Some of the technical content on this site is only available in English.

Users in Space

Overview

A user is typically a member of staff or a person who needs access to and within your installation on a regular basis. They are differentiated from other cardholders by the fact that they generally need everyday, rather than occasional, access. They also tend to have a greater level of access than other types of cardholders, such as visitors.

Creating users

To create a user, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

Users screenUsers screen

  1. Click on Add. The User information screen is displayed.

User information screenUser information screen

  1. Type a title, first name and last name for the user in the Identification panel.

You can activate system restrictions for user names by enabling the INHIBIT_USER_NAME_CHANGE parameter in System > General options > Advanced. If you enable this parameter, you cannot edit the Title, First name, and Last name fields on the User information screen if you have assigned a key to the user at any point. An error pop-up message is displayed when you try to save any changes to these fields. This ensures that the audit trail data for users is accurate. See Advanced tab for more information.

See Configuring users for more information on the Identification panel features.

  1. Select the relevant partition from the Partition drop-down list, if required. See Partitions for more information.

Note that the partitions functionality is license-dependent. See Registering and licensing Space for more information.

  1. Select the appropriate configuration and management options in the User information screen panels:

Configuration options in 'User' information screenConfiguration options in 'User' information screen

  1. Click Save.

You can edit multiple users at once by using the Multiple edit option. The Multiple edit button is enabled when you select more than one entry on the Users screen. This allows you to enter the appropriate identification and configuration details on the Multiple edit screen. The details are then applied to all the selected users. See Configuring users for more information about the configuration settings for users.

In the case of a hotel, when adding a reservation, you must create guests as users. Follow the steps in the reservations section to complete the process.

Adding additional information

If required, you can add up to five general purpose fields to the User information screens. These fields allow you to add extra data, for example, a passport number or car registration number. To activate a general purpose field, you must select an Enable field checkbox in System > General options > User. You can then name the field in accordance with the information that you want to capture.

Assigning keys

After you have created and configured a user, you can click Assign key on the User information screen to assign them a key. See Assigning keys and Automatic key assignment for more information. When you assign keys to users, different icons are displayed in the Key status column on the Users screen, depending on the key status. See Key status icons for more information. The key status is also displayed on the User information screen. The period for which keys are valid is shown on the User information screen and also in the Key expiration column on the Users screen.

The Assign key button is available on the User information screen after a user profile has been created and saved. You can also assign a key from the Users screen. When selecting a user, the Assign button displays at the bottom of the screen.

Assign key button'Assign key' button

Banning users

After you have created and configured a user, you can, if necessary, ban a user from accessing any part of your Space installation by invalidating their key. For example, a user who is a member of staff can be banned while they are on vacation. Unbanning the user when they return from vacation restores their original access data to their key (after presenting the key to a wall reader or an online lock).

Banning users is different from canceling keys. A user's key can be canceled, for example, if a user loses their key. See Canceling keys for more information. The denylist is a record of canceled keys. Banned users are not added to the denylist. See Denylists for more information.

To ban a user, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user that you want to ban. The User information screen is displayed.

  3. Click on the Ban user button and confirm the action in the Warning dialog box. The user is banned now.

Ban user button'Ban user' button

To unban a user, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user that you want to unban. The User information screen is displayed.

  3. Click on the Unban user button and confirm the action in the Warning dialog box. The user is unbanned now.

Adding user images

You can add images to user profiles in Space to identify users. You can select these images from a local file on your computer or you can take them using a webcam.

If you are using a webcam, consider seeing the Space webapp section within the Space systems admin guide for information on installation requirements.

Image requirements:

  • Images cannot be more than 200 KB in size.

  • Compatible image formats: JPEG and PNG.

To add a user image, follow the steps below:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click the user to which you want to add an image. The User information screen is displayed.

Picture area'Select picture' icon

  1. Hover the mouse pointer over the image in the Identification panel and click the Select picture icon. The Select source dialog box is displayed.

Select source dialog box'Select source' dialog box

  1. You can select the image from a local file by selecting the Local file option or it can be also taken from a webcam by selecting the Webcam option. Select the appropriate image and click Open. The selected image is displayed on the User information screen.

