Access Profiles and Permissions

An access profile is a digital key that grants access to a Master Lock Connected Lock. It is required in order to communicate with a lock via Bluetooth, and it must come from the Connected Products Web API.

In order to retrieve an access profile for a lock, the lock must be activated.

Access Profile Request

{
    "DeviceIdentifier": "A12345",
    "UserId": 1234,
    "AccessScheduleDays": "Monday, Tuesday, Wednesday, Thursday, Friday",
    "ProfileActivation": "2023-05-05T17:02:35.3708763+00:00",
    "ProfileExpiration": "2023-05-10T17:02:35.3708763+00:00",
    "Permissions": [
        "Unlock",
        "UnlockDoor",
        "UnlockShackle",
        "WriteConfiguration",
        "ReadPrimaryPasscode",
        "WritePrimaryPasscode",
        "WriteTime",
        "AuditTrail"
    ],
    "AccessStartTime": "09:00",
    "AccessEndTime": "17:00"
}

An access profile has several configuration options that grant or restrict access to a particular lock. It also has a UserId which can be associated with a user. This allows audit events to be linked back to the user who performed the action.

DeviceIdentifier

This is the 6 character unique identifier for a Connected Product.

UserId

This is an integer that can be linked back to a user within your system. Some audit events such as Unlock record the UserId from the access profile that was used. Master Lock does not store this information on our side. It is included in the access profile for you to utilize when processing the audit trail events from a lock.

AccessScheduleDays

AccessScheduleDays allows for the lock to be used on certain days of the week.

Note that AccessScheduleDays can be set to Everyday if every day of the week is acceptable.

AccessStartTime and AccessEndTime

Within each day, AccessStartTime and AccessEndTime defines the hours that are valid within the days specified in AccessScheduleDays.

For full day access, assign the same value for AccessStartTime and AccessEndTime.

ProfileActivation and ProfileExpiration

ProfileActivation and ProfileExpiration can be used to set the start and end time of access respectively. These fields are optional; if they are not specified, the profile will be valid indefinitely.

A lock will check these times against it's own clock. There are situations where a lock's clock can be incorrect such as the battery dying. It is important to include a bit of leeway in the ProfileActivation to account for these situations.

Permissions

Permissions grant specific functionality. The following table lists the possible options:

The SDK automatically handles time synchronization and audit trail reading. In order to ensure that these features work correctly, please include the WriteTime, NudgeTime, and AuditTrail permissions on every access profile generated.

PermissionDescription
WriteTimeAllow the SDK to automatically update the lock’s clock (Recommended)
NudgeTimeAllow the SDK to automatically nudge the lock’s clock (Recommended)
AuditTrailAbility to read audit trail from the lock (Recommended)
WriteConfigurationAbility to change lock settings (ex: auto-relock time)
ReadPrimaryPasscodeAbility to read the primary code on the lock
WritePrimaryPasscodeAbility to update the primary code on the lock
ReadSecondaryPasscodesAbility to read the secondary codes on the lock
WriteSecondaryPasscodesAbility to update the secondary codes on the lock
UnlockAbility to execute Bluetooth unlocks (applicable to 4400, 4401, 6400, and D1000)
UnlockDoorAbility to execute Bluetooth unlocks of the door (applicable to 5440, 5441, and 6440)
UnlockShackleAbility to execute Bluetooth unlocks of the shackle (only useful for the 5440 portable lock boxes)

Access Profile Response

{
    "AccessProfile": "h4dkaG1K2S/YDVjqORNiUf+2/3LbZsK7O0/r9RBxuC27dIuGClwXTmgsU5UvRpPjYHFcx4atURWjO9dGsvzEuSf4m0ne7F9boKoGlkb5i4Go2OWWt0TwJ7eorL3u4AmE4nwE1ikW1ZXeOJWtShzU28xsiervUEOyUGX4lsBrRR4=",
    "Result": "Success",
    "Messages": []
}

Now What?

When you have an access profile for a specific Connected Product, you can communicate with the device by using the iOS and Android framework. For more information, review the iOS and Android documentation and example applications.