adjust expiration time for you. For example, if you attempt to set 10:15, the system will reject it.
The resource name of the manager resource that owns this user access right. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user access right. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user access right is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Create a user
Creates a new user.
Input
Resource name of the parent resource where the user is to be created.
The user resource to be created. Client must not set the User.name field.
The user id to use for this user. In case it's empty the server will autogenerate a unique identifier.
Output
Resource name of the user. It must have the format of installations/*/users/*.
The personal name, forename or given name ("first name"). It could also contain a middle name. First name is not used because the given name is not placed first in some cultures.
The display name of the user, formed by concatenating the first and last name values.
Activation time independent of any time zone or calendar.
Expiration time independent of any time zone or calendar.
The URI to view the user photo.
The card key resource that belongs to the user.
The electronic key resource that belongs to the user.
The app key resource that belongs to the user.
The wallet key resource that belongs to the user.
The passcode resource that belongs to the user.
Indicates whether this user is blocked or not. A blocked user cannot perform any admin actions, that is, if they have a management role this will no longer be valid. If the user has a key then it will no longer unlock access points.
The name of the parent user of this user. Only users who have had keys shared with them will have this field set.
The surname or family name ("last name"). It could also contain more than one surname so that both matrilineal and patrilineal surnames can be included in one place. Last name is not used because the family name is not placed last in some cultures.
Email address.
The file resource name for the user photo. It must have the format of installations/surelock-homes-hq/files/01DSYSJ1PR36VVC3MRFRV4DC7G.
The resource name of the manager resource that owns this user. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Get a user
Retrieves an existing user.
Input
The name of the requested user resource.
Output
Resource name of the user. It must have the format of installations/*/users/*.
The personal name, forename or given name ("first name"). It could also contain a middle name. First name is not used because the given name is not placed first in some cultures.
The display name of the user, formed by concatenating the first and last name values.
Activation time independent of any time zone or calendar.
Expiration time independent of any time zone or calendar.
The URI to view the user photo.
The card key resource that belongs to the user.
The electronic key resource that belongs to the user.
The app key resource that belongs to the user.
The wallet key resource that belongs to the user.
The passcode resource that belongs to the user.
Indicates whether this user is blocked or not. A blocked user cannot perform any admin actions, that is, if they have a management role this will no longer be valid. If the user has a key then it will no longer unlock access points.
The name of the parent user of this user. Only users who have had keys shared with them will have this field set.
The surname or family name ("last name"). It could also contain more than one surname so that both matrilineal and patrilineal surnames can be included in one place. Last name is not used because the family name is not placed last in some cultures.
Email address.
The file resource name for the user photo. It must have the format of installations/surelock-homes-hq/files/01DSYSJ1PR36VVC3MRFRV4DC7G.
The resource name of the manager resource that owns this user. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Get a batch of users
Retrieves a batch of existing users.
Input
Resource name of the parent of the users to be retreived.
The names of the users requested.
Output
Users requested.
List users
Returns a list of users that have been previously created.
Input
The parent resource name.
The maximum number of items to return.
The next_page_token value returned from a previous List request, if any.
A filter that chooses which users to return.
How the results should be sorted.
Output
The field name should match the noun users in the method name. There will be a maximum number of items returned based on the page_size field in the request.
Token to retrieve the next page of results, or empty if there are no more results in the list.
The total number of users in all pages, irrespective of any pagination. This is an estimated number based on the requested filter, and it may change in subsequent pages.
Update a user
Updates an existing user.
Input
The user resource which replaces the resource on the server.
The update mask applied to the resource.
Output
Resource name of the user. It must have the format of installations/*/users/*.
The personal name, forename or given name ("first name"). It could also contain a middle name. First name is not used because the given name is not placed first in some cultures.
The display name of the user, formed by concatenating the first and last name values.
Activation time independent of any time zone or calendar.
Expiration time independent of any time zone or calendar.
The URI to view the user photo.
The card key resource that belongs to the user.
The electronic key resource that belongs to the user.
The app key resource that belongs to the user.
The wallet key resource that belongs to the user.
The passcode resource that belongs to the user.
Indicates whether this user is blocked or not. A blocked user cannot perform any admin actions, that is, if they have a management role this will no longer be valid. If the user has a key then it will no longer unlock access points.
The name of the parent user of this user. Only users who have had keys shared with them will have this field set.
The surname or family name ("last name"). It could also contain more than one surname so that both matrilineal and patrilineal surnames can be included in one place. Last name is not used because the family name is not placed last in some cultures.
Email address.
The file resource name for the user photo. It must have the format of installations/surelock-homes-hq/files/01DSYSJ1PR36VVC3MRFRV4DC7G.
The resource name of the manager resource that owns this user. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Delete a user
Permanently deletes a user. This cannot be undone.
Input
The resource name of the user to be deleted.
Output
No return value.
Block a user
Temporarily blocks an existing user. While blocked, the user cannot perform any admin actions, that is, they have no management role. Neither can they unlock any access point with any type of key.
Input
The resource name of the user to be blocked.
