IR WIKI

Mobile Credentials

7 min read

Mobile Credentials

Overview

Integriti’s Mobile Credential Integrations allow management of 3rd party Mobile Credential Systems directly from the Integriti software suite, providing a single head-end for mobile credential enrolment and management.

Key features include:

  • Create Users — Create new users in the 3rd party system and obtain credentials.
  • Generate Credentials — Generate new credentials or obtain existing ones via the Card Acquire dialog or automatic entity synchronisation.
  • Send/Resend Credential — Send invitation emails/SMS to users.
  • Revoke Credentials — Revoke via Card Acquire dialog, removing/deleting cards, or automatic entity synchronisation.
  • Update User Details — Changes to name, email, mobile number etc. sync to the 3rd party system.
  • Delete Users — Deleting a user in Integriti deletes them in the 3rd party system.
  • Monitoring — Real-time monitoring of credential state and credential pool availability.

Note: Not all features are supported by every integration. Refer to the individual integration’s manual for supported features.

Prerequisites

Licensing

  • Mobile Credential Integration License (996964) — One per mobile credential system.
  • Integriti Version License — Requires Integriti Professional, Business or Corporate Software Edition. Check individual integration Release Notes for version requirements.
  • Other Licenses — Some integrations may require additional licenses; see individual integration Release Notes.

System Requirements

Refer to the individual integration’s manual for specific system requirements and pre-installed software prerequisites.

Step-by-Step

Installation

  1. Close all instances of the Integriti software suite on the target PC.
  2. Stop all running Integriti services (if installing on the Integriti server).
  3. Download and run the Mobile Credential Integration installer on all Integriti servers first, then on all client workstations.
  4. After installation, restart all services that were stopped.
  5. If reverting to an earlier version, uninstall the current version first.

Enrolment

  1. In Integriti System Designer, select New Integrated Device from the Integrations tab.
  2. Select the integration from the list and press Ok.

    Note: The same version must be installed on both the Integration Server and Client Workstation. If the integration does not appear, ensure both 32-bit and 64-bit Integriti Integration Servers are running.

  3. Give the device a Name and optionally enter Notes.
  4. Persisted Connection Run Mode — Select the preferred mode:
    • Automatically Maintain Connection on Any Single Server (recommended).
    • Maintain Connection on the Specified Server.
    • Simultaneously Maintain Connection on All Servers (may cause duplicate Review Records).
    • Disabled — Use only if event/state monitoring and entity sync are not required.
  5. Connection Configuration — Configure integration-specific properties for connecting to the 3rd party system.
  6. Email Custom Field — Select the Email Address Custom Field for sending invitations.
  7. Mobile Number Custom Field — Select the Phone Number Custom Field for sending invitations.
  8. Delete Users With No Credentials — Enable to auto-delete users from the 3rd party system when they have no valid credentials.
  9. Card Template (New Credential) — Specify the Card Template for new credentials (can be overridden per child credential pool).
  10. Click Save.
  11. Click Refresh Mobile Credential Pools to load available credential pools.
  12. Configure Generate Review Transitions to select which event categories generate Review Records.
  13. Set Send 3rd Party Invitations to true to send/resend invitations through the 3rd party system.
  14. Select an Integriti Operator to limit integration permissions.
  15. Save and close. If a persisted connection is enabled, monitoring begins automatically.

Associating Integriti Entities

Associate entities with mobile credential pools/systems via the Associated Entities tab on the Integrated Device editor. This enables Automatic Input Triggering — automatically trigger and restore Integriti Inputs based on events from the mobile credential system.

Configuration for Acquiring Cards

  1. Enrol and configure the mobile credential integration (as above).
  2. Add an Email Custom Field or Mobile Number Custom Field.
  3. Add a Card Template for new credentials.
  4. Save the mobile credential system.
  5. Click Refresh Mobile Credential Pools.
  6. Add an email address (or mobile number) in the User editor.

Configuration for Automatic Credential Generation

  1. Enrol and configure as above, ensuring the persisted connection is enabled.
  2. Open the editor for the target Credential Pool.
  3. Set Card Template (New Credential) if not already set.
  4. Add a User Filter in the Auto-Generate Credential User Filter field (leave Auto-Revoke empty).
  5. Save and close the credential pool.
  6. Restart the persisted connection for the parent system if needed.