  2. Click Save.

You can hover the mouse pointer over the image and click the Remove picture icon to remove it if required.

Printing user profiles

You can print user profiles by clicking on Print on the User information screen. See Exporting data in Space for more information. Date and Signature fields are automatically included when you print user profiles. For example, you can ask users to sign and date these to confirm receipt of their keys.

Deleting users

You can delete any user by selecting the checkbox of the required user on the Users screen and clicking on Delete or by entering the User information screen and clicking on the minus (-) button at the bottom left of the screen. This deletes their profile, and they are no longer displayed on the Users screen. If the deleted user had an assigned key, his key will be canceled through the same process.

A banned user cannot be deleted. You have to unban them first.

Reports on calculation on working hours

This report selection allows to have a working hour report according to the selected users.

'Print' dialog box - Working hour report'Print' dialog box - Working hours report

You can get a report of a working hour period according to the first and last event of the user in any door per day.

Configuring users

Identification

The Identification panel defines the user's details. Most of the fields in this panel are described in Creating users.

Generally, the system does not allow you to create two cardholders with the same name. You can make user names unique by changing the default format for user IDs in General options. See Configuring user IDs for more information.

Other fields within the Identification panel, which display may vary depending on your needs and your Space license, are the following:

  • Ext ID: You can show/hide this field by adding the SHOW_EXT_ID parameter in System > General options > Advanced. See Advanced tab for more information. The Ext ID field displays a unique identifier for the user, automatically generated by the system. You can amend this identifier if required.

  • ROM code: You can show/hide this field by selecting the checkbox Hide ROM code for automatic key assignment in System > General options > Users. The ROM field is generally filled in by synchronization but it can also be filled in manually. This code is used for automatic key assignment.

Note that the automatic key assignment functionality is license-dependent. See Registering and licensing Space for more information.

If you do not have access to this in your licensing options, the ROM field is not displayed. When you read keys or export audit trail data, you must enable the SHOW_ROM_CODE parameter in System > General options > Advanced to control the display of ROM codes. See Advanced tab for more information.

  • Wiegand code: You can show/hide this field by selecting the checkbox Wiegand code in System > General options > Users > Tracks of user key. See Wiegand format and Tracks of user key for more information. Only Wiegand interface is supported and requires a third-party ROM-code reader. The user access is based on an allowlist of ROM codes at the Salto DB. CU42X0 are required. See Advanced tab for more information.

  • Authorization code: When a third-party reader is used - instead of the Salto wall reader, an authorization code is required. It must be entered in the user information screen, and you can show/hide this field by selecting the checkbox Show authorization code in System > General options > General.

  • General purpose fields: You can also add and name up to five general purpose fields. See Adding additional information for more information.

Key options

The Key options panel defines the user access details.

OptionDescription
Use extended opening timeAllows extended door opening times if a user has a disability and requires a longer access time when entering a door.
Override privacyAllows the user access to a door that has been locked from the inside.
Override lockdownAllows the user to open a door closed by lockdown. Note that this option applies to both online doors and offline doors that have AMOK locks. See Lockdown areas for more information.
Set lockdownAllows the user to enable or disable the lockdown mode on a door. This is done by presenting a valid key to the door's inside reader. This option only applies to offline doors that have AMOK locks. See Lockdown areas for more information.
OfficeAllows the user to set doors to Office mode. See Opening modes and Timed periods for more information.
Use antipassbackEnsures that a user cannot enter through the same door multiple times until they have first exited the door (or until a specified time period has passed). This is to prevent the same key being used by a number of different users. See Enabling antipassback and Access points tab for more information. The antipassback functionality is license-dependent. See Registering and licensing Space for more information.
Audit openings in the keyAllows an audit trail of the user's access point activity to be written to their key. If this option is disabled, the locks will not write any audit information to the key. You must also enable this feature on the required access points by selecting the Audit on keys option. See Door options for more information.
New key can be cancelled through denylistEnsures that the user's key is sent to the denylist if it is canceled. To activate this option, you must enable the MORE_THAN_64K_USERS parameter in System > General options > Advanced. This checkbox is selected by default for users. If you clear the checkbox, the user's key is not sent to the denylist when canceled. See Advanced tab for more information.
PINThe PIN option defines the user's PIN code options. In addition to a key, a PIN code may sometimes be required for users to gain access to certain parts of the installation.
PIN code disabled: Disables the PIN code. This denies a user entry to access points that require a PIN code.
Super user: Allows a user access using only their key when the door is in Key + PIN mode. See Opening modes and Timed periods for more information.
PIN code enabled: Enables user access using a card and a PIN code.
PIN: Defines the PIN code. This option is only available if you select the PIN code enabled option.
Confirmation: Confirms the PIN code. This option is only available if you select the PIN code enabled option.

