Download OpenAPI specification:Download
Suprema BioStar X API is a JSON-based API. All requests are made to endpoints beginning with https://server_ip|domain_name[:port]/api
The API can be used to perform almost any operation. Following are a few examples of what can be done with Suprema BioStar X API:
Manage User data
Manage Access Group data
Manage Doors data
Assign an Access Group to one or multiple User
Assign a User with one or multiple Access Group
Manage Devices
And many more...
All requests must be secure (https).
To call the API, BioStar X is mainly using HTTP Methods GET, POST, PUT, and DELETE.
GET is used to retrieve data from the server at the specified resource. For example, if you want to retrieve the User data with /users endpoint, then by making a GET request to the endpoint should result with the list of all available users.
POST request is used to send data to the server to create or a resource. The data sent to the server is stored on the body of the HTTP request.
PUT is similar to POST in that it creates or s a resource. The difference between them is that when calling the same PUT requests multiple times it will have the same result. While calling a POST request repeatedly will create the same resource multiple times.
DELETE is used to delete resources at the specified endpoint.
There are four parameter location that’s being used on Suprema BioStar X API:
PATH parameter is located on the URL, usually on the end of an endpoint. For example in /items/{ItemID}, the PATH parameter is ItemID.
BODY. An array of string values will be located on the BODY of the HTTP request. The request body needs to be in JSON format.
QUERY. Similar to the PATH parameter, QUERY parameter is also located on the URL, the difference is QUERY parameter will be located after a question mark. Example: /items?id=###, the QUERY parameter is id.
HEADER. Custom headers that are expected as part of the request.
Path templating refers to the usage of template expressions, delimited by curly braces ({}), to mark a section of a URL path as replaceable using path parameters. Example: https://127.0.0.1:4433/api/some_api/{id}
Above example shows that the required value will be placed on {id}
In order to create User through Suprema BioStar X API, you will need a Session ID which will be available after you’re logged in.
To log in, make a form encoded server side POST request as shown on example right. There will be a key called bs-session-id, which is a consecutive strings of hex digits located on the header of the response:
bs-session-id: 643f64efb7114485a2fd89de17ca13fb
This value will be used as authorization of the APIs that will be called. To apply this value, put it on the header of the API that will be called with key name bs-session-id.
| login_id required | string Your login ID. |
| password required | string Your password. |
{- "login_id": "admin",
- "password": "admin"
}{- "User": {
- "user_id": "1",
- "name": "Administrator",
- "gender": "1",
- "email": "admin111@gmail.com",
- "birthday": "1977-10-08T04:00:00.00Z",
- "photo_exists": "false",
- "pin_exists": "false",
- "login_id": "admin",
- "password_exists": "true",
- "d_count": "15",
- "last_modified": "946",
- "idx_last_modified": "263",
- "start_datetime": "2001-01-01T00:00:00.00Z",
- "expiry_datetime": "2030-12-31T23:59:00.00Z",
- "security_level": "0",
- "display_duration": "20",
- "display_count": "3",
- "permission": {
- "id": "1",
- "name": "Administrator",
- "description": "this is a permission for Administrator",
- "filter": {
- "UserGroup": {
- "0": "1"
}, - "DeviceGroup": {
- "0": "1"
}, - "DoorGroup": {
- "0": "1"
}, - "ElevatorGroup": {
- "0": "1"
}, - "ZoneType": {
- "0": "-1"
}, - "AccessGroup": {
- "0": "0"
}, - "GraphicMapGroup": {
- "0": "1"
}
}, - "module": {
- "Dashboard": {
- "read": "true",
- "write": "true"
}, - "User": {
- "read": "true",
- "write": "true"
}, - "Device": {
- "read": "true",
- "write": "true"
}, - "Door": {
- "read": "true",
- "write": "true"
}, - "Elevator": {
- "read": "true",
- "write": "true"
}, - "Zone": {
- "read": "true",
- "write": "true"
}, - "AccessControl": {
- "read": "true",
- "write": "true"
}, - "Monitoring": {
- "read": "true",
- "write": "true"
}, - "TA": {
- "read": "true",
- "write": "true"
}, - "Setting": {
- "read": "true",
- "write": "true"
}, - "Video": {
- "read": "true",
- "write": "true"
}, - "Visitor": {
- "read": "true",
- "write": "true"
}
}, - "device": {
- "0": {
- "id": "542071155"
}, - "1": {
- "id": "543720368"
}, - "2": {
- "id": "939257394"
}
}, - "user": {
- "0": {
- "id": "1"
}, - "1": {
- "id": "2"
}, - "2": {
- "id": "3"
}, - "3": {
- "id": "4"
}, - "4": {
- "id": "5"
}, - "5": {
- "id": "6"
}, - "6": {
- "id": "7"
}, - "7": {
- "id": "20"
}, - "8": {
- "id": "21"
}, - "9": {
- "id": "22"
}, - "10": {
- "id": "23"
}, - "11": {
- "id": "24"
}, - "12": {
- "id": "25"
}, - "13": {
- "id": "26"
}, - "14": {
- "id": "27"
}, - "15": {
- "id": "28"
}, - "16": {
- "id": "29"
}, - "17": {
- "id": "30"
}, - "18": {
- "id": "31"
}, - "19": {
- "id": "32"
}, - "20": {
- "id": "33"
}
}
}, - "inherited": "false",
- "user_group_id": {
- "id": "1",
- "name": "All Users"
}, - "disabled": "false",
- "expired": "false",
- "department": "department 12",
- "user_title": "title",
- "idx_user_id": "1001",
- "idx_user_id_num": "1001",
- "idx_name": "2001",
- "idx_phone": "1001",
- "idx_email": "5001",
- "fingerprint_template_count": "0",
- "face_count": "0",
- "card_count": "0",
- "access_groups": {
- "0": {
- "id": "1",
- "name": "Meeting Room 1 AG"
}, - "1": {
- "id": "2",
- "name": "Meeting Room 2 AG"
}, - "2": {
- "id": "22",
- "name": "Building Access"
}
}, - "user_custom_fields": {
- "0": {
- "user_id": {
- "user_id": "1",
- "name": "Administrator"
}, - "custom_field": {
- "id": "1",
- "name": "Test",
- "type": "0",
- "order": "1"
}
}, - "1": {
- "user_id": {
- "user_id": "1",
- "name": "Administrator"
}, - "custom_field": {
- "id": "2",
- "name": "33",
- "type": "0",
- "order": "2"
}
}
}, - "need_to__pw": "false"
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to Logout from the current session. There are no body parameter on this endpoint.
It is required to have bs-session-id key on the header, the value generated on successful login.
Known errors:
curl --request POST \ --url https://{baseurl}/api/logout \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "Success"
}
}This request is used to make a new Access Group (AG).
Note: If BioStar X does not have license for Elevator module, skip the floor_levels parameter or set it to an empty string.
Known errors:
name is a required and unique parameterrequired | object | ||||||||||||
| |||||||||||||
{- "AccessGroup": {
- "name": "ac_grp2",
- "description": "",
- "users": {
- "0": {
- "user_id": 1
}
}, - "user_groups": {
- "0": {
- "id": 1
}
}, - "access_levels": {
- "0": {
- "id": 2
}
}, - "floor_levels": {
- "0": {
- "id": "32769",
- "name": "floor_test"
}
}
}
}{- "AccessGroup": {
- "id": "14",
- "name": "Test1"
}, - "DeviceResponse": {
- "rows": {
- "0": {
- "id": "40059001",
- "code": "0"
}, - "1": {
- "id": "40059002",
- "code": "0"
}
}, - "result": "true"
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to view all available Access Groups.
By default the result will be sorted ascending by id.
curl --request GET \ --url https://{baseurl}/api/access_groups \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "AccessGroupCollection": {
- "total": "3",
- "rows": {
- "0": {
- "id": "1",
- "name": "Adminstrative",
- "description": "Administrative access group",
- "users": {
- "0": {
- "name": "RB",
- "user_id": "2"
}, - "1": {
- "name": "AM",
- "user_id": "3"
}
}, - "user_count": "2",
- "user_groups": {
- "0": {
- "id": "1005",
- "name": "Administrative",
- "description": "Administrative user group",
- "parent_id": {
- "id": "1",
- "name": "All Users"
}, - "depth": "1",
- "inherited": "true",
- "face_count": "0",
- "user_count": "241"
}
}, - "access_levels": {
- "0": {
- "id": "1",
- "name": "Administrative Employee",
- "description": "Access level for Administrative Employee"
}
}
}, - "1": {
- "id": "2",
- "name": "Executive",
- "description": "Executive access group",
- "users": {
- "0": {
- "name": "Sib Steketee",
- "user_id": "60014"
}
}, - "user_count": "1",
- "user_groups": {
- "0": {
- "id": "1004",
- "name": "Executive",
- "description": "Executive user group",
- "parent_id": {
- "id": "1",
- "name": "All Users"
}, - "depth": "1",
- "inherited": "true",
- "face_count": "0",
- "user_count": "15"
}
}, - "access_levels": {
- "0": {
- "id": "2",
- "name": "Executive",
- "description": "Access level for Executive"
}
}
}, - "2": {
- "id": "3",
- "name": "Test1",
- "description": "Test access group with floor levels",
- "user_count": "0",
- "user_groups": {
- "0": {
- "id": "1005",
- "name": "Administrative",
- "description": "Administrative user group",
- "parent_id": {
- "id": "1",
- "name": "All Users"
}, - "depth": "1",
- "inherited": "true",
- "face_count": "0",
- "user_count": "241"
}
}, - "access_levels": {
- "0": {
- "id": "3",
- "name": "All Access",
- "description": "Access level for All Access"
}
}, - "floor_levels": {
- "0": {
- "id": "32769",
- "name": "FL1",
- "description": "First floor"
}
}
}
}
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}Delete an Access Group specified by the id query parameter.
Note: The id parameter is required and must be a valid access group ID.
To get an Access Group's id, you can use GET /api/access_groups to view all available Access Groups.
Known errors:
| id required | string Example: id=12 ID of the Access Group to be deleted |
curl --request DELETE \ --url 'https://{baseurl}/api/access_groups?id=12' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to see all Access Groups. It provides more concise response rather than the previous (GET /api/access_groups) and parameters to filter the response.
Known errors:
Changes:
v2.9.9:
Trailing slashes (/) at the end of this endpoint are no longer supported.
| limit required | integer To limit result by n record(s), 0 to show all |
| order_by required | string^(name|id):(true|false)$ To order result(s) by |
{- "limit": 0,
- "order_by": "id:false"
}{- "AccessGroupCollection": {
- "total": 3,
- "rows": {
- "0": {
- "id": 1,
- "name": "Administrative",
- "users": {
- "0": {
- "user_id": "2",
- "name": "RB"
}, - "1": {
- "user_id": "3",
- "name": "AM"
}
}, - "user_groups": {
- "0": {
- "id": 1005,
- "name": "Administrative"
}
}, - "access_levels": {
- "0": {
- "id": 1,
- "name": "Administrative Employee"
}
}, - "floor_levels": { }
}, - "1": {
- "id": 2,
- "name": "Executive",
- "users": {
- "0": {
- "user_id": "60014",
- "name": "Sib Steketee"
}
}, - "user_groups": {
- "0": {
- "id": 1004,
- "name": "Executive"
}
}, - "access_levels": {
- "0": {
- "id": 2,
- "name": "Executive"
}
}, - "floor_levels": { }
}, - "2": {
- "id": 12,
- "name": "Test1",
- "users": { },
- "user_groups": {
- "0": {
- "id": 1005,
- "name": "Administrative"
}
}, - "access_levels": {
- "0": {
- "id": 3,
- "name": "All Access"
}
}, - "floor_levels": {
- "0": {
- "id": 32769,
- "name": "FL1"
}
}
}
}
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}To view an Access Group with id {id} or :id {id} or :id are markers for replacing with the required value.
Known errors:
| id required | integer Example: 1 ID of the Access Group to retrieve |
curl --request GET \ --url https://{baseurl}/api/access_groups/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "AccessGroup": {
- "id": "1",
- "name": "Administrative",
- "description": "Administrative access group",
- "users": {
- "0": {
- "name": "RB",
- "user_id": "2"
}, - "1": {
- "name": "AM",
- "user_id": "3"
}
}, - "user_count": "2",
- "user_groups": {
- "0": {
- "id": "1005",
- "name": "Administrative",
- "description": "Administrative user group",
- "parent_id": {
- "id": "1",
- "name": "All Users"
}, - "depth": "1",
- "inherited": "true",
- "face_count": "0",
- "user_count": "241"
}
}, - "access_levels": {
- "0": {
- "id": "1",
- "name": "Administrative Employee",
- "description": "Access level for Administrative Employee"
}
}
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}Update an existing Access Group by replacing it with new data.
