OKM API
This service enables the integration of OKMs and key checkout into the software of a customer (referred-to as “the implementer” on this page).
It is used to manage a set of OKMs, and also to connect and maintain Access Control Lists (ACL) used by OKMs.
API Objectives
The main objective of the API is to provide an unopinionated interface to the OKM. That is, it leaves the management and organization of the user rights to the implementer. It does not provide user management, roles, zones or any other functionality for the management of actual user permissions.
Whatever the method used to assign locks to users is outside the scope of this API. This API consumes the end result of the permission management, the ACL.
Also note that keys are not managed. They are a carrier of ACL, they act between the OKM/Mobile app and the locks. Any key can be used. The result of a key being checked out is simply an event emitted to the implementer.
Resources
4 resources are exposed by the service, to manage lock access through OKMs.
OKM
The OKM resource has 3 aspects:
- create and maintain OKMs registered with the service. Each OKM is required to be registered into the service to receive ACLs.
- receive /config requests from OKMs.
- receive audit records from OKMs and forward them to services that have subscribed to receive these records.
ACL
This resource represents Access Control Lists, or rather Access Control List sets. An access control list consists of a UserId and the permissions of that user on the locks known to the OKM. The ACL resource serves sets of these, containing both the access control lists for the users and the list of locks known to the OKM.
FIRMWARE
OKM Firmware path and Key firmware path. (optional, defaults to our cloud).
ACL-OKM
This resource associates ACLs and OKMs. As soon as an ACL is associated with an OKM, the OKM’s ACL digest will be re-calculated to include this ACL.