User and key expiration

The User and key expiration panel defines the key activation period.

OptionDescription
User activationDefines the date and time upon which the user's key becomes functional and they will be granted access permissions. By default, the activation date is the day on which the user's key is encoded.
User expirationDefines the long-term expiration date of the user's data and access permissions. Keys assigned to a user will never exceed this date. Note that you can choose not to assign an expiration date to a user. This means that they can revalidate their card when required.
CalendarDefines which calendar is applied to the user. See Calendars for more information.
Enable revalidation of key expirationEnables the user's key to be revalidated at any time even when the key has not expired. For example, if the user's update period is seven days, the key is revalidated for another seven days every time the user presents their key to an SVN wall reader even if has been revalidated the day before.
Update periodDefines the time period between user validations. If this is set to zero days (and not to zero hours because, in that case, the key will no longer be valid), the user's key expires at 00:00 on the same day that it is updated. However, the key can still be updated each day. If 30 days is selected, the user's key will be valid for 30 days and will need to be revalidated once that time period has expired. You can change the default update period by amending the value in the Default expiration period field in System > General options > Users in Space. See Users tab for more information.

Passcode

Passcodes are intended to be used with locks that have keypads, for example the Salto DBolt Touch, where a user inputs a numeric code to gain access. Passcodes differ from PINs in that the PIN feature is used in conjunction with user keycards whereas passcodes are specific to the locks themselves. For example, a PIN may sometimes be required for users to gain access to certain parts of the installation when using their key as an additional method of authentication. See Key options for more information on PINs.

Passcodes in Space are six-digit codes that are randomly generated by the software. You cannot enter a custom code in the Passcode field. To asign a new passcode, press the Generate button beside the Passcode field. A six-figure code displays in the Passcode field. You can show and hide the number displayed in the Passcode field by clicking on the Show/Hide passcode button. Using the Copy to clipboard option, you can then share the code with the user via your preferred secure channel (email, WhatsApp, etc.).

If a user's passcode is compromised, you need to clear the current passcode by clicking on the Clear button. This button becomes the Generate button. Click on it to generate a new passcode. By doing so, the previous passcode that was assigned to the user becomes invalid for that user.

Face recognition

The facial recognition functionality is intended to be used with the Salto Orion system for face authentication. A user stands in front of the device composed of the Orion CU (control unit) and the Orion C (camera) and shows their face to gain access. For more information on how to install Salto Orion, see the specific Orion user guide.

Note that the face recognition functionality is license-dependent. See Registering and licensing Space for more information.

You can enable this feature from the Face recognition tab within General options.

To enroll a user in the facial recognition feature, follow the steps below:

  1. Click the Enroll button located in the Face recognition panel in the User information screen.

'Face recognition' panel in the 'User' information screen'Face recognition' panel in the 'User' information screen

  1. A dialog box requesting the operator to input an email address displays. An enrollment request will be sent to that email address.

'Face recognition enrollment' dialog box'Face recognition enrollment' dialog box

  1. The user should follow the instructions described in the enrollment request.

  2. Once the user is enrolled, the email address will appear on the Face recognition panel and the Enroll button toggles to Disenroll. To disable the face recognition feature, click on this button.