Notes:
To add/delete multiple, repeat the braces (see users example)
When you add/update data, it will remove any previous data and add the one that you input.
Ex: If parameter description have value, and on update this parameter value is left empty, then the previous value will be removed.
To skip a record from updating, either skip the parameter or fill the current data on the update field.
When updating an AG, parameter user_group need to be filled if existing User Group want to be retained. If this parameter is left empty, the existing User Group(s) in the AG that should be still there will not be there.
Known Errors:
| id required | integer Example: 1 ID of the Access Group which will be updated |
required | object (AccessGroupUpdate) | ||||||||||||||||
| |||||||||||||||||
{- "AccessGroup": {
- "name": "Meeting Room Name",
- "description": "MR Description",
- "access_levels": {
- "0": {
- "id": 1
}
}, - "user_groups": {
- "0": {
- "id": 1
}
}, - "users": {
- "0": {
- "user_id": 17
}, - "1": {
- "user_id": 9932
}, - "2": {
- "user_id": 2
}
}, - "new_users": {
- "0": {
- "user_id": 1
}
}, - "delete_users": {
- "0": {
- "user_id": 17
}, - "1": {
- "user_id": 9932
}, - "2": {
- "user_id": 2
}
}
}
}{- "Response": {
- "code": "0",
- "message": "Success"
}
}To view user information only from AG with id {id} Known errors:
Using id which doesn't exist will return success but show no record
Using value other than number
Placing "/" at the end of the endpoint
| id required | integer Example: 1 ID of the Access Group to retrieve users from |
curl --request GET \ --url https://{baseurl}/api/access_groups/1/users \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "UserCollection": {
- "total": "3",
- "rows": {
- "0": {
- "user_id": "2",
- "name": "RB"
}, - "1": {
- "user_id": "3",
- "name": "AM"
}, - "2": {
- "user_id": "61000",
- "name": "JJ"
}
}
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}Create a new Access Level (AL) with doors and schedule configuration.
Important Notes:
Known errors:
name is a required and unique parameterrequired | object (AccessLevelInput) | ||||||
| |||||||
{- "AccessLevel": {
- "name": "Access Level Name",
- "description": "Access Level Description",
- "access_level_items": {
- "0": {
- "doors": {
- "0": {
- "id": 75
}, - "1": {
- "id": 80
}
}, - "schedule_id": {
- "id": "1"
}
}
}
}
}This request is used to view all Access Level (AL)
The parameter type is QUERY.
Known errors:
| limit | integer Example: limit=50 Limit response record(s) by the amount specified on this parameter. 0 for show all. |
| offset | integer Shift response record(s) by the amount specified on this parameter. default value = 0 |
| order_by | string Example: order_by=id:false Order the response record(s) |
curl --request GET \ --url 'https://{baseurl}/api/access_levels?limit=50&offset=0&order_by=id%3Afalse' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This request is used to update an Access Level (AL)
Known errors:
Placing "/" at the end of the endpoint
name is a required and unique parameter
Duplicate id on doors instance
| id required | integer Example: 41 ID of the AL that will be updated |
{- "AccessLevel": {
- "name": "Test Update",
- "description": "Update",
- "access_level_items": {
- "0": {
- "id": 126,
- "doors": {
- "0": {
- "id": 75
}, - "1": {
- "id": 80
}
}, - "schedule_id": {
- "id": 1
}
}, - "1": {
- "id": 128,
- "doors": {
- "0": {
- "id": 75
}, - "1": {
- "id": 79
}
}, - "schedule_id": {
- "id": 2
}
}
}
}
}This request is used to delete an existing Access Level (AL)
Known errors:
Placing "/" at the end of the endpoint
Value other than number on PATH variable
Non-existent record id on PATH variable will return success but no action.
| id required | integer Example: 12 ID of the AL that will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/access_levels/12 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view BioStar X Backup configuration.
curl --request GET \ --url https://{baseurl}/api/v2/setting/getBackupDbConfig \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to check if there's any running backup process.
Message response will be True if there's any, and False if there's no running backup process.
curl --request GET \ --url https://{baseurl}/api/v2/setting/checkBackupScheduler \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to modify BioStar X backup configuration.
| use required | string Enum: "true" "false" Toggle to enable/disable scheduled backup |
| cycle required | string^([1-9]|[1-9][0-9]|100)$ Number of backup files to keep (1 to 100) |
| path required | string Backup folder path (must exist) |
| minute required | string^([0-9]|[1-5][0-9])$ Minute value for scheduled backup (0 to 59) |
| hour required | string^([0-9]|1[0-9]|2[0-3])$ Hour value for scheduled backup (0 to 23) |
| days required | string Date value for scheduled backup |
| month required | string Month value for Scheduled Backup. Leave it as * since currently it only support Daily and Weekly. |
| weeks required | string Day value for Scheduled Backup. Used when it's configured as Weekly Backup. (mon tue wed thu fri sat sun, default value is ?) |
| userId required | string User ID of the user who modifies the configuration |
{- "use": "true",
- "cycle": "10",
- "path": "C:\\\\Backup",
- "minute": "12",
- "hour": "0",
- "days": "*",
- "month": "*",
- "weeks": "?",
- "userId": "1"
}This API is used to run Backup process.
It is required to have BODY parameters when running this API. Use GET /api/v2/setting/getBackupDbConfig for BODY payload.
{- "use": "false",
- "cycle": "5",
- "path": "C:\\Program Files\\BioStar 2(x64)\\Backup",
- "minute": "0",
- "hour": "0",
- "days": "*",
- "month": "*",
- "weeks": "*"
}It is possible to use a custom wiegand format. To create a custom format, you can edit the provided formats which is between id number 5 to 14.
| id required | integer [ 5 .. 14 ] ID of the wiegand format which will be updated (5-14 for custom formats). |
object | |||||||||||||||||||
| |||||||||||||||||||
{- "WiegandFormat": {
- "id": "5",
- "name": "Custom Format",
- "description": "Custom Wiegand format description",
- "length": 32,
- "use_facility_code": true,
- "id_fields": {
- "0": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAA=",
- "1": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf///4="
}, - "parity_fields": {
- "0": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAA=",
- "1": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE="
}, - "parity_types": {
- "0": 1,
- "1": 2
}, - "parity_positions": {
- "0": 0,
- "1": 31
}
}
}This API is used to view a wiegand format detail.
| id required | integer Example: 1 |
curl --request GET \ --url https://{baseurl}/api/cards/wiegand_formats/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete smart card layout from BioStar X.
| id | string |
curl --request DELETE \ --url 'https://{baseurl}/api/cards/layouts?id=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all available smart card layouts.
| limit | string Example: limit=null Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Example: offset=null Offset the response shown by n records. |
curl --request GET \ --url 'https://{baseurl}/api/cards/layouts?limit=null&offset=null' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create smart card layout.
Fill the corresponding parameter with the card's specification.
If the card uses default configuration, then simply fill the name and run the API.
{- "CardLayout": {
- "name": "smart_test",
- "use_second_key": false,
- "number_of_template": 2,
- "template_size": 300,
- "mifare_primary_key": "",
- "mifare_start_block_index": 4,
- "mifare_second_key": "",
- "iclass_primary_key": "",
- "iclass_second_key": "",
- "iclass_start_block_index": 13,
- "desfire_primary_key": "",
- "desfire_second_key": "",
- "desfire_app_id": 1,
- "desfire_file_id": 1,
- "desfire_encryption_type": 0,
- "desfire_advanced_mode": 0,
- "des_adv_app_master_key_index": 0,
- "des_adv_file_read_access_key_index": 1,
- "des_adv_file_write_access_key_index": 2,
- "seos_primary_key": "",
- "seos_second_key": "",
- "seos_adf": "2A8570811E1000070000020000"
}
}This API is used to view all available card types.
curl --request GET \ --url https://{baseurl}/api/cards/types \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to check whether a card already posted on the system or not.
If card already posted, then it will show the card's detail on the response.
| card_id | integer Example: card_id=123 ID of the card which will be checked. |
curl --request GET \ --url 'https://{baseurl}/api/v2/cards/registered?card_id=123' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to find a card by card ID and find out who owns the card.
| query | integer Example: query=1169166509350528 ID of the card which will be viewed |
curl --request GET \ --url 'https://{baseurl}/api/cards?query=1169166509350528' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create BioStar X QR. NOTE: This API will return error if the card_id already exists in the database. Use Check Card Availability API to validate.
required | object | ||||||||||
| |||||||||||
{- "CardCollection": {
- "rows": [
- {
- "card_type": {
- "id": 7,
- "type": 7
}, - "display_card_id": 33333333333,
- "card_id": 33333333333
}
]
}
}This API is used to view all unassigned cards recorded on BioStar X.
| card_type | string Example: card_type=csn Limit the response to show only the specified type of card. Use plus (+) sign as separator to filter by multiple types. |
| limit | string Example: limit=null Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Example: offset=null Offset the response shown by n records. |
| wiegand_format_id | integer Example: wiegand_format_id=4 Limit the response to show only the specified wiegand format. Remove this parameter to show all. |
curl --request GET \ --url 'https://{baseurl}/api/cards/unassigned?card_type=csn&limit=null&offset=null&wiegand_format_id=4' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all assigned cards recorded on BioStar X.
| card_type | string Example: card_type=wiegand Limit the response to show only the specified type of card. Use plus (+) sign as separator to filter by multiple types. |
| offset | integer Offset the response shown by n records. |
| wiegand_format_id | string Limit the response to show only the specified wiegand format. Remove this parameter to show all. |
curl --request GET \ --url 'https://{baseurl}/api/cards/assigned?card_type=wiegand&offset=0&wiegand_format_id=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all blacklisted cards recorded on BioStar X.
| limit | integer Example: limit=1000 Limit the number of responses by n records. Remove this parameter to view all. |
| offset | integer Offset the response shown by n records. |
curl --request GET \ --url 'https://{baseurl}/api/cards/blacklist?limit=1000&offset=0' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to remove a blacklisted card from the list.
| id | integer Example: id=50 ID of the blacklisted card which will be removed from the list. |
curl --request DELETE \ --url 'https://{baseurl}/api/cards/blacklist?id=50' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to add a card to blacklist.
required | object | ||||||
| |||||||
{- "Blacklist": {
- "card_id": {
- "id": 49
}
}
}This API is used to view all available wiegand format.
curl --request GET \ --url https://{baseurl}/api/cards/wiegand_formats \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view a smart card layout details.
| id required | integer Example: 1 ID of the card layout which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/cards/layouts/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create Access on Card and write data to a card (Smart Card, etc.) using the specified device. The device must have a Smart Card layout configured before running this API.
| device_id required | integer Example: 542353521 ID of the device which will be used to write the card. Do set the Smart Card layout of the device before running this API. |
required | object | ||||
| |||||
{- "SmartCard": {
- "user_id": {
- "user_id": 8,
- "fingerprint_templates": {
- "0": {
- "finger_index": 0
}
}, - "visual_face_templates": { }
}, - "card_id": {
- "card_id": 8,
- "card_type_id": {
- "id": 3
}, - "use_alphanumeric_user_id": false
}
}
}This API is used to create Mobile Card.
required | object | ||||||||
| |||||||||
{- "SmartCard": {
- "user_id": {
- "user_id": 1,
- "fingerprint_templates": {
- "0": {
- "finger_index": 0
}
}
}, - "card_id": {
- "card_id": 102,
- "card_type_id": {
- "id": 2
}
}, - "card_layout_id": {
- "id": 4
}, - "options": {
- "is_a_mobile_credential": true
}
}
}This API is used to remove the written smart card data from a Smart Card.
| dev_id required | string Device ID with the corresponding layout set which will be used to write the card. |
curl --request POST \ --url https://{baseurl}/api/devices/{dev_id}/erase_card \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to send BioStar X QR by email.
Before using this API, make sure that:
| id required | integer ID of the user which the QR code applied to and the email will be sent to. |
| language required | string Enum: "ko" "en" Language for the email content. (ko=Korean, en=English) |
required | Array of objects non-empty Collection of QR cards to be sent via email |
| total required | integer Total number of cards in the collection |
{- "id": 1,
- "language": "en",
- "card_collection": [
- {
- "id": 10072,
- "card_id": 3.045804110617691e+33,
- "display_card_id": 165113371684849,
- "card_type": {
- "id": 7,
- "name": "SCQr",
- "type": 7
}
}
], - "total": 1
}This API is used to send Visual Face mobile enrollment link.
| id required | string User ID |
| language required | string Enum: "ko" "en" "ja" Language which will be used for the email content. (ko=Korean, en=English, ja=Japanese) |
required | object Advanced search criteria for batch processing. See Batch Edit with Advanced Search for |
{- "id": "1",
- "language": "en",
- "adv_criteria": {
- "user_name": "e",
- "user_operator_level_id": "0",
- "user_group_id": 1,
- "user_group_ids": { },
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string"
}
}curl --request GET \ --url https://{baseurl}/api/user_groups \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create a new User Group.