Configuration for Automatic Credential Revocation

  1. Enrol and configure as above, ensuring the persisted connection is enabled.
  2. Open the editor for the target Credential Pool.
  3. Add a User Filter in the Auto-Revoke Credential User Filter field (leave Auto-Generate empty).
  4. Save and close the credential pool.
  5. Restart the persisted connection for the parent system if needed.

Generating Mobile Credentials

Via User Interface (Card Acquire)

  1. Open the User editor and click Acquire Card.
  2. In the Card Acquire dialog, select a Mobile Credential Pool.
  3. Click Generate and Send Invite.
  4. If the user lacks valid contact details, a dialog prompts for the value.
  5. The credential is generated and the Invitation Code is displayed.
  6. Pressing Acquire Card again shows the allocated credential details.
  7. Click the save icon in the User editor to assign the credential.

Automatically (Entity Synchronisation)

Follow the Configuration for Automatic Credential Generation steps. Credentials are automatically created and assigned when relevant user options change.

Revoking Mobile Credentials

Via User Interface

  1. Open the User editor and click Acquire Card.
  2. Click Revoke Credential then Save Credential(s).
  3. If the credential is not showing, change the credential pool selection.

By Removing Card from User

  1. Open the User editor.
  2. Click the ellipsis next to the card to revoke and select Remove Card, then save.
  3. Ensure the persisted connection is enabled for the mobile credential system.

By Deleting Card from List

Deleting cards from the Cards list revokes them via entity synchronisation. Ensure the persisted connection is enabled.

Automatically (Entity Synchronisation)

Follow the Configuration for Automatic Credential Revocation steps. Credentials are automatically revoked when relevant user options change.

Re-activating Revoked Credentials

The following revoked statuses can be set back to active:

  • Inactive – Lost
  • Inactive – Suspended
  • Inactive – Unused
  • Inactive – Duplicated
  • Inactive – Not Started
  • Inactive – Temporarily Replaced
  • Inactive – Not Started (Replacement)
  • Inactive – Issuing Failure
  • Inactive – Revoking Failure

All other revoked statuses are permanent; a new credential must be generated.

Monitoring

Events/Alarms:

  • Events generate Review Records in the Integrations Review window, prepended with the integration name in square braces.
  • Filter events using Generate Review Transitions on the parent device or child credential pool.

Card State:

  • View in the Card List (Status column) or via Review Records (if Card Change categories are enabled).

Credential Pool State:

  • View in the Mobile Credential Pools List (Status and Summary columns).

Automatic Input Triggering

  1. Open the editor for the mobile credential system or pool.
  2. For pools, set Auto Input Triggers Mode to Use Selected.
  3. Select the Review Categories for triggering under Auto Input Triggers.
  4. Optionally configure Input Restore Mode and Input Restore Triggers.
  5. Under Associated Entities, add the Inputs to be triggered/restored.

Mobile Credential Events as Triggers

  1. In the Alert/Scheduled Task, add a new Review Trigger.
  2. Set grouping type to And.
  3. Add a Category row set to Any Of and select the Integration Review Categories.
  4. Optionally add Text Contains [<IntegrationName>] to filter by integration.
  5. Optionally add Text Contains <PoolName> to filter by pool.

Verification

  1. After enrolment, confirm the mobile credential system appears with credential pools populated.
  2. Verify the persisted connection establishes successfully.
  3. Generate a test credential via the Card Acquire dialog and confirm it appears in the User’s card list.
  4. Send an invitation and confirm the user receives it.
  5. Revoke a test credential and confirm the status updates.
  6. For automatic generation/revocation, update a user matching the filter and confirm the credential is created/revoked.

Troubleshooting

IssueResolution
Plugin doesn’t appear in ‘New Integrated Device’ listEnsure both 32-bit and 64-bit Integriti Integration Servers are running. Restart both servers and the System Designer client.
Devices missing from ‘Acquire Card’ credential editorVerify connection details in the Mobile Credential System. Check the device is connected to the network/3rd party software. Ensure the user in connection details has adequate permissions.
Generating credentials does not workCheck that the mobile credential system has a Card Template assigned. Verify an Email Custom Field or Mobile Number Custom Field is assigned. Ensure the user has an email address or mobile number specified. Ensure the user specified in connection details has adequate permissions.

Graph View