Enrollment statuses

The status of the enrollment process displays under the email and the Disenroll button. The possible statuses are as follows:

Status messageDescription
Disenrollment failedThere was a problem disenrolling this user. Please try again later.
DisenrolledThis user has been disenrolled successfully. Their biometrics have been removed from the system and they will need to re-enrol to use it again.
Email notification errorThere was a problem with the email entered. Please try again or use a different email.
Pending activationThe enrollment has been assigned to the user at the database level but that user hasn't yet been enrolled in the face recognition system.
Pending user receiving notificationThe user has not yet received the email notification that's been sent to allow them to enroll.
Pending user's consentThe user has not yet given their consent in the Orion application. Or perhaps they haven't uploaded a photo yet.
Unknown statusThe enrollment status is unknown.
User consent withdrawnThe user has either not given their consent, or they have withdrawn their consent for face recognition using the Orion application.
User enrolledThe user has been enrolled successfully and is ready to use the system.
User photo doesn't match criteriaThe picture provided for the enrollment is not valid. The user has provided a photo that doesn't meet the requirements for face recognition.

Mobile phone data

The Mobile Phone Data panel defines what mobile application the user will use and their mobile phone number.

OptionDescription
Mobile app: JustIN MobileDefines the mobile application the user will use. JustIN Mobile allows the use of a mobile phone as a key. The communication between the reader and the phone is Bluetooth or/and NFC, depending on the device.
Mobile app: JustIN mSVNDefines the mobile application the user will use. JustIN mSVN allows the user to use the mobile phone as a mobile key updater. Note that this option is only compatible with DESFire EV1 keys and Android phones.

The user's mobile phone number has to be entered in the International phone number field. You can select the area code in the drop-down list or type it manually according to the country the mobile phone line is from.

Limited occupancy group

You can add a user to a limited occupancy group by selecting the required group in the Limited occupancy group panel. Limited occupancy groups are used to manage restricted car parks, for example. See Creating limited occupancy groups for more information.

Dormitory door

The Dormitory door panel is displayed on the User information screen when the DORM_KEYPAD advanced parameter is enabled. This option is used when locks are provided with keypads. You can use it in a student dormitory or residence, for example.

'Dormitory door' panelSelect the door on which you want to activate the 'Dorm keypad' option

Select the corresponding door on which you want to activate this option for the current user. When selected, the user keys automatically update lock keypads with changes to the keypad code when the key is presented to the lock.

Card printing template

You can create card templates for different users in your organization. For example, you could create one template for day staff and a different template for night staff. When you create card printing templates, they are added to the Card printing template drop-down list. The template that you select in the Card printing template panel is used when you print the user's keycard. To print the card, select the appropriate template from the drop-down list and click the Print button.

Card printing templates must be created in Space under Tools > Card printing. See Card printing and Using card printing templates for more information.

This functionality is license-dependent. See Registering and licensing Space for more information.

Associating users

After you have created a user, you must associate access points, user access levels, zones, outputs, and locations/functions with the specified user. The following sections describe how to associate users with the various components.

Access points

See Access Points for definitions and information about how to create and configure access points.

You would generally only associate individual users with access points if they do not belong to a user access level. User access levels allow you to group users with the same access permissions for easier access management. See User access levels for more information. However, there may be cases where you need to give individual users access to doors or zones that are not associated with their user access level.

To associate a user with an access point, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user name that you want to associate with an access point. The User information screen is displayed.

  3. Click on Access points in the sidebar. The Access points dialog box is displayed. Note that the dialog box will be blank if you have not yet associated a user with this particular access point.

  4. Click on Add. The Add dialog box, showing a list of access points, is displayed.

  5. Select the required access point in the left-hand panel, and the timetable and the days period in the right-hand panel. Same as key is selected by default. It means the user will have access to the access point while the key is valid. Select Use the following days period if you want the user to have access to that specific access point only during a period of time. Select a Start date and an End date.

  6. Click on Save & Close. The user is now associated with the access point.

To modify an access points's timetable or days period, from the Access points dialog box of the specific user, do the following:

  1. Select the access point to be edited and then click on Edit.

  2. Modify the Timetable and Days period selection and save the changes.

To dissociate an access point from a user, from the Access points dialog box of the specific user, do the following:

  1. Select the access point to be deleted.

  2. Click on Delete and confirm the action in the Warning dialog box.

See Cardholder timetables for more information.

User access levels

See User access levels for a definition and information about how to create and configure a user access level.