Note:
User groups may be created in up to 8 levels.
Up to 48 characters may be entered for a user group name.
required | object | ||||||
| |||||||
{- "UserGroup": {
- "parent_id": {
- "id": 1
}, - "depth": 1,
- "name": "TestDataXFer3"
}
}This API is used to delete a User Group.
| id | integer Example: id=21436 Id of the User Group which will be deleted. |
curl --request DELETE \ --url 'https://{baseurl}/api/user_groups?id=21436' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list User Group(s) which are specified in the request body.
| user_group_id_list | Array of strings Specify User Group ids which will be viewed. Use comma (,) as separator. |
{- "user_group_id_list": {
- "0": "1004",
- "1": "21109"
}
}This API is used to update a User Group.
| id required | integer Example: 21436 ID of the User Group which will be updated |
object | |||
| |||
{- "UserGroup": {
- "name": "TestDataXFer3xx"
}
}This API is used to update fingerprint data on a User.
Use POST /api/devices/{dev_id}/scan_fingerprint to enroll fingerprint.
Use POST /api/server_matching/identify_finger to check whether the fingerprint already recorded or not.
Important Notes:
| id required | integer Example: 14 ID of the user to update fingerprint credentials |
required | object | ||||||||||||
| |||||||||||||
{- "User": {
- "fingerprint_templates": [
- {
- "finger_mask": false,
- "template0": "RSoQFLAAVUYMBEBvBBlEsWSLFITAEIUGBgEYBA/G0W0IAwcgdgEbh2ANixfIMGUKEshwF4QOCbBzhjXEsaCFJITQAYohRSBViCSGoUsRLAcQooYoh6GlCDpIgZ2GKMkARgkyCXCehDhJgEIDG0sxYJsOy0BziBaMcGmPG4ywUaAVTdBokwxOEXgHEE6AeIIVT0FoERfPYBsxGg9gK9EK0QB4jRxSYRqFEhNAbxkXk1AUChiTUHSHL8zwl4EmDiE3CCHPADWKK5DAOo8nUZAqDS5SIUKXK9JhOZj////g/////////eAB///////d4AEi/////N3gASM////M3eABIzT/+7zd4BIzRE+7u83gEjNET7u7zeASNERFu7vN4BI0REW6u8zgIzRERaqqvOAjRERFqqq84TREREWqqrziNFVUT6mqvOJFVVVfqqq9BFVVVU/5qrqHd2ZU//+qqZiIdkT///qqqZh1T///+6qqqYX/////u6uqj///",
- "template1": "RSgQFK8AVUYRBDBvhxqEgBGFHsSRZwsIhRF1BQtGIRuEFsZxawgJRwB5AR4H4GULGYgQF4UUyYB0hyqEsAOJJsTRWIgrRkBKjyKG4QoLMsbwooQvB3GkBi9I0EYHOUnBnQMJSgF4ghXK8HWKHYwQZ5EIzQAfhRPN4XsEHA4BbBYXzhB5hRzO8WaYB89AdoQeT0AdsQgQAHiJDlFQdoIiSvFfHCLMcE4iNszwmAIszkE2hihO8DQJIM9QKkMxEJA3CC4RwCeOIlKBHAMxEsBFIv///d3////////M3eD/////+8zd4BL///+7zN3gEj//+rvM3eASM/+qu8zd4BIzT6q7vM3gEjRFqqq7zeASNESqqrvN4CNERaqqq7zhI0RFqqqrvOE0REWqqqq84jRFVaqqqrwDRFVVqqmavQRVVVWqqqq9JVVVVvq7qqmHdmZv/6qqqZiHZm//+qqqmZhV////u6qqmFT///+7uqqoT/8=",
- "isNew": true
}
]
}
}This API is used to view a user's details which is recorded on BioStar X.
Known errors:
Putting "/" at the end of the endpoint
Using User ID which doesn't exist
| id required | string Example: {{iterIDVal}} ID of the User |
curl --request GET \ --url https://{baseurl}/api/users/{{iterIDVal}} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used for updating user information in bulk.
The difference of this API and /api/users?id=1+2+3 is that this API can update different data of many users at the same time.
Warning: The maximum number of users that can be modified in a single API call is 100.
Response Codes:
0 (Overall success), 1 (Partial success), 8 (Overall failed)[BioStar X Install Path]\nginx\html\resources\messages_enrequired | object | ||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
{- "UserCollection": {
- "rows": [
- {
- "user_id": "9",
- "name": "John Doe",
- "user_group_id": {
- "id": "1"
}, - "disabled": false,
- "start_datetime": "2001-01-01T00:00:00.00Z",
- "expiry_datetime": "2030-12-31T23:59:00.00Z",
- "email": "SW1_00003@gmail.com",
- "department": "Engineering",
- "user_title": "Manager",
- "login_id": "myloginid",
- "password": "zlwRzi7Kcpi1kiQ",
- "user_ip": "191.59.135.73"
}
]
}
}{- "UserCollection": {
- "rows": [
- {
- "user_id": "3",
- "ret_code": "0"
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to check whether the image that will be uploaded on Visual Face credential is according to specification or not.
| template_ex_picture | string <byte> Image that will be checked (base64 encoded) |
{- "template_ex_picture": "/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wAARCAABAAEDASIAAhEBAxEB/8QAFQABAQAAAAAAAAAAAAAAAAAAAAv/xAAUEAEAAAAAAAAAAAAAAAAAAAAA/8QAFQEBAQAAAAAAAAAAAAAAAAAAAAX/xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwBVD//Z"
}This API is used to delete user(s) which is collected from Advanced Search query.
Users matching the advanced search criteria will be deleted from the system.
| adv required | string Example: adv=mode1 Use this to enable Advanced Search query result |
required | object (AdvancedSearchCriteria) Advanced Search criteria for finding users | ||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||
{- "adv_criteria": {
- "limit": 50,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": {
- "0": 1121
}, - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}
}{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to send user data to a device. For example when you want to send user John data after credential update to FaceStation F2. Notes:
adv=mode1 on Query Parameter to enable advanced search compatibility. This parameter is optional. When not used, it will use the previous capability.adv_criteria details){
"DeviceCollection" : {
"rows" : [ {
"id" : "50362288"
} ]
},
"adv_criteria" : {
"limit" : 50,
"order_by" : "user_id:false",
"user_group_ids" : [ 1014 ],
"user_id" : "8",
"user_email" : "support@supremainc.com"
}
}
| overwrite | boolean Example: overwrite=true Toggle to overwrite the data on the device. True to overwrite (default value) |
| id | integer Example: id=15 ID of the User that will be sent to the Device. To send multiple users, use plus (+) sign as separator of each User ID. Ex: 1001+1002+1003+1004 |
| adv | string Example: adv=mode1 Use this to enable Advanced Search query result. |
required | object | ||||||
| |||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": "50362288"
}
]
}
}{- "DeviceResponse": {
- "rows": [
- {
- "id": "50362288",
- "code": "0"
}
], - "result": "true"
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to delete user data from device(s) based on Advanced Search query results. Users matching the advanced search criteria will have their data removed from the specified devices. Notes:
adv=mode1 query parameter to enable advanced search functionality| adv | string Example: adv=mode1 Use this to enable Advanced Search query result. |
required | object |
required | object (AdvancedSearchCriteria) Advanced Search criteria for finding users |
{- "DeviceCollection": {
- "rows": [
- {
- "id": "40000701"
}
]
}, - "adv_criteria": {
- "limit": 50,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": {
- "0": 1121
}, - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}
}{- "DeviceResponse": {
- "rows": [
- {
- "id": "50362288",
- "code": "0"
}
], - "result": "true"
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API shows a workaround using this API to get multiple users data by adjusting the parameters.
The advantage of this workaround is that the API response can be adjusted to only show only the required users directly.
For BODY Parameter details refer to POST List Idle Users.
required | object | ||||||||
| |||||||||
{- "Query": {
- "offset": 0,
- "limit": 0,
- "conditions": [
- {
- "column": "user_id",
- "operator": 2,
- "values": {
- "0": 1,
- "1": 2,
- "2": 4
}
}
], - "orders": [
- {
- "column": "user_id",
- "descending": false
}
]
}
}This API is used to delete idle users.
For BODY parameter refer to POST List Idle Users.
| search_month | integer Example: search_month=1 Filter user(s) which idle for the last n month(s). |
| id | string Example: id=10 11 ID of the idle users which will be deleted. Use space as separator to delete multiple users. |
required | object | ||||||||
| |||||||||
{- "Query": {
- "offset": 0,
- "limit": 0,
- "conditions": [
- {
- "column": "user_id",
- "operator": 2,
- "values": {
- "0": 1,
- "1": 2,
- "2": 4
}
}
], - "orders": [
- {
- "column": "user_id",
- "descending": false
}
]
}
}This API is used to fetch user information via advanced search.
Supports flexible searching across multiple user fields including personal information, group membership, access levels, and custom fields. Notes:
"user_custom_field_#": "No" for specific custom fields"user_custom_field_#": "Yes" for specific custom fields user_operator_level_id values: -1 (None), 0 (All), or specific ID| limit required | integer The maximum number of users to return. Default is 50. |
| offset | integer The number of users to skip before starting to return results. Default is 0. |
| user_id | string The User ID to search, supports like search |
| order_by required | string Order, will accept with format |
| user_group_id | integer Group ID for search user. Also gets the child user group |
| user_group_ids | Array of integers Array of Group IDs for advanced search parameter |
| user_name | string User name for Advance Search parameter, supports like search both encrypted and unencrypted |
| user_email | string <email> User email, supports like search both encrypted and unencrypted |
| user_phone | string User Phone for Advance Search parameter, supports like search both encrypted and unencrypted |
| user_access_group_ids | string User access group id for advance search parameter, supports multiple value with format String with Delimiter , i.e 1,2,3. * = User(s) who have any Access Group. void = User(s) who does not belong to any Access Group. |
| user_operator_level_id required | integer User operator level id for Advance Search parameter Value |
| user_department | string User Department for Advance Search parameter, supports like search on unencrypted and exact search on encrypted |
| user_title | string User title for advance search parameter, supports like search on unencrypted and exact search on encrypted |
| user_card | string User card ID to search |
| user_custom_field_1 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_2 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_3 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_4 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_5 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_6 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_7 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_8 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_9 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_custom_field_10 | string or null Custom fields for advance search parameter support like search on unencrypted and exact search on encrypted |
| user_status | boolean Enum: false true User status for advance search parameter. |
{- "limit": 50,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": {
- "0": 1121
}, - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}{- "UserCollection": {
- "total": 1,
- "rows": [
- {
- "user_id": "45",
- "name": "Suprema",
- "email": "one@suprema.com",
- "department": "Your Dept",
- "user_title": "Your Title",
- "phone": "085697068105",
- "user_group_id": {
- "id": 1004,
- "name": "user group1"
}, - "operator_level": "User",
- "fingerprint_template_count": 0,
- "face_count": 0,
- "visual_face_count": 0,
- "mobile_count": 0,
- "qr_count": 0,
- "card_count": 1,
- "start_datetime": "2001-01-01T00:00:00",
- "expiry_datetime": "2037-12-31T23:59:00",
- "last_modified": 5,
- "updated_count": 0,
- "login_id": "Abrar",
- "disabled": false,
- "have_pin": true,
- "access_groups": [
- {
- "id": 1,
- "name": "access group 3",
- "users": [
- { }
], - "user_groups": [
- { }
], - "access_levels": [
- { }
], - "floor_levels": [
- { }
]
}
], - "user_custom_fields": [
- {
- "custom_field": {
- "id": 1,
- "name": "CF1",
- "type": 0,
- "order": 1
}, - "item": "custom field 1",
- "user_id": {
- "user_id": "45",
- "name": "Suprema"
}
}
]
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to list all users recorded on Bio Star X.
Known errors:
At least one parameter must exist
Using unavailable user_group_id will show empty response
| limit required | integer >= 0 Limit response record(s) by the value specified on this parameter. Use 0 for no limit. |
| search_text | string or null Search record(s) with the text specified on this parameter. Performs like search across user fields. |
| user_group_id | integer or null Filter response record(s) according to user_group_id specified on this parameter |
| order_by | string Order the response record(s) by the User parameter such as user_id or name. Format is |
{- "limit": 50,
- "search_text": "John",
- "user_group_id": 1,
- "order_by": "user_id:false"
}This API is used to view all user permission grouped by user account level.
