Cookies help us deliver our services. By using our services, you agree to our use of cookies.

Integrating with access control systems: RFID card/biometric readers

Cobot offers various APIs to integrate with access control systems. Depending on the capabilities of the access control device, the integration can either do live requests or it has to fall back to synchronize member data from Cobot with the access control system.

We provde a sample integration based on a web browser and a card reader connected to a PC, which uses the "live requests" scenario described below. The PC runs a webapp provided by Cobot, and the reader acts as a keyboard, "typing" in the numbers of scanned cards. See The source code for that integration is also available. There's a token registration app and a card scanner app.

The reader device actively asks Cobot to approve each check-in request. This allows you to base the decision to let someone in or not on live data, e.g. whether a member has enough time passes left to come in.

When a member signs up, their card needs to be scanned once to register. The result of the scan (some kind of token) is sent to Cobot via the check-in token endpoint. We have a sample web-app to manually enter tokens.

Whenever a member wants to access the space, the reader device needs to send a check-in request to Cobot - see Check-in API » "Subsequent check-ins". If the Cobot API returns success, the door opens. On error, the device should show the error message returned by the API.

Member data is synchronized to the reader device periodically, in case the device does not support live requests.

You still have to associate the token/hash from the reader with each member - you can do this like in the "live requests" scenario, or store it in a custom field via the custom fields API or the web interface.

Live sync uses our webhook API to get notified about changes in your member list, and instantly updates the data in your access device. For starters, set up a webhook for the confirmed_membership and canceled_membership events. When one of them occurs, add/remove the corresponding member to/from your device. For bonus points, also add webhooks for membership_added_time_passes and membership_removed_time_passes - when a member runs out of time passes, remove/deactivate them. When they have time passes again, re-add them.

If for some reason you can't use live sync, you can still sync data periodically: to push Cobot members to your device, pull all members via the memberships API, plus either their check-in tokens or custom fields, depending on where you stored the reader numbers. Afterwards, assemble everything into a format the reader device understand and copy it over.

back to index