To associate a user with a user access level, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user name that you want to associate with a user access level. The User information screen is displayed.

  3. Click on User access levels in the sidebar. The User access levels dialog box is displayed. Note that the dialog box will be blank if you have not yet associated a user access level with this particular user.

  4. Click on Add. The Add dialog box, showing a list of user access levels, is displayed.

  5. Select the required user access level in the left-hand panel and the days period in the right-hand panel. Same as key is selected by default. It means the user will have access to the access level while the key is valid. Select Use the following days period if you want the user to have access to that specific access level only during a period of time. Select a Start date and an End date.

  6. Click on Save & Close. The user access level is now associated with the user.

To modify an access level's days period, from the User access levels dialog box of the specific user, do the following:

  1. Select the access level to be edited and then click on Edit.

  2. Modify the Days period selection and save the changes.

To dissociate an access level from a user, from the User access levels dialog box of the specific user, do the following:

  1. Select the access level to be deleted.

  2. Click on Delete and confirm the action in the Warning dialog box.

If the access date to the access level is later than the key expiration, the user will be denied access. In this case, the key validity takes precedence over the Access level access.

Zones

See Zones for a definition and information about how to create and configure a zone.

To associate a user with a zone, do the following:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user name that you want to associate with a zone. The User information screen is displayed.

  3. Click Zones in the sidebar. The Zones dialog box is displayed. Note that the dialog box will be blank if you have not yet associated a zone with this particular user.

  4. Click Add. The Add dialog box, showing a list of zones, is displayed.

  5. Select the required zone in the left-hand panel, and the timetable and the days period in the right-hand panel. Same as key is selected by default. It means the user will have access to the zone while the key is valid. Select Use the following days period if you want the user to have access to that specific zone only during a period of time. Select a Start date and an End date.

  6. Click on Save & Close. The zone is now associated with the user.

To modify a zone's timetable or days period, from the User access levels dialog box of the specific user, do the following:

  1. Select the zone to be edited and then click on Edit.

  2. Modify the Timetable and Days period selection and save the changes.

To dissociate a zone from a user, from the Zone dialog box of the specific user, do the following:

  1. Select the zone to be deleted.

  2. Click on Delete and confirm the action in the Warning dialog box.

If the access date to the zone is later than the key expiration, the user will be denied access. In this case, the key validity takes precedence over the Zone access.

Outputs

See Outputs for a definition and information about how to create and configure an output.

To associate a user with an output, follow the steps below:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click on the user name that you want to associate with an output. The User information screen is displayed.

  3. Click on Outputs in the sidebar. The Outputs dialog box is displayed. Note that the dialog box will be blank if you have not yet associated an output with this particular user.

  4. Click Add. The Add dialog box, showing a list of outputs, is displayed.

  5. Select the required output.

  6. Click on Save & Close. The output is now associated with the user.

Locations/Functions

The locations and functions functionality is license-dependent. See Registering and licensing Space for more information.

To associate a user with a location/function, follow the steps below:

  1. Select Cardholders > Users. The Users screen is displayed.

  2. Click the user that you want to associate with a location/function. The User information screen is displayed.

  3. Click Locations/Functions in the sidebar. The Locations/Functions dialog box is displayed.

Note that the dialog box will be blank if you have not yet created a location or a function. See Locations and Functions for information about how to create and associate a location and a function.

See Locations/Functions tab for information about adding groupings for locations and functions.

  1. Click on Edit. The Edit dialog box is displayed.

  2. Select the required locations and functions in the corresponding panels of the dialog box.

  3. Click Save. The user is now associated with the selected locations and functions.

For systems with a lot of functions and/or locations it's possible to filter by Location or Function name and also by status Selected or Unselected.

You can filter by location or function name in the 'Edit' dialog boxYou can filter by location or function name in the 'Edit' dialog box

Salto Systems, S. L. uses third-party data storage and retrieval devices in order to allow secure browsing and gain a better understanding of how users interact with the website in order to improve our services. You can accept all cookies by clicking the "Accept cookies" button or reject their use by clicking the "Reject cookies" button. For more information, visit our Cookies Policy