1: Administrator
2: User Operator
3: Monitoring Operator
4-252: Custom Account Level
253: Video
254: TA
255: User
100000: Visitor
curl --request GET \ --url https://{baseurl}/api/permissions \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list user fields which can be processed as CSV.
curl --request GET \ --url https://{baseurl}/api/users/csv_option \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to download exported CSV files from BioStar X Server.
Supports downloading both user-related CSV files and events-related CSV files. The system automatically detects the file type based on the filename pattern.
Supported File Types:
POST /api/users/csv_exportPOST /api/events/exportUsage:
csv_export for users, export for events)| csv_filename required | string Examples:
Name of the CSV file to download (supports both user and events files) |
curl --request GET \ --url https://{baseurl}/download/User_Import_Error_20220124T143708.csv \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to upload a file to BioStar X Server.
Usage of this API is to upload a .csv or .tgz file to BioStar X Server Installation path, which after the file can be further processed for importing User Data to the database through POST /api/users/csv_import or POST /api/users/data_import.
Uploaded file will be located on: {{BioStar X Installation Path}}\nginx\html\download
Do note that if there's any file with the same name, it will be overwritten
| file | string <binary> |
curl --request POST \ --url https://{baseurl}/api/attachments \ --header 'bs-session-id: REPLACE_KEY_VALUE' \ --header 'content-type: multipart/form-data' \ --form file=/C:/Users/user/Desktop/BioStarX_20220124_173247.tgz
This API is used to export user data as CSV file with customizable columns and headers.
Supports exporting user information including custom fields and file upload information. The exported CSV file can be downloaded using the /download/{csv_filename} endpoint.
Features:
Usage Flow:
/download/{csv_filename} to download the actual CSV file| id | string Examples:
ID of the Users to export. Use |
| adv | string Value: "mode1" Example: adv=mode1 Enable Advanced Search query result mode |
required | object Data criteria and formatting options for CSV export |
required | object Advanced Search criteria for finding users |
{- "Query": {
- "offset": 0,
- "group_by": 1,
- "columns": {
- "0": "user_id",
- "1": "name",
- "2": "email",
- "3": "user_group_id",
- "4": "access_groups",
- "5": "start_datetime",
- "6": "expiry_datetime",
- "7": "operator_level",
- "8": "fingerprint_template_count",
- "9": "face_count",
- "10": "visual_face_count",
- "11": "card_count",
- "12": "have_pin",
- "13": "qr_count",
- "14": "mobile_count",
- "15": "disabled"
}, - "headers": {
- "0": "ID",
- "1": "Name",
- "2": "Email",
- "3": "Group",
- "4": "Access Group",
- "5": "Start datetime",
- "6": "End datetime",
- "7": "Operator Level",
- "8": "Fingerprint",
- "9": "Face",
- "10": "Visual Face",
- "11": "Card",
- "12": "PIN",
- "13": "QR/Barcode",
- "14": "Mobile Access Card",
- "15": "Status"
}
}, - "adv_criteria": {
- "limit": 1000,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": [
- 1121
], - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}
}{- "File": {
- "uri": "User_20241030_7f554f6983034c8eb1b42076f68e488b.csv"
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to import User Data from a .csv file to the BioStar X database.
To run this API successfully, it is imperative to run POST /api/attachments first to upload the .csv file to the server install path.
After .csv file got uploaded to the server, put the filename value from the above API to the uri and fileName parameter on this API.
Fields listed on Query parameter are also used for field mapping between .csv file and BioStar X database.
For example field user_id on Query:headers (.csv) will be matched with the first field of Query:columns (BioStar X). To change this mapping, adjust the sequence on Query:headers as desired (eg. exchange field department with user_id so the value of department will be used on user_id on BioStar X).
To skip a field from mapping, put empty string ("") on the intended field.
If there's no issue on the import process, the API will shows "Success" response.
If there's issue (duplicate email, etc.), the response will show that the "Request is successful but partially" and will include a filename which contain records that caused the errors which can be downloaded by using GET /download/:csv_filename
If the CSV file to import contains data for custom user fields and the fields do not exist on the server, then the data for the fields will be ignored during the import process.
To enter user information in a language other than English or Korean, save the CSV file in UTF-8 format.
required | object Information about the uploaded CSV file |
required | object Import configuration and options |
required | object Field mapping configuration between CSV and database |
{- "File": {
- "uri": "User_Test.csv",
- "fileName": "User_Test.csv"
}, - "CsvOption": {
- "start_line": 2,
- "import_option": 1
}, - "Query": {
- "headers": {
- "0": "user_id",
- "1": "name",
- "2": "department",
- "3": "user_title",
- "4": "phone",
- "5": "email",
- "6": "user_group",
- "7": "start_datetime",
- "8": "expiry_datetime",
- "9": "csn",
- "10": "",
- "11": "",
- "12": "",
- "13": "qr",
- "14": "26 bit SIA Standard-H10301",
- "15": "HID 37 bit-H10302",
- "16": "",
- "17": "",
- "18": "",
- "19": "Purpose",
- "20": "License Plate Number",
- "21": "Hello",
- "22": "Hair Color",
- "23": "Hair Color 2",
- "24": "",
- "25": "",
- "26": ""
}, - "columns": {
- "0": "user_id",
- "1": "name",
- "2": "department",
- "3": "user_title",
- "4": "phone",
- "5": "email",
- "6": "user_group",
- "7": "start_datetime",
- "8": "expiry_datetime",
- "9": "csn",
- "10": "mobile_start_datetime",
- "11": "mobile_expiry_datetime",
- "12": "csn_mobile",
- "13": "qr",
- "14": "26 bit SIA Standard-H10301",
- "15": "HID 37 bit-H10302",
- "16": "HID 37 bit-H10304",
- "17": "HID Corporate 1000",
- "18": "HID Corporate 1000 48bit",
- "19": "face_image_file1",
- "20": "face_image_file2",
- "21": "pin",
- "22": "login_id",
- "23": "access_groups",
- "24": "fingerprint_template_count",
- "25": "face_count",
- "26": "visual_face_count",
- "27": "card_count",
- "28": "have_pin",
- "29": "qr_count",
- "30": "mobile_count",
- "31": "disabled"
}
}
}You can store the data file on external storage (USB) and import to BioStar X or device. Up to 500,000 users can be moved from server to device or from device to device.
The exported data file from devices using older firmware version cannot be imported into BioStar X. Make sure always use the latest version of firmware.
If you use BioStar 2.8.10 or later, data exported from the previous version of BioStar 2 cannot be imported.
If you use BioStar 2.8.10 or later, it is impossible to read data from a device that are using older firmware version. Upgrade the device’s firmware to a compatible version. Compatible devices and firmware versions are as follows:
BioStation 2 FW 1.9.0 or later > device_type: 8
BioStation A2 FW 1.8.0 or later > device_type: 9
FaceStation 2 FW 1.4.0 or later > device_type: 10
FaceStation F2 FW 1.0.0 or later > device_type: 29
X-Station 2 FW 1.0.0 or later > device_type: 32
If the fingerprint template format is different, the data file cannot be imported. For example, the data file exported from a device which uses the Suprema fingerprint template format cannot be imported into a device which uses the ISO fingerprint template format.
When importing user data with visual faces enrolled from FaceStation F2, the existing data will be retained if there are already visual face data enrolled on BioStar 2 via Upload Image or a mobile device.
The exported data file includes the profile photo, user ID, name, period, access group, PIN, auth. mode, credentials (face, fingerprint, card, mobile access card, visual face, BioStar 2 QR, QR/Barcode), 1:1 security level.
You can export visual face data directly registered from the device only. It is not possible to export the data registered with the other methods, such as image file upload, CSV import, and mobile devices.
Be sure that the device is selected correctly. Otherwise, the device cannot recognize the data file.
| id | string Example: id=14 15 16 User ID(s) to export. Use space as separator for multiple users. |
| adv | string Example: adv=mode1 Enable Advanced Search query mode |
| device_type required | integer Device type for which the exported data will be applied
|
| group_id required | integer >= 1 Group ID of the device |
required | object Advanced Search criteria for finding users |
{- "device_type": 35,
- "group_id": 1,
- "adv_criteria": {
- "limit": 50,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": [
- 1121
], - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}
}{- "File": {
- "uri": "BioStar2_20241103_143708.tgz"
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}You can store the data file on external storage (USB) and import to BioStar 2 or device. Up to 500,000 users can be moved from server to device or from device to device.
The exported data file from devices using older firmware version cannot be imported into BioStar 2. Make sure always use the latest version of firmware.
If you use BioStar 2.8.10 or later, data exported from the previous version of BioStar 2 cannot be imported.
If you use BioStar 2.8.10 or later, it is impossible to read data from a device that are using older firmware version. Upgrade the device’s firmware to a compatible version. Compatible devices and firmware versions are as follows:
BioStation 2 FW 1.9.0 or later > device_type: 8
BioStation A2 FW 1.8.0 or later > device_type: 9
FaceStation 2 FW 1.4.0 or later > device_type: 10
FaceStation F2 FW 1.0.0 or later > device_type: 29
X-Station 2 FW 1.0.0 or later > device_type: 32
If the fingerprint template format is different, the data file cannot be imported. For example, the data file exported from a device which uses the Suprema fingerprint template format cannot be imported into a device which uses the ISO fingerprint template format.
When importing user data with visual faces enrolled from FaceStation F2, the existing data will be retained if there are already visual face data enrolled on BioStar 2 via Upload Image or a mobile device.
Select the desired file (.tgz) and then click Open.
A success message will appear on the screen when import successfully.
Use POST /api/attachments to upload the file (.tgz) to the BioStar 2 server.
Use the resulting filename on the response as value on the BODY parameter.
required | object Information about the uploaded device file | ||||
| |||||
{- "file": {
- "originalName": "BioStar2_20241103_143708.tgz",
- "name": "BioStar2_20241103_143708.tgz"
}
}Generate customizable user reports in PDF or SVG format using Advanced Search criteria.
Prerequisites:
Report Configuration:
Output Formats:
| use_centigrade | boolean Example: use_centigrade=true |
| adv | string Example: adv=mode1 Use this to enable Advanced Search query result. |
Report configuration and user data criteria
required | object Report configuration and layout settings |
required | object (AdvancedSearchCriteria) Advanced Search criteria for finding users |
{- "View": {
- "Query": {
- "collection_name": "UserCollection",
- "object": "query",
- "orders": {
- "0": {
- "column": "user_id",
- "descending": "false"
}
}
}, - "display_fields": {
- "0": {
- "name": "user_id",
- "display_name": "ID",
- "display_type": "string",
- "width": 5
}, - "1": {
- "name": "name",
- "display_name": "Name",
- "display_type": "string",
- "width": 9
}, - "2": {
- "name": "email",
- "display_name": "Email",
- "display_type": "string",
- "width": 12
}, - "3": {
- "name": "user_group_id.name",
- "display_name": "Group",
- "display_type": "string",
- "width": 9
}, - "4": {
- "name": "access_groups",
- "display_name": "Access Group",
- "display_type": "objects",
- "width": 9
}, - "5": {
- "name": "start_datetime",
- "display_name": "Start datetime",
- "display_type": "string",
- "width": 7
}, - "6": {
- "name": "expiry_datetime",
- "display_name": "End datetime",
- "display_type": "string",
- "width": 7
}, - "7": {
- "name": "operator_level",
- "display_name": "Operator Level",
- "display_type": "string",
- "width": 9
}, - "8": {
- "name": "fingerprint_template_count",
- "display_name": "Fingerprint",
- "display_type": "string",
- "width": 4
}, - "9": {
- "name": "face_count",
- "display_name": "Face",
- "display_type": "string",
- "width": 4
}, - "10": {
- "name": "visual_face_count",
- "display_name": "Visual Face",
- "display_type": "string",
- "width": 4
}, - "11": {
- "name": "card_count",
- "display_name": "Card",
- "display_type": "string",
- "width": 4
}, - "12": {
- "name": "have_pin",
- "display_name": "PIN",
- "display_type": "string",
- "width": 4
}, - "13": {
- "name": "qr_count",
- "display_name": "QR/Barcode",
- "display_type": "string",
- "width": 4
}, - "14": {
- "name": "mobile_count",
- "display_name": "Mobile Access Card",
- "display_type": "string",
- "width": 4
}, - "15": {
- "name": "disabled",
- "display_name": "Status",
- "display_type": "enum",
- "width": 2,
- "enum": {
- "0": "false=",
- "1": "true=Inactive"
}
}
}, - "name": "All Users",
- "show_title_every_page": false,
- "group_by_page_break": false,
- "footer_report_date": true,
- "footer_comment": "Created by Administrator",
- "footer_display_page_number": true,
- "content_type": "PDF",
- "page_size": "A4",
- "page_portrait": false
}, - "adv_criteria": {
- "limit": 1000,
- "user_group_ids": { },
- "user_group_id": 1,
- "user_operator_level_id": 0,
- "order_by": "user_id:false"
}
}{- "FileCollection": {
- "total": "1",
- "rows": [
- {
- "uri": "/report/list_20241030093819_7596.pdf",
- "type": "application/pdf"
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to create or update User Private Message.