Output
Unblock a user
Unblocks an already blocked user. Once unblocked, the user can perform the admin actions they could previously, that is, they once again have a management role. They can also once again unlock the access points they previously had access to.
Input
The resource name of the user to be unblocked.
Output
Create a user access right
Creates a user's access right association.
Input
Resource name of the parent resource where the users's access right association is to be created.
The user's access right association resource to be created. Client must not set the UserAccessRight.name field.
Output
Resource name of the user's access right association. It must have the format of installations/*/users/*/access-rights/*.
The access right resource name to bind as an association to the parent access point.
Display name of the associated entity. In this case an access right.
The schedules for the user's access right. If set, this can only be more restrictive than the schedules defined in the associated access right.
The computed effective schedules for the user's access right based on the given parent resource.
Activation time independent of any time zone or calendar. User access right's association activation time rules: 1. Activation time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. If no activation time is provided, the current time is used, truncated to the nearest earlier multiple of 10 minutes. For example, if the current time is 14:46, the system will use 14:40.
Expiration time independent of any time zone or calendar. User access right's association expiration time rules: 1. Expiration time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. When specifying expiration time, it must: - Be at least 10 minutes after activation time. - Always be a multiple of 10 minutes. The system does not round or adjust expiration time for you. For example, if you attempt to set 10:15, the system will reject it.
The resource name of the manager resource that owns this user access right. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user access right. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user access right is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Get a user access right
Gets an existing user's access right association.
Input
The name of the requested user's access right association resource.
Output
Resource name of the user's access right association. It must have the format of installations/*/users/*/access-rights/*.
The access right resource name to bind as an association to the parent access point.
Display name of the associated entity. In this case an access right.
The schedules for the user's access right. If set, this can only be more restrictive than the schedules defined in the associated access right.
The computed effective schedules for the user's access right based on the given parent resource.
Activation time independent of any time zone or calendar. User access right's association activation time rules: 1. Activation time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. If no activation time is provided, the current time is used, truncated to the nearest earlier multiple of 10 minutes. For example, if the current time is 14:46, the system will use 14:40.
Expiration time independent of any time zone or calendar. User access right's association expiration time rules: 1. Expiration time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. When specifying expiration time, it must: - Be at least 10 minutes after activation time. - Always be a multiple of 10 minutes. The system does not round or adjust expiration time for you. For example, if you attempt to set 10:15, the system will reject it.
The resource name of the manager resource that owns this user access right. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user access right. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user access right is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
List user access rights
Lists an existing user's access right associations.
Input
The parent resource name.
The maximum number of items to return.
The next_page_token value returned from a previous List request, if any.
A filter that chooses which user's access right associations to return.
How the results should be sorted.
Output
The field name should match the noun user_access_rights in the method name. There will be a maximum number of items returned based on the page_size field in the request.
Token to retrieve the next page of results, or empty if there are no more results in the list.
Update a user access right
Updates an existing user's access right associations.
Input
The user's access right resource which replaces the resource on the server.
The update mask applied to the resource.
Output
Resource name of the user's access right association. It must have the format of installations/*/users/*/access-rights/*.
The access right resource name to bind as an association to the parent access point.
Display name of the associated entity. In this case an access right.
The schedules for the user's access right. If set, this can only be more restrictive than the schedules defined in the associated access right.
The computed effective schedules for the user's access right based on the given parent resource.
Activation time independent of any time zone or calendar. User access right's association activation time rules: 1. Activation time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. If no activation time is provided, the current time is used, truncated to the nearest earlier multiple of 10 minutes. For example, if the current time is 14:46, the system will use 14:40.
Expiration time independent of any time zone or calendar. User access right's association expiration time rules: 1. Expiration time must be specified in multiples of 10 minutes. Valid examples: 07:40, 12:30, 18:10. Invalid examples: 12:32, 10:15. 2. When specifying expiration time, it must: - Be at least 10 minutes after activation time. - Always be a multiple of 10 minutes. The system does not round or adjust expiration time for you. For example, if you attempt to set 10:15, the system will reject it.
The resource name of the manager resource that owns this user access right. A manager resource is any resource (such as a booking) that creates and governs the lifecycle of this user access right. Example: "installations/surelock-homes-hq/bookings/watson-family-booking" If set, this user access right is considered "managed" and cannot be modified directly. It behaves as a side-effect of the manager resource.
Delete a user access right
Deletes a user's access right association. This cannot be undone.
Input
The resource name of the user's access right association to be deleted.
Output
No return value.
Assign a card key
Assigns a card key to an existing user.
Input
The name of the requested user's card key to be assigned.
Unique identifier of the physical card. Length dependent of technology. Max length for ISO14443-3 is 10 bytes.
Output
Output only. Resource name of the user's card key. It must have the format of installations/*/users/*/card-key.
Unique identifier of the physical card. Length dependent of technology. Max length for ISO14443-3 is 10 bytes.
Indicates whether this card key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call EncodeCardKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The card key is not assigned to a physical card.PENDING2. The card key is pending activation.ACTIVE3. The card key is active and ready to be used.Indicates whether this card key has pending updates or not. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call OutdateCardKey.
Cancel a card key
Cancels an existing user's card key.
Input
The name of the requested user's card key to be canceled.
