Access Rights
Access rights are used to define the relationships between the keys and the locks. As a rule, if a key shares one or more access rights with a lock, the key can open the lock.
For your own convenience, divide the access rights into two categories:
- Access rights according to person groups. You can consider these as access right groups.
- Lock-specific, individual access rights.
The access rights of an individual person are mainly managed through access right groups. Lock-specific, individual access rights complement the access right groups, and provide flexibility to access right management.
The list below provides a planning guide for access rights:
- Create access rights according to person groups, such as "Maintenance", "Sub-contractor", "Cleaner", "Guard" or "Employee". Usually, these access rights are used on keys that will be created to these person groups, respectively. A usual exception to this recommendation is the "Master access" access right, which covers all locks.
- An access right can contain one or several locks. For example, the "Maintenance" access rights can cover the main entrance lock and the technical facilities locks.
- A lock can contain one or several access rights. For example, the technical facilities locks can contain the "Master access" and "Maintenance" access rights.
- A key can contain one or several access rights. For example, the maintenance key can contain maintenance and employee access rights.
An access right can be, by default, shown or not shown in iLOQ Manager. You can use the access right visibility setting to hide access rights that are rarely used, if your system contains hundreds of them. These can be, for example, lock-specific access rights created in addition to access rights based on person groups. If there were hundreds of rarely used, lock-specific access rights listed in the same view, it would be inconvenient to browse and find commonly used access rights in iLOQ Manager. In a case like this, it is a good idea to not show the lock-specific access rights, by default. This makes the system more usable.
There are two access right types:
-
Standard access rights.
The encryption of standard access rights is done in the Programming Token, Thus, editing standard access rights on the lock or key always requires presence of the Programming Token.
-
API access rights.
The encryption of API access rights is done in the database, enabling access right editing through an Application Programming Interface (API), without presence of the Programming Token.