This API is available starting from BioStar 2 version 2.9.8.
| userId required | integer Example: 12 User ID of the user to whom the private message will be configured. |
Private message data to set for the user
| phrase required | string [ 1 .. 128 ] characters Private message text to display to the user. Maximum 128 bytes - longer messages will be truncated. |
{- "phrase": "Good morning. Set private message here."
}{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to delete User Private Message.
This API is available starting from BioStar 2 version 2.9.8.
| userId required | integer Example: 12 User ID of the user to whom the private message will be deleted. |
curl --request DELETE \ --url https://{baseurl}/api/v2/users/phrase/12 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to fetch User Private Message.
This API is available starting from BioStar 2 version 2.9.8.
| userId required | integer Example: 12 User ID of the user to whom the private message will be fetched. |
curl --request GET \ --url https://{baseurl}/api/v2/users/phrase/12 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "user_id": 12,
- "phrase": "Good morning. You're expected at meeting room 1 at 09.00"
}This API is used to download the file which contained in a File Upload Custom Field.
This API is available starting from BioStar 2 v2.9.8.
After receiving the response, convert the Base64 data on key document to file type specified on key mimetype.
| UserID required | integer Example: 3 ID of the user which have the intended file. |
| customFieldID required | integer Example: 5 ID of the File Upload Custom Field which contain the file. |
curl --request GET \ --url https://{baseurl}/api/user_document/3/5 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Data": {
- "document": "U1c1IGlzIHRoZSBiZXN0IGRldmVsb3Blcg==",
- "mimetype": "text/plain",
- "item": "ACCOUNTS.TXT"
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}Retrieves a combined list of user groups and users, including hierarchical relationships between groups and their members.
This endpoint is typically used to build a tree structure (group → subgroup → user) for user management, filtering, or selection interfaces.
curl --request GET \ --url https://{baseurl}/api/v2/user/filter/user_and_group \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "success",
- "by": "web"
}, - "UserAndGroupCollection": {
- "total": 10135,
- "rows": {
- "0": {
- "id": "userGroup-1",
- "name": "All",
- "disabled": false,
- "original_id": "1",
- "last_child": false
}, - "1": {
- "id": "userGroup-11241",
- "name": "Empty Users",
- "disabled": true,
- "original_id": "11241",
- "parent_id": "userGroup-1",
- "last_child": true
}, - "2": {
- "id": "userGroup-11024",
- "name": "Kumahira",
- "disabled": false,
- "original_id": "11024",
- "parent_id": "userGroup-1",
- "last_child": false
}, - "3": {
- "id": "user-9932",
- "name": "asdfsdfdsfa",
- "disabled": false,
- "original_id": "9932",
- "parent_id": "userGroup-11024",
- "parent_name": "Kumahira",
- "user_group": "Kumahira",
- "last_child": true
}, - "4": {
- "id": "user-9937",
- "name": "bobby",
- "disabled": false,
- "original_id": "9937",
- "parent_id": "userGroup-11024",
- "parent_name": "Kumahira",
- "user_group": "Kumahira",
- "last_child": true
}, - "5": {
- "id": "user-9938",
- "name": "Hildegaard",
- "disabled": false,
- "original_id": "9938",
- "parent_id": "userGroup-11024",
- "parent_name": "Kumahira",
- "user_group": "Kumahira",
- "last_child": true
}
}
}
}This API is used to delete user(s) from BioStar X.
Known errors:
Empty parameter `id``
Using `id`` which doesn't exist
| id | string Example: id={{iterIDVal}} ID of the User which will be deleted. To delete multiple Users, use plus (+) sign as separator of each User ID. Ex: 1001+1002+1003+1004 Use GET `/api/users`` to list available users |
curl --request DELETE \ --url 'https://{baseurl}/api/users?id={{iterIDVal}}' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
By adding adv=mode1 on Query Parameter, Batch Edit feature can works with Advanced Search result.
The API works by query users based on adv_criteria object, then apply new value based on input in User object.
| adv required | string Value: "mode1" Example: adv=mode1 Use this to enable Advanced Search query result |
required | object User data to change |
required | object (AdvancedSearchCriteria) Advanced Search criteria for finding users |
{- "User": {
- "start_datetime": "2001-01-02T00:00:00.00Z",
- "expiry_datetime": "2035-12-31T23:59:00.00Z",
- "disabled": true,
- "user_group_id": {
- "id": 242894,
- "name": "test 2",
- "parent_id": {
- "id": 1
}
}, - "permission": {
- "id": 2
}, - "access_groups": [
- {
- "id": "14"
}
]
}, - "adv_criteria": {
- "limit": 50,
- "offset": 0,
- "user_id": "11",
- "order_by": "user_id:false",
- "user_group_id": 1,
- "user_group_ids": {
- "0": 1121
}, - "user_name": "John",
- "user_email": "abc@gmail.com",
- "user_phone": "123-456-7890",
- "user_access_group_ids": "17,18",
- "user_operator_level_id": 0,
- "user_department": "Engineering",
- "user_title": "Manager",
- "user_card": "123456",
- "user_custom_field_1": "string",
- "user_custom_field_2": "string",
- "user_custom_field_3": "string",
- "user_custom_field_4": "string",
- "user_custom_field_5": "string",
- "user_custom_field_6": "string",
- "user_custom_field_7": "string",
- "user_custom_field_8": "string",
- "user_custom_field_9": "string",
- "user_custom_field_10": "string",
- "user_status": false
}
}{- "FailedUserCollection": {
- "total": "0",
- "rows": [
- {
- "user_id": "string",
- "error_message": "string"
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to list users which is recorded on BioStar X.
Known errors:
group_id which doesn't exist will return success but no recordsNote: This API is deprecated in BioStar 2 v2.8.12, please use /api/v2/users/search instead.
| group_id | integer Example: group_id=1 Filter response record(s) according to the group_id specified on this parameter. Use GET /api/user_groups to list all User Groups. Default value: 1 to show all. |
| limit | integer Limit response record(s) by the amount specified on this parameter. 0 for show all. |
| offset | integer Shift response record(s) by the amount specified on this parameter. default value = 0. Ex: If you have 10 records, put value 5 on limit, and when you put value 5 on offset, you will get record 6 to 10 on the result. |
| order_by | string Example: order_by=user_id:false Order the response record(s) by the User parameter such as user_id or name. False for ascending, True for descending. |
| last_modified | integer Show response record(s) with User last_modified value which is equal or greater than this parameter value. |
curl --request GET \ --url 'https://{baseurl}/api/users?group_id=1&limit=0&offset=0&order_by=user_id%3Afalse&last_modified=0' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list all device groups recorded on BioStar X database.
{- "order_by": "depth:false"
}This API is used to list all device groups recorded on BioStar 2 database.
{- "order_by": "depth:false"
}This API is used to create new device group.
object | |||||||
| |||||||
{- "DeviceGroup": {
- "name": "New Device Group 1",
- "description": "Description of the device group",
- "parent_id": {
- "id": 1
}
}
}This API is used to update a device group.
| id required | integer Example: 5 ID of the device group which will be updated |
curl --request PUT \ --url https://{baseurl}/api/device_groups/5 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete device group.
| id required | integer Example: 5 ID of the device group which will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/device_groups/5 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create Access on Card and write data to a card (Smart Card, etc.) using the specified device. The device must have a Smart Card layout configured before running this API.
| device_id required | integer Example: 542353521 ID of the device which will be used to write the card. Do set the Smart Card layout of the device before running this API. |
required | object | ||||
| |||||
{- "SmartCard": {
- "user_id": {
- "user_id": 8,
- "fingerprint_templates": {
- "0": {
- "finger_index": 0
}
}, - "visual_face_templates": { }
}, - "card_id": {
- "card_id": 8,
- "card_type_id": {
- "id": 3
}, - "use_alphanumeric_user_id": false
}
}
}This API is used to compare 2 fingerprint scan to determine whether it's the same finger or not.
As shown on the example, it is applied on template0 and template1 where template0 is the 1st scan of the finger and template1 is the 2nd scan.
To get the value for these parameters, use POST /api/devices/:dev_id/scan_fingerprint two times. The first scan for template0 and second scan for template1.
It will return HTTP 200 and shows message result: true on success, HTTP 500 and shows message result: false on failure.
| dev_id required | integer >= 1 Example: 544140034 Unique identifier of the device to perform fingerprint verification |
Fingerprint templates and verification options
required | object Container for the two fingerprint templates to compare |
object Optional verification configuration |
{- "FingerprintTemplate": {
- "template0": "RSoQFLAAVUYMBEBvBBlEsWSLFITAEIUGBgEYBA/G0W0IAwcgdgEbh2ANixfIMGUKEshwF4QOCbBzhjXEsaCFJITQAYohRSBViCSGoUsRLAcQooYoh6GlCDpIgZ2GKMkARgkyCXCehDhJgEIDG0sxYJsOy0BziBaMcGmPG4ywUaAVTdBokwxOEXgHEE6AeIIVT0FoERfPYBsxGg9gK9EK0QB4jRxSYRqFEhNAbxkXk1AUChiTUHSHL8zwl4EmDiE3CCHPADWKK5DAOo8nUZAqDS5SIUKXK9JhOZj////g/////////eAB///////d4AEi/////N3gASM////M3eABIzT/+7zd4BIzRE+7u83gEjNET7u7zeASNERFu7vN4BI0REW6u8zgIzRERaqqvOAjRERFqqq84TREREWqqrziNFVUT6mqvOJFVVVfqqq9BFVVVU/5qrqHd2ZU//+qqZiIdkT///qqqZh1T///+6qqqYX/////u6uqj///",
- "template1": "RSgQFK8AVUYRBDBvhxqEgBGFHsSRZwsIhRF1BQtGIRuEFsZxawgJRwB5AR4H4GULGYgQF4UUyYB0hyqEsAOJJsTRWIgrRkBKjyKG4QoLMsbwooQvB3GkBi9I0EYHOUnBnQMJSgF4ghXK8HWKHYwQZ5EIzQAfhRPN4XsEHA4BbBYXzhB5hRzO8WaYB89AdoQeT0AdsQgQAHiJDlFQdoIiSvFfHCLMcE4iNszwmAIszkE2hihO8DQJIM9QKkMxEJA3CC4RwCeOIlKBHAMxEsBFIv///d3////////M3eD/////+8zd4BL///+7zN3gEj//+rvM3eASM/+qu8zd4BIzT6q7vM3gEjRFqqq7zeASNESqqrvN4CNERaqqq7zhI0RFqqqrvdfsagfsgagOE0REWqqqq84jRFVaqqqrwDRFVVqqmavQRVVVWqqqq9JVVVVvq7qqmHdmZv/6qqqZiHZm//+qqqmZhV////u6qqmFT///+7uqqoT/8="
}, - "VerifyFingerprintOption": {
- "security_level": "0"
}
}This API is used to verify duplicate fingerprint.
If fingerprint already exist, it will return success (HTTP 200) and response will show the user which currently using the fingerprint.
Use the result of POST /api/devices/:dev_id/scan_fingerprint for the value of parameter template (either the 1st or 2nd scan).
If fingerprint available, it will return server error (HTTP 500) with response showing message "Failed to identify fingerprint.".
required | object | ||
| |||
{- "ServerMatching": {
- "template": "AA4NE6cAVUYXwGEODRaBgWmJGoLhCoUTw+BohB0EYWaJIMKAWIkiAsAJijED4K6JJ8ehAwkwCFCyhCYIoFcLLQjRVoQeyTFligMJUG2GD0vxcQYezkFpjAIO4HWbFU9RcwUgD4Fnkx9QsWwPCpDhcgkfkZFoiydJwAMJJQrRXAknDABTCCsP4aCJJhBABJ4m0PGqoSqRYKkXKRIQCJ7//93v//////3d7/////zN3uAP//zM3e4AH8zMzN7gAfzMzM3uARK8zM3e4AEbvMzd7gARu8zM3uARHMzMze4BEczMzN3gESu7vMzeARK7u8zN4BI7u7vM3gIjqru7vOAzT6u7u84TRP+7zMzRNE//zMzN4jP//8zM3hLw"
}
}This API is used to view device(s) which is on waiting list after changing connection mode from Server > Device to Device > Server.
curl --request GET \ --url https://{baseurl}/api/devices/waiting \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This example shows how to add slave device to BioStar X.
object | |||||||||||||||
| |||||||||||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": "40059024",
- "name": "BioStation 3 40059024",
- "device_type_id": {
- "id": 35
}, - "parent_device_id": {
- "id": 40059023
}, - "rs485": {
- "mode": "2",
- "connected_channel_index": "0",
- "parent_rs485_info": "RS485 Port 0"
}
}
]
}
}This API is used to view all devices added to BioStar X.