Output
Output only. Resource name of the user's card key. It must have the format of installations/*/users/*/card-key.
Unique identifier of the physical card. Length dependent of technology. Max length for ISO14443-3 is 10 bytes.
Indicates whether this card key has been assigned, not assigned or is active and ready for use. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call EncodeCardKey. If the value is NOT_ASSIGNED it also applies to cases where the assignation process has been initiated, but not completed.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The card key is not assigned to a physical card.PENDING2. The card key is pending activation.ACTIVE3. The card key is active and ready to be used.Indicates whether this card key has pending updates or not. This field cannot be modified using a standard UpdateCardKey operation. To change the value of this field, you must call OutdateCardKey.
Encode a card key
Encodes an existing user's card key.
Input
The name of the requested user's card key to be encoded.
The name of the device to be used as a card encoder. It could be an encoder or an electronic lock and takes the form of a relative resource name: installations/surelock-homes-hq/encoders/dancing-men or installations/surelock-homes-hq/electronic-locks/baker-street-entrance.
Device name, when device is an encoder
Device name, when device is an electronic lock
Device name, when device is a controller
Output
The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the name should have the format of operations/some/unique/name.
Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
The operation result, which can be either an error or a valid response. If done == false, neither error nor response is set. If done == true, exactly one of error or response is set.
The error result of the operation in case of failure or cancellation.
The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is standard Get/Create/Update, the response should be the resource. For other methods, the response should have the type XxxResponse, where Xxx is the original method name. For example: if the original method name is AssignMobileKey(), the inferred response type is AssignMobileKeyResponse.
Assign an app key
Assigns an app key to an existing user.
Input
The name of the requested user's app key to be assigned.
Output
Resource name of the user's app key. It must have the format of installations/*/users/*/app-key.
Indicates whether this app key has been assigned or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call AssignAppKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The app key is not assigned.PENDING2. The app key is pending activation.ACTIVE3. The app key is active and ready to be used.Indicates whether this app key has pending updates or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call OutdateAppKey.
Cancel an app key
Cancels an existing user's app key.
Input
The name of the requested user's app key to be canceled.
Output
Resource name of the user's app key. It must have the format of installations/*/users/*/app-key.
Indicates whether this app key has been assigned or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call AssignAppKey.
STATE_UNSPECIFIED0.Sentinel value used to indicate that the state is unknown, omitted, or is not applicable.
NOT_ASSIGNED1. The app key is not assigned.PENDING2. The app key is pending activation.ACTIVE3. The app key is active and ready to be used.Indicates whether this app key has pending updates or not. This field cannot be modified using a standard UpdateAppKey operation. To change the value of this field, you must call OutdateAppKey.
Compute data of an app key
Compute an existing user's app key data. Data contains encoded access rights of the user.
Note: There might be a delay for the key data to be updated after a user is created or their access rights are modified. It is recommended to wait for a moment (at least 60 seconds, for example) before calling this method to ensure the returned data is up-to-date.
Input
The name of the requested user's app key.
Output
Computed data of the requested app key.
Assign a wallet key
Assigns a wallet key to an existing user.
Input
The name of the requested user's wallet key to be assigned.
Output
The newly-assigned wallet key.
The access URL which contains the data to allow end users to sign in to SALTO Identity seamlessly and which is also used in the add-to-wallet process.
Cancel a wallet key
Cancels an existing user's wallet key.
Input
The name of the requested user's wallet key to be canceled.
Output
The canceled wallet key.
Assign a passcode
Assigns a passcode to an existing user.
Input
The name of the requested user's passcode to be assigned.
Output
The assigned passcode.
The passcode value.
Cancel a passcode
Cancels an existing user's passcode.
Input
The name of the requested user's passcode to be canceled.
Output
The canceled passcode.
Assign an electronic key
Assigns an electronic key to an existing user.
Input
The name of the requested user's electronic key to be assigned.
Globally unique identifier that is used across all devices manufactured by SALTO.
Output
The assigned electronic key.
Cancel an electronic key
Cancels an existing user's electronic key.
Input
The name of the requested user's electronic key to be canceled.
Output
The canceled electronic key.
Encode an electronic key
Encodes an existing user's electronic key.
Input
The name of the requested user's electronic key to be encoded.
The name of the device to be used as a card encoder. It could be an encoder, an electronic lock or a controller and takes the form of a relative resource name: installations/surelock-homes-hq/encoders/dancing-men or installations/surelock-homes-hq/controllers/baker-street-hall or installations/surelock-homes-hq/electronic-locks/baker-street-entrance.
Device name, when device is an encoder
Device name, when device is an electronic lock
Device name, when device is a controller
Output
The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the name should have the format of operations/some/unique/name.
Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
The operation result, which can be either an error or a valid response. If done == false, neither error nor response is set. If done == true, exactly one of error or response is set.
The error result of the operation in case of failure or cancellation.
The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is standard Get/Create/Update, the response should be the resource. For other methods, the response should have the type XxxResponse, where Xxx is the original method name. For example: if the original method name is AssignMobileKey(), the inferred response type is AssignMobileKeyResponse.
Back
Units