Contacts¶
Warning
The field email was renamed to identifier. For compatibility reasons the email field will still be returned and accepted by the Tapkey Management API. Please switch to the new identifier field as the email field is depracted now and will be removed in a future version.
Previously the field email was used to identify tapkey users only but the identifier field (and email as well) can now be assigned to users of external identity providers as well. For Tapkey users the field ipId will be set to tapkey.
Get List of Contacts¶
Get a list of this owner's contacts.
Scope¶
read:core:entities
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
Response¶
200 OK
[
{
"id": "1",
"ownerId": "1",
"comment": "A comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One"
},
{
"id": "2",
"ownerId": "1",
"comment": "A comment describing this contact.",
"ipId": "tapkey",
"identifier": "user2@tapkey.com",
"title": null
}
]
Get Contact by ID¶
Get the specified contact.
Scope¶
read:core:entities
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
id | string | path | The contact's ID. |
Response¶
200 OK
{
"id": "1",
"ownerId": "1",
"comment": "A comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One"
}
Create Contact¶
Creates a new contact under the specified owner account.
Scope¶
write:core:entities
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
Body¶
{
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One",
"comment": "A comment describing this contact."
}
Creates a contact for the given identifier and ipId. For Tapkey-native users use tapkey as the ipId. For uses of other identity providers, use their ipId.
Warning
For legacy reasons, if the ipId is not set, the default tapkey is be used. This might change in future.
or
{
"ipId": "1",
"ipUserId": "1"
}
1. Info
It is not possible to mix these options. Passing both, indentifier and ipUserId will be rejected.
Response¶
200 OK
{
"id": "1",
"ownerId": "1",
"comment": "A comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One"
}
or
{
"id": "1",
"ipId": "1",
"ipUserId": "1",
"ownerId": "1",
"identifier": "null"
}
In case contact for the identifier or ipUserId already exists, the operation will return:
400 A Contact with this data already exists for this owner account.
{
"ErrorMessage": "A Contact with this data already exists for this owner account."
}
Patch Contact¶
Patch the specified contact.
The following properties can be patched:
commenttitle
Scope¶
write:core:entities
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
id | string | path | The contact's ID. |
Body¶
{
"comment": "A new comment describing this contact.",
"title": "User New"
}
Response¶
200 OK
[
{
"id": "1",
"ownerId": "1",
"comment": "A new comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User New"
}
]
Delete Contact¶
Delete the specified contact.
Scope¶
write:core:entities
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
id | string | path | The contact's ID. |
Response¶
204 OK
Get Grants for Contact¶
Get a queryable list of grants assigned to the given contact.
Scope¶
read:grants
Parameters¶
Tip
The returned list can be filtered using OData query parameters.
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
id | string | path | The contact's ID. |
Response¶
200 OK
[
{
"contact": {
"id": "1",
"ownerId": "1",
"comment": "A new comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One"
},
"boundCard": null,
"boundLock": {
"lockType": {
"id": "TK.Td30",
"manufacturerId": 1,
"modelName": "Td30",
"supportedTechnologies": [
"nfc",
"ble"
]
},
"supportedFeatures": {
"timeRestrictionIcalSupport": "Supported"
},
"id": "1",
"physicalLockId": "AAChsgq2",
"lockTypeId": "TK.Td30",
"ownerAccountId": "1",
"bindDate": "2018-12-12T12:00:00.000Z",
"title": "Entrance Door",
"description": null,
"rclSerialNo": 1,
"rclDate": "2018-12-12T12:00:01.000Z"
},
"id": "1",
"boundLockId": "1",
"contactId": "1",
"validFrom": null,
"validBefore": null,
"timeRestrictionIcal": null,
"state": "Ok",
"active": true,
"boundCardId": null
}
]
Revoke Contact's Grants¶
Revoke all grants issued to the given contact.
This operation will initiate the process of revoking all grants issued to a contact (i.e. a smartphone-based grant). All keys issued for the contact's grants will be added to the revocation list (RCL) and the revocation process is started.
As the revocation list has a limited capacity, revoking too many keys for an individual lock can cause the revocation list capacity to be exceeded. In this case, keys issued before the oldest revoked key contained in the revocation list will be implicitly revoked too. In this case, keys implicitly revoked as side effects will be renewed automatically as soon as the affected smartphone is online. Thus, users of affected smartphone most likely won’t recognize the renewal process.
A list of grants, for which keys have been issued that are being implicitly revoked as a side effect is returned by this operation. By setting the dryRun parameter to true, the effect can be queried from the server without actually executing the revocation. This way, the user can be informed about side effects upfront.
Scope¶
write:grants
Parameters¶
| Name | Type | Location | Description |
|---|---|---|---|
ownerAccountId | string | path | The owner account to get contacts for. |
id | string | path | The contact's ID. |
dryRun | boolean | query | If true, this operation will not actually execute the revocation but only return information about the potential effect. This can be used to inform the user about potential side effects a revocation could have. |
Response¶
The operation returns an array of objects of the following type:
{
"dryRun": false,
"grantRevoked": {...},
"grantsAffectedAsSideEffect": [],
"rclState": {
"rclClassStates": null
}
}
grantRevoked contains the grant and grantsAffectedAsSideEffect holds a list of grants that have been revoked implicitly as a side effect. The rclClassStates array contains the updated information of the revocation lists after the revocation process has started, such as: the current size of the list or the maximum number of entries it can hold.
Exemplary Response¶
200 OK
[
{
"dryRun": false,
"grantRevoked": {
"contact": {
"id": "1",
"ownerId": "1",
"comment": "A new comment describing this contact.",
"ipId": "tapkey",
"identifier": "user1@tapkey.com",
"title": "User One"
},
"boundCard": null,
"boundLock": {
"lockType": {
"id": "TK.Td30",
"manufacturerId": 1,
"modelName": "Td30",
"supportedTechnologies": [
"nfc",
"ble"
]
},
"supportedFeatures": {
"timeRestrictionIcalSupport": "Supported"
},
"id": "1",
"physicalLockId": "AAChsgq2",
"lockTypeId": "TK.Td30",
"ownerAccountId": "1",
"bindDate": "2018-12-12T12:00:00.000Z",
"title": "Entrance Door",
"description": null,
"rclSerialNo": 1,
"rclDate": "2018-12-12T12:00:01.000Z"
},
"id": "1",
"boundLockId": "1",
"contactId": "1",
"validFrom": null,
"validBefore": null,
"timeRestrictionIcal": null,
"state": "RevocationPending",
"active": false,
"boundCardId": null
},
"grantsAffectedAsSideEffect": [],
"rclState": {
"rclClassStates": null
}
}
]
Grant State¶
For more information about the process of revoking grants, and how a the active and state properties reflect the state of a grant's revocation, visit the Revoking Access guide.