Status response for this API:
| Parameter | Type | Description |
|---|---|---|
| status | Integer | Connection status of the device. 0: Disconnected 1: Connected 2: Sync Error |
curl --request GET \ --url https://{baseurl}/api/devices \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete device(s).
| id | integer Example: id=543408590 ID of the device(s) which will be deleted. To delete multiple device use plus (+) sign as separator. |
curl --request DELETE \ --url 'https://{baseurl}/api/devices?id=543408590' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update device's configuration.
Put value which will be updated on the respective body parameter and remove any parameters which will not be updated.
| id required | string ID of the device which will be updated |
Device configuration data to update. Only include fields that need to be changed.
object Container for all device configuration settings | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{- "Device": {
- "name": "FaceStation 2 542353521 (192.168.1.23)",
- "device_group_id": {
- "id": 47,
- "name": "Suprema"
}, - "lan": {
- "connection_mode": 1,
- "enable_dhcp": false,
- "use_dns": false,
- "ip": "192.168.1.23",
- "device_port": 51211,
- "gateway": "192.168.1.1",
- "subnet_mask": "255.255.255.0",
- "server_port": 51212,
- "server_ip": "192.168.1.5"
}, - "usb": {
- "enable_usb": false,
- "enable_usb_memory": false
}, - "wlan": {
- "enabled": false,
- "operation_mode": 0,
- "auth_type": 0,
- "encryption_type": 0
}, - "rs485": {
- "mode": 3,
- "intelligentInfo": {
- "supportIConfig": false,
- "useFailCode": false,
- "failCodeFormat": 1,
- "failCode": "0000000000000000",
- "osdpID": 0,
- "cardFormat": 0
}, - "channels": [
- {
- "index": 0,
- "mode": 1,
- "baudrate": 115200
}
]
}, - "authentication": {
- "matching_timeout": "5",
- "auth_timeout": "5",
- "enable_private_auth": true,
- "enable_server_matching": false,
- "face_detection_level": "0",
- "enable_full_access": false,
- "operation_modes": [
- {
- "mode": 0,
- "schedule_id": {
- "id": 1
}, - "operators": { },
- "enable_card_Id_from_keypad": false
}
]
}, - "card": {
- "use_csn": true,
- "use_mifare_felica": true,
- "use_em": true,
- "use_wiegand": false,
- "use_iclass": false,
- "use_HIDprox": false,
- "use_smart": true,
- "use_SEOS": false,
- "use_SR_SE": false,
- "use_desfire_ev1": true,
- "use_classic_plus": true,
- "use_mobile": true,
- "use_BLE": false,
- "use_NFC": true,
- "byte_order": "0",
- "use_wiegand_format": false,
- "card_layout": {
- "id": "2"
}
}, - "display": {
- "language": "1",
- "background": "0",
- "background_theme": "1",
- "volume": "50",
- "use_voice": false,
- "menu_timeout": "20",
- "message_timeout": "2000",
- "backlight_timeout": "20",
- "display_datetime": true,
- "date_type": "0",
- "time_format": "0",
- "home_formation": "5",
- "shortcut_home": "",
- "device_private_message": false,
- "server_private_message": false,
- "use_screen_saver": false,
- "sounds": { }
}, - "system": {
- "timezone": 28800,
- "sync_time": true,
- "locked": false,
- "interphone_type": 0,
- "camera_frequency": "60",
- "use_alphanumeric": false,
- "enable_clear_on_tamper": true,
- "enable_data_encryption": false,
- "use_card_operation": true
}, - "wiegand": {
- "wiegand_in_out": "0",
- "out_pulse_width": "40",
- "out_pulse_interval": "10000",
- "enable_bypass_mode": false,
- "format_id": {
- "id": "0"
}, - "enable_fail_code": false,
- "fail_code": "0",
- "wiegand_output_info": "1",
- "wiegand_csn_id": {
- "id": "-1"
}, - "wiegand_cards": { },
- "wiegand_inputs": { }
}, - "tna": {
- "mode": "1",
- "fixed_code": 0,
- "required": false,
- "tna_keys": [
- {
- "order": 1,
- "key": 0,
- "keyName": "Code 1",
- "schedule_id": { },
- "label": ""
}
]
}, - "input": {
- "input_port_num": "0",
- "supervised_inputs": ""
}, - "event_filter": {
- "rows": { },
- "total": "0"
}, - "voip": {
- "use": false,
- "server": {
- "address": "",
- "user_id": "",
- "password": "",
- "port": ""
}, - "dtmf": {
- "mode": "0",
- "exit_button": "0"
}, - "phonebook_list": { }
}, - "barcode": {
- "use_barcode": false,
- "scan_timeout": "4"
}, - "pktversion": "3",
- "support_occupancy": true,
- "thermal_config": {
- "enable_thermal_camera": "0",
- "enable_centigrade": "1",
- "temperature_threshold_high": "3800",
- "enable_audit_temperature": true,
- "enable_temperature_reject_sound": true,
- "enable_overlap_thermal": true,
- "temperature_checkmode": "0",
- "enable_mask": "0",
- "mask_detection_level": "0",
- "enable_dynamic_roi": false
}, - "thermal_camera_config": {
- "distance": "100",
- "emissivity": "98",
- "roi_x": "47",
- "roi_y": "45",
- "roi_width": "15",
- "roi_height": "10",
- "enable_body_compensation": true,
- "compensation_temperature": "0"
}, - "trigger_actions": "",
- "authmode": {
- "id": "542353521",
- "extAuthModeSupported": false,
- "cardAuthSupported": true,
- "cardAuthMask": "0",
- "fingerprintAuthSupported": true,
- "fingerprintAuthMask": "0",
- "faceAuthSupported": false,
- "faceAuthMask": "990979",
- "idAuthSupported": true,
- "idAuthMask": "0"
}, - "card_supported_from_device": {
- "mask": "2147483957",
- "em4100": true,
- "HIDProx": false,
- "mifare_felica": true,
- "iCLASS": false,
- "mifareClassic_Plus": true,
- "Desfire_ev1": true,
- "iCLASSSRSE": false,
- "iCLASSSEOS": false,
- "NFC": true,
- "BLE": false,
- "use_card_operation": true
}, - "capability": {
- "thermalAuthSupported": "1",
- "maskAuthSupported": "0",
- "intelligentPDSupported": "0"
}, - "imageLogEventInfo": {
- "imageLogEventItems": { }
}, - "use_image_log": false,
- "dst1": "0",
- "dst2": "0"
}
}This API is used to view device's information.
| id required | integer Example: 542353521 ID of the device which information will be viewed |
curl --request GET \ --url https://{baseurl}/api/devices/542353521 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Updates the homescreen display resources for one or more BioStar X devices. This API allows you to customize the device display with custom images, logos, or notices that appear on the device's homescreen.
Prerequisites
Before using this API, you must first configure the device's display settings using the Update Device API (/api/devices/{id}) with the following parameters:
background: Display mode (0=Default, 2=Slide Show)background_theme: Content type (0=Normal, 1=Notice, 2=Logo)
{
"Device": {
"display": {
"background": "0"
"background_theme": "2"
}
}
}
For Slide Show mode, set both background and background_theme to "2".
Device collection and resource data for updating homescreen display
required | object Collection of devices to update |
required | object Collection of resource data to apply to devices |
{- "DeviceCollection": {
- "total": 2,
- "rows": {
- "0": {
- "id": "538152248"
}, - "1": {
- "id": "538152254"
}
}
}, - "ResourceDataCollection": {
- "total": 1,
- "type": "2",
- "rows": {
- "0": {
- "slot": 0,
- "data": "iVBORw0KGgoAAAANSUhEUgAAAtAAAALg8gAAAABJRU5ErkJggg=="
}
}
}
}This API is used to list Suprema devices recorded on BioStar X.
curl --request GET \ --url https://{baseurl}/api/device_types \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view device(s) based on its enrollment capabilities.
| type | integer Device enrollment type. |
curl --request GET \ --url 'https://{baseurl}/api/devices/enrollment?type=0' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list devices with parameters to filter the result. It is required to at least put {} for the API to run correctly.
| limit | integer Limit the number of responses according to the specified value |
| exclude_device_type_id | integer Exclude device to show on the response according to the device type id specified |
| order_by | string Order the response according to the specified value |
{- "limit": 0,
- "exclude_device_type_id": 254,
- "order_by": "id:false"
}{- "status": 1,
- "user_sync_status": 0
}This API is used to view device's configuration.
| id required | integer Example: 543720368 ID of the device which information will be viewed |
curl --request GET \ --url https://{baseurl}/api/devices/543720368/config \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view user statistics in a device.
| id required | integer Example: 538152248 ID of the device which will be viewed |
curl --request GET \ --url https://{baseurl}/api/devices/538152248/discover_userdata \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list device's capabilities such as fingerprint, wifi, etc.
object (DeviceCollectionID) | |||||||
| |||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": 544140034
}
]
}
}This API is used to sync device's data with BioStar X.
| clean | boolean Toggle true to delete data on the device before sync process. |
object (DeviceCollectionID) | |||||||
| |||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": 544140034
}
]
}
}This API is used to set a device state to unlocked.
Manually unlocked device state will persist until it's normalized.
object (DeviceCollectionID) | |||||||
| |||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": 544140034
}
]
}
}This API is used to view device's information using TCP.
This API only works for devices which haven't been added to BioStar X.
object | |||||||||
| |||||||||
{- "Device": {
- "lan": {
- "ip": "192.168.1.25",
- "device_port": 51211
}
}
}This API is used to search devices through UDP.
object | |||||||
| |||||||
{- "UdpSearchOption": {
- "timeout": 3,
- "with_rs485": true,
- "hide_known_devices": true
}
}This API is used to get the IP settings of a device which have not been added to BioStar X.
object | |||
| |||
{- "Device": {
- "id": 543408590
}
}This API is used to update IP settings on device which have not been added to BioStar X.
It is required to fill in the id parameter with the id of the device which the IP settings will be updated.
Fill in the required value on the respective parameters and remove those which is not required.
object | |||||||
| |||||||
{- "Device": {
- "id": 543408590,
- "lan": {
- "connection_mode": 0,
- "enable_dhcp": false,
- "use_dns": false,
- "ip": "192.168.1.25",
- "device_port": 51211,
- "gateway": "192.168.1.1",
- "subnet_mask": "255.255.255.0",
- "server_port": 51212,
- "server_ip": "192.168.1.5"
}, - "device_type_id": {
- "id": 31
}
}
}This API is used to connect a device which have been disconnected.
| id required | integer Example: 542353521 ID of the device which will be connected |
curl --request POST \ --url https://{baseurl}/api/devices/542353521/connect \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to disconnect a device connection from BioStar X.
| id required | integer Example: 542353521 ID of the device which will be disconnected |
curl --request POST \ --url https://{baseurl}/api/devices/542353521/disconnect \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to find wiegand device attached to master device.
| id required | integer Example: 544140034 ID of the master device |
curl --request POST \ --url https://{baseurl}/api/devices/544140034/discover_wiegand \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to find slave device attached to a master device.
| id required | integer Example: 544140034 ID of the master device |
curl --request POST \ --url https://{baseurl}/api/devices/544140034/discover \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to clear alarm from a device.
object | |||||||
| |||||||
{- "DeviceCollection": {
- "rows": [
- {
- "id": 542353521
}
]
}
}This API is used to view user data summary from a device.
| id required | integer Example: 543308153 |
| limit | integer Example: limit=20 Limit the number of response's records by the specified value. (Default= |
| page | integer Filter the response based on the specified page number. (Default= |
curl --request GET \ --url 'https://{baseurl}/api/devices/543308153/users?limit=20&page=0' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete user data on a device.
| id required | integer Example: 543720368 ID of the device which the user data will be deleted |
| id | string Example: id=* ID of the user which will be deleted. Use (*) for all user. |
curl --request DELETE \ --url 'https://{baseurl}/api/devices/543720368/users?id=*' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to export user data from a device to BioStar X.
| id required | integer Example: 538152248 ID of the device which the user data will be uploaded to. |
| id | integer Example: id=44004 ID of the user which will be uploaded. Use plus symbol ( + ) to separate multiple user ID, ex: 1+2+3. |
curl --request POST \ --url 'https://{baseurl}/api/devices/538152248/users/export?id=44004' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "UserCollection": {
- "total": "0",
- "rows": {
- "0": {
- "user_id": "44004",
- "name": "John Doe",
- "updated_count": "2",
- "disabled": false,
- "flag": "1",
- "cards_count": "0",
- "fingerprint_templates_count": "0",
- "face_count": "1",
- "start_datetime": "2001-01-01T00:00:00.00Z",
- "expiry_datetime": "2030-12-31T23:59:00.00Z",
- "security_level": "0",
- "private_operation_modes": "",
- "credentials": {
- "visualFaces": {
- "0": {
- "template_ex_normalized_image": "/9j/4AAQSkZJRgABAQAAAQABAAD...",
- "index": "0",
- "template": {
- "0": {
- "template_ex": "AAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3hoF9....",
- "credential_bin_type": "5"
}, - "1": {
- "template_ex": "AAADABEBywGIALIAZAcF/SBiVHcAAJkAAAAAAAAAAAB5h399....",
- "credential_bin_type": "5"
}, - "2": {
- "template_ex": "AAADAOcAyQGJALAAZA4J9ChYNXkAAJMAAAAAAAAAAAB3h4B+g4B....",
- "credential_bin_type": "5"
}, - "3": {
- "template_ex": "AAADAOEAfAGyANsAY+j+DStRTmQAAIcAAAAAAAAAAAB1h39+f3....",
- "credential_bin_type": "5"
}
}, - "flag": "1"
}
}
}
}
}
}, - "DeviceResponse": {
- "rows": {
- "0": {
- "id": "538152248",
- "code": "0"
}
}, - "result": "true"
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to list devices which connected using RS-485.
| dev_id required | integer Example: 542071155 ID of the device which will be viewed |
curl --request GET \ --url https://{baseurl}/api/devices/rs485/542071155 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all available door groups. It is required to put {} on the body parameter to run the API successfully.
{ }This API is used to view all door groups while sorting the response using available fields.
| order_by | string Sort the response records by value which inputted on this parameter
Available fields: |
{- "order_by": "depth:false"
}This API is used to create door groups. Known issue:
Duplicate group name within one parent group
Depth value not within 1-8
Using parent_id which doesn't exist will result in success but the created group will not be visible.
Using empty value on name will success creating a door with name: undefined. This door can't be deleted. To resolve this, update the door name then it will be able to be deleted.
object | |||||||
| |||||||
{- "DoorGroup": {
- "parent_id": {
- "id": 47
}, - "depth": 1,
- "name": "AAAAA5q"
}
}This API is used to delete door group.
Put the door's ID on the id parameters of this API to delete door.
Note:
Deleting parent group will also delete child group
Deleting groups with door(s) will also remove door(s) under that group. This will consequently remove doors from Access Levels
Can't delete groups with parent_id which doesn't exist
Can't delete groups with undefined name
| id | integer Example: id=33 ID of the door which will be deleted |
curl --request DELETE \ --url 'https://{baseurl}/api/door_groups?id=33' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update door group.
Put the door's ID on the id parameters of this API to update door.
Note:
| id required | integer Example: 42 |
object | |||||
| |||||
{- "DoorGroup": {
- "name": "New11",
- "parent_id": {
- "id": 45
}
}
}This API is used to view a Door details.
| id required | string Example: 1 ID of the door which will be viewed |
curl --request GET \ --url https://{baseurl}/api/doors/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update a Door details.
Leave the values to be edited, and remove everything else.
| id required | string ID of the door which will be updated |
object (Door) | |||||||||||||||||||||
| |||||||||||||||||||||
{- "Door": {
- "name": "Anywhere FS2",
- "description": "Test",
- "door_group_id": {
- "id": 1
}, - "open_timeout": 15,
- "open_duration": 5,
- "open_once": true,
- "unconditional_lock": true,
- "entry_device_id": {
- "id": 542353521
}, - "relay_output_id": {
- "device_id": {
- "id": 542353521
}, - "relay_index": 0
}, - "exit_button_input_id": {
- "device_id": {
- "id": 542353521
}, - "input_index": 0,
- "type": 1
}, - "sensor_input_id": {
- "device_id": {
- "id": 542353521
}, - "input_index": 1,
- "type": 1,
- "apb_use_door_sensor": 1
}
}
}This API is used to view Doors which is recorded on BioStar 2 database.
| limit | integer Limit the number of records according with the value specified |
| order_by | string Example: order_by=id:true Sort the records based on the id, toggle true/false to switch asceding/descending |
curl --request GET \ --url 'https://{baseurl}/api/doors?limit=0&order_by=id%3Atrue' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create a door.
object (Door) | |||||||||||||||||||||
| |||||||||||||||||||||
{- "Door": {
- "name": "Anywhere FS2",
- "description": "Test",
- "door_group_id": {
- "id": 1
}, - "open_timeout": 15,
- "open_duration": 5,
- "open_once": true,
- "unconditional_lock": true,
- "entry_device_id": {
- "id": 542353521
}, - "relay_output_id": {
- "device_id": {
- "id": 542353521
}, - "relay_index": 0
}, - "exit_button_input_id": {
- "device_id": {
- "id": 542353521
}, - "input_index": 0,
- "type": 1
}, - "sensor_input_id": {
- "device_id": {
- "id": 542353521
}, - "input_index": 1,
- "type": 1,
- "apb_use_door_sensor": 1
}
}
}This API is used to delete Door(s).
| id | string Example: id=1 ID of the door which will be deleted. To delete multiple doors, separate the IDs with space. |
curl --request DELETE \ --url 'https://{baseurl}/api/doors?id=1' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view door records from BioStar X.
It is required to at least put {} on the body for the API to run correctly.
| limit | integer Limit the number of records on the response according to the value specified |
| search_text | string Find records with the specified string |
| door_group_id | integer Limit the records to only those with |
| order_by | string Sort the response by stated value ( |
{- "limit": 25,
- "search_text": "",
- "door_group_id": 1,
- "order_by": "door_group_id.name:true"
}This API is used to view various door status information such as the door status, relay status, alarm and last event.
{- "monitoring_permission": true
}This API is used to clear alarms of all doors. If an alarm is
set in the Zone, the alarm may be continuously output even if the door alarm is released.
object (DoorCollection) | |||||||
| |||||||
{- "DoorCollection": {
- "rows": {
- "0": {
- "id": 35
}
}
}
}This example shows how to clear APB for specific user(s).
object (TimedAntiPassBackConfig) | |||||
| |||||
{- "AntiPassBackConfig": {
- "Door": {
- "DoorCollection": {
- "rows": {
- "0": {
- "id": 35
}
}
}
}, - "User": {
- "0": {
- "user_id": "10"
}, - "1": {
- "user_id": "12"
}
}, - "UserType": 2
}, - "target": "users:,[object Object],[object Object]"
}This API is used to lock a door manually. If you set the state to Manual Lock, the door will have remained inaccessible even if a user authentication succeeded.
object (DoorCollection) | |||||||
| |||||||
{- "DoorCollection": {
- "rows": [
- {
- "id": 0
}
]
}
}This API is used to unlock a door manually. If you set the state to Manual Unlock, the door will have remained accessible even if a user does not authenticate.
object (DoorCollection) | |||||||
| |||||||
{- "DoorCollection": {
- "rows": [
- {
- "id": 0
}
]
}
}This API is used to release the manual lock or manual unlock set by the administrator.
object (DoorCollection) | |||||||
| |||||||
{- "DoorCollection": {
- "rows": [
- {
- "id": 0
}
]
}
}This API is used to clear Timed APB access record.
object (TimedAntiPassBackConfig) | |||||
| |||||
{- "TimedAntiPassBackConfig": {
- "Door": {
- "DoorCollection": {
- "rows": {
- "0": {
- "id": 30
}
}
}
}, - "User": {
- "0": {
- "user_id": "1"
}
}, - "UserType": 2
}, - "target": "users:,[object Object]"
}{- "DeviceResponse": {
- "rows": {
- "0": {
- "id": "50335900",
- "code": "0"
}
}, - "result": "true"
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to open a door.
object (DoorCollection) | |||||||
| |||||||
{- "DoorCollection": {
- "rows": {
- "0": {
- "id": 35
}
}
}
}This API is used to list doors which use devices that connected to the system using RS485.
| id required | integer Example: 1 ID of the door which will be viewed |
curl --request GET \ --url https://{baseurl}/api/doors/rs485/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Retrieves the hierarchical structure of door groups and doors, including device and status information.
This endpoint is commonly used to populate door monitoring trees, access control dashboards, or group-based door management UIs.
| root_id | integer The ID of the root door group to start searching from. |
| max_recursion_depth | integer Maximum depth of recursive traversal through child groups. |
| collapsed_node_ids | Array of integers Fill with child group IDs to set |
{- "root_id": 1,
- "max_recursion_depth": 7,
- "collapsed_node_ids": {
- "0": 2
}
}This API is used to create elevator group.
object | |||||||||||||||||||
| |||||||||||||||||||
{- "ElevatorGroup": {
- "parent_id": {
- "id": 1
}, - "isElevatorGroups": true,
- "depth": 1,
- "sync_device_groups": { },
- "sync_devices": { },
- "inherited": true,
- "iconCls": "elevatorGroupIcon",
- "text": "New Elevator Group 2",
- "name": "New Elevator Group 2"
}
}This API is used to list elevator groups recorded in BioStar X.
It is required to at least put {} on body for the API to run correctly.
{ }This API is used to view elevator groups with criteria and permissions.
| order_by | string Sort the response records by value which inputted on this parameter
Available fields: |
{- "order_by": "depth:false"
}This API is used to update elevator group.
Up to 48 characters may be entered for an elevator group name.
| id required | string ID of the elevator group which will be updated |
object | |||||||||||||||||||
| |||||||||||||||||||
{- "ElevatorGroup": {
- "parent_id": {
- "id": 1
}, - "isElevatorGroups": true,
- "depth": 1,
- "sync_device_groups": { },
- "sync_devices": { },
- "inherited": true,
- "iconCls": "elevatorGroupIcon",
- "text": "New Elevator Group 2",
- "name": "New Elevator Group 2"
}
}This API is used to delete elevator group.
Deleting a group deletes all elevators in the group.
| id required | integer Example: 5 ID of the elevator group which will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/v2/elevator_groups/5 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create elevator.
The minimum values is name, elevator_group_id(id, name), reader_devices(id, name), control_device_id(id, name, device_type_id), floors(name, order, elevator_device_id, relay_index). The rest can be removed.
Controller - control_device_id
Select a device that controls the elevator access permission.
Only a master device can be selected.
You can select it from the list of registered devices.
Reader - reader_devices
Select a device you intend to use for authentication.
You can select a device among the master device, slave device, and Wiegand device.
You can select up to 4 readers.
OM-120 cannot be set as the reader.
Module - module_devices
Select OM-120 to control the elevator button relay.
Total Number of Floors - floors
Enter the total number of floors that you can move using the elevator.
object (Elevator) | |||||||||||||||||||||||
| |||||||||||||||||||||||
{- "Elevator": {
- "name": "Odds",
- "description": "Odds elevator",
- "elevator_group_id": {
- "id": 6,
- "name": "New Elevator Group 2"
}, - "reader_devices": {
- "0": {
- "device_id": {
- "id": "544140034",
- "name": "BioEntry W2 544140034 (192.168.1.24)"
}
}
}, - "control_device_id": {
- "id": "544140034",
- "name": "BioEntry W2 544140034 (192.168.1.24)",
- "device_type_id": {
- "id": "13",
- "name": "BioEntry W2"
}
}, - "floors": {
- "0": {
- "name": "Odds - 1",
- "elevator_device_id": {
- "device_id": {
- "id": 788930600,
- "name": "OM-120 788930600"
}, - "relay_index": 0
}, - "order": 0
}, - "1": {
- "name": "Odds - 2",
- "elevator_device_id": {
- "device_id": {
- "id": 788930600,
- "name": "OM-120 788930600"
}, - "relay_index": 1
}, - "order": 1
}, - "2": {
- "name": "Odds - 3",
- "elevator_device_id": {
- "device_id": {
- "id": 788930600,
- "name": "OM-120 788930600"
}, - "relay_index": 2
}, - "order": 2
}, - "3": {
- "name": "Odds - 4",
- "elevator_device_id": {
- "device_id": {
- "id": 788930600,
- "name": "OM-120 788930600"
}, - "relay_index": 3
}, - "order": 3
}
}, - "module_devices": {
- "0": {
- "device_id": {
- "id": "788930600",
- "name": "OM-120 788930600"
}
}
}, - "trigger_actions": { },
- "active_timeout": "10",
- "dual_authentication": {
- "device": 0,
- "approval_type": "0",
- "timeout": 15,
- "schedule_id": {
- "id": "1"
}, - "approval_groups": { }
}, - "tamper_device": {
- "device_id": { },
- "switch_type": "0"
}
}
}This API is used to delete elevator.
| id | string ID of the elevator which will be deleted |
curl --request DELETE \ --url 'https://{baseurl}/api/elevators?id=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list elevators recorder in BioStar X
It is required to at least put {} for the API to run correctly.
| limit | integer Limit the response records by the number specified on this parameter |
| search_text | string Search records based on the value specified |
| elevator_group_id | integer List elevators with specified group id |
| order_by | string Sort response by specified value |
{- "limit": 50,
- "search_text": "Odds",
- "elevator_group_id": 1,
- "order_by": "elevator_group_id:false"
}This API is used to view an elevator details.
| id required | integer Example: 32770 ID of the elevator which will be viewed |
curl --request GET \ --url https://{baseurl}/api/elevators/32770 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update an elevator configuration.
Leave values which will be edited and remove everything else.
| id required | integer Example: 32771 ID of the elevator which will be updated |
object (Elevator) | |||||||||||||||||||||||
| |||||||||||||||||||||||
{- "Elevator": {
- "name": "Odds",
- "description": "Odds elevator",
- "elevator_group_id": {
- "id": 6,
- "name": "New Elevator Group 2"
}, - "reader_devices": [
- {
- "device_id": {
- "id": "544140034",
- "name": "BioEntry W2 544140034 (192.168.1.24)"
}
}
], - "control_device_id": {
- "id": "544140034",
- "name": "BioEntry W2 544140034 (192.168.1.24)",
- "device_type_id": {
- "id": "13",
- "name": "BioEntry W2"
}
}, - "floors": [
- {
- "name": "Odds - 1",
- "elevator_device_id": {
- "device_id": {
- "id": 788930600,
- "name": "OM-120 788930600"
}, - "relay_index": 0
}, - "order": 0
}
], - "module_devices": [
- {
- "device_id": {
- "id": "788930600",
- "name": "OM-120 788930600"
}
}
], - "trigger_actions": { },
- "active_timeout": "10",
- "dual_authentication": {
- "device": 0,
- "approval_type": "0",
- "timeout": 15,
- "schedule_id": {
- "id": "1"
}, - "approval_groups": { }
}, - "tamper_device": {
- "device_id": { },
- "switch_type": "0"
}
}
}This API is used to view elevator status.
object (ElevatorCollection) | |||||||
| |||||||
{- "ElevatorCollection": {
- "rows": [
- {
- "id": 32770
}
]
}
}This API is used to lock elevator access to single/multiple floor manually. If you set the state to Manual Lock, the elevator will have remained inaccessible even if a user authenticatation succeeded.
floors:order correlates with order on GET /api/elevators/:id or with floor_id:index on POST /api/elevators/status
object (ElevatorCollectionFloor) | |||||||||
| |||||||||
{- "ElevatorCollection": {
- "rows": [
- {
- "id": 32770,
- "floor": {
- "order": 3
}
}
]
}
}This API is used to unlock an elevator manually. If you set the state to Manual Unlock, the elevator will have remained accessible even if a user does not authenticate.
floors:order correlates with order on GET /api/elevators/:id or with floor_id:index on POST /api/elevators/status
object (ElevatorCollectionFloor) | |||||||||
| |||||||||
{- "ElevatorCollection": {
- "rows": [
- {
- "id": 32770,
- "floor": {
- "order": 3
}
}
]
}
}This API is used to release the manual lock or manual unlock set by the administrator. When running this API, it will also reset the status caused by POST /api/elevators/open
floors:order correlates with order on GET /api/elevators/:id or with floor_id:index on POST /api/elevators/status
object (ElevatorCollectionFloor) | |||||||||
| |||||||||
{- "ElevatorCollection": {
- "rows": [
- {
- "id": 32770,
- "floor": {
- "order": 3
}
}
]
}
}This API is used to open a floor.
Will only works if the floor status is clear/default (not manually locked/unlocked or there's active alarm)
floors:order correlates with order on GET /api/elevators/:id or with floor_id:index on POST /api/elevators/status
object (ElevatorCollectionFloor) | |||||||||
| |||||||||
{- "ElevatorCollection": {
- "rows": [
- {
- "id": 32770,
- "floor": {
- "order": 3
}
}
]
}
}This API is used to clear alarms of all doors. If an alarm is
set in the Zone, the alarm may be continuously output even if the elevator alarm is released.
object (ElevatorCollection) | |||||||
| |||||||
{- "ElevatorCollection": {
- "rows": {
- "0": {
- "id": 32770
}
}
}
}This API is used to update a device's firmware.
Firmware file need to be placed on [BioStar X Install Path]\firmware folder.
Use /api/device_types to find device_type and device_type_id, find the device's name and get the id for the parameters value.
object | |
object |
{- "FirmwareFile": {
- "filename": "bs3-all_v1.1.1_20230621_sign.bin",
- "device_type": "35"
}, - "DeviceCollection": {
- "rows": [
- {
- "id": "538201713",
- "device_type_id": {
- "id": "35"
}
}
]
}
}This API is used to view firmwares information which is placed on folder [BioStar X Install Path]\firmware.
Response Information Table
| Device Type | Value |
|---|---|
| BS2_DEVICE_TYPE_UNKNOWN | 0 |
| BIOENTRY_PLUS | 1 |
| BIOENTRY_W | 2 |
| BIOLITE_NET | 3 |
| XPASS | 4 |
| XPASS_S2 | 5 |
| SECURE_IO_2 | 6 |
| DOOR_MODULE_20 | 7 |
| BIOSTATION_2 | 8 |
| BIOSTATION_A2 | 9 |
| FACESTATION_2 | 10 |
| IO_DEVICE | 11 |
| BIOSTATION_L2 | 12 |
| BIOENTRY_W2 | 13 |
| CORESTATION_40 | 14 |
| OUTPUT_MODULE | 15 |
| INPUT_MODULE | 16 |
| BIOENTRY_P2 | 17 |
| BIOLITE_N2 | 18 |
| XPASS2 | 19 |
| NOT USED | 20 |
| BIOENTRY_R2 | 21 |
| XPASS_D2 | 22 |
| DOOR_MODULE_21 | 23 |
| XPASS_D2_KEYPAD | 24 |
| FACELITE | 25 |
| XPASS2_KEYPAD | 26 |
| XPASS_D2_REV | 27 |
| XPASS_D2_KEYPAD_REV | 28 |
| FACESTATION_F2_FP | 29 |
| FACESTATION_F2 | 30 |
| XSTATION_2_QR | 31 |
| XSTATION_2 | 32 |
| IM_120 | 33 |
| XSTATION_2_FP | 34 |
| BIOSTATION_3 | 35 |
| 3RD_OSDP_DEVICE | 36 |
| 3RD_OSDP_IO_DEVICE | 37 |
| BIOSTATION_2A | 38 |
| UZ_OSDP_MODULE | 39 |
| UZ_OSDP_DOOR_HANDLE | 40 |
| UZ_OSDP_DOOR_KNOB | 41 |
| BIOENTRY_W3 | 42 |
| Card Model | Value |
|---|---|
| OMPW | 0 |
| OIPW | 1 |
| OEPW | 2 |
| OHPW | 3 |
| ODPW | 4 |
| OAPW | 5 |
| ODSPW | 6 |
| PMPW | 20 |
| PIPW | 21 |
| PEPW | 22 |
| PHPW | 23 |
| PDPW | 24 |
| PAPW | 25 |
| PDSPW | 26 |
| ALL | 30 |
Model Code
| Code | Position | Description |
|---|---|---|
| O | Front | Optical FP Sensor |
| P | Front | PIV Certified Optical FP Sensor |
| A | Middle | All Cards |
| M | Middle | Mifare & DESFire |
| I | Middle | iClass |
| E | Middle | EM |
| H | Middle | HID |
| D | Middle | Dual Frequency (Mifare/DESFire [13.56 MHz], EM [125 kHz]) |
| DS | Middle | Dual Frequency with SAM Card Slot |
| P | End | PoE |
| W | End | WiFi |
Note:
curl --request GET \ --url https://{baseurl}/api/firmwares \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view floor levels recorded on BioStar X.
| limit | string Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Offset the response shown by n records. |
| order_by | string Example: order_by=id:false Order the response result either ascending or descending |
curl --request GET \ --url 'https://{baseurl}/api/floor_levels?limit=SOME_STRING_VALUE&offset=SOME_STRING_VALUE&order_by=id%3Afalse' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create floor level.
You can configure the floor access privileges by using elevators and floor information.
Known errors:
nameobject (FloorLevel) | |||||||
| |||||||
{- "FloorLevel": {
- "name": "aaaax",
- "description": "aaaa",
- "floor_level_items": {
- "0": {
- "elevator_id": {
- "id": 32769,
- "floors": {
- "0": {
- "id": 5,
- "elevator_device_id": {
- "device_id": {
- "id": 100000115
}, - "relay_index": 4
}, - "index": 4
}
}
}, - "schedule_id": {
- "id": 1
}
}, - "1": {
- "elevator_id": {
- "id": 32769,
- "floors": {
- "0": {
- "id": 4,
- "elevator_device_id": {
- "device_id": {
- "id": 100000115
}, - "relay_index": 3
}, - "index": 3
}
}
}, - "schedule_id": {
- "id": 1
}
}
}
}
}This API is used to view the details of a floor level.
| id required | integer Example: 32769 ID of the floor level which will be viewed |
curl --request GET \ --url https://{baseurl}/api/floor_levels/32769 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update floor level. Known errors:
name| id required | integer Example: 32776 ID of the floor level which will be updated |
object (FloorLevel) | |||||||
| |||||||
{- "FloorLevel": {
- "name": "aaaaxxxx",
- "description": "aaaa",
- "floor_level_items": {
- "0": {
- "elevator_id": {
- "id": 32769,
- "floors": {
- "0": {
- "id": 5,
- "elevator_device_id": {
- "device_id": {
- "id": 100000115
}, - "relay_index": 4
}, - "index": 4
}
}
}, - "schedule_id": {
- "id": 1
}
}, - "1": {
- "elevator_id": {
- "id": 32769,
- "floors": {
- "0": {
- "id": 4,
- "elevator_device_id": {
- "device_id": {
- "id": 100000115
}, - "relay_index": 3
}, - "index": 3
}
}
}, - "schedule_id": {
- "id": 1
}
}
}
}
}This API is used to delete floor levels.
| id required | integer Example: 32775 ID of the floor level which will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/floor_levels/32775 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all schedules recorded on BioStar X.
| limit | string Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Offset the response shown by n records. |
curl --request GET \ --url 'https://{baseurl}/api/schedules?limit=SOME_STRING_VALUE&offset=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API example shows how to create daily schedule.
object (Schedule) | |||||||||||||||
| |||||||||||||||
{- "Schedule": {
- "name": "Daily",
- "description": "DDD",
- "daily_schedules": {
- "0": {
- "day_index": 0,
- "time_segments": {
- "0": {
- "start_time": 0,
- "end_time": 1380
}
}
}, - "1": {
- "day_index": 1,
- "time_segments": {
- "0": {
- "start_time": 1260,
- "end_time": 1320
}
}
}
}, - "holiday_schedules": { },
- "days_of_iteration": 2,
- "start_date": "2022-04-26T00:00:00.00Z",
- "use_daily_iteration": true
}
}This API is used to view a schedule detail recorded on BioStar X.
| id required | integer Example: 2 ID of the schedule which will be viewed |
curl --request GET \ --url https://{baseurl}/api/schedules/2 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete schedules recorded on BioStar X.
| id required | integer Example: 5 ID of the schedule which will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/schedules/5 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update a schedule.
| id required | string ID of the schedule which will be updated |
object (Schedule) | |||||||||||||||
| |||||||||||||||
{- "Schedule": {
- "name": "Daily",
- "description": "DDD",
- "daily_schedules": {
- "0": {
- "day_index": 0,
- "time_segments": {
- "0": {
- "start_time": 0,
- "end_time": 1380
}
}
}, - "1": {
- "day_index": 1,
- "time_segments": {
- "0": {
- "start_time": 1260,
- "end_time": 1320
}
}
}
}, - "holiday_schedules": { },
- "days_of_iteration": 2,
- "start_date": "2022-04-26T00:00:00.00Z",
- "use_daily_iteration": true
}
}This API is used to view all holiday groups recorded on BioStar X.
| limit | string Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Offset the response shown by n records. |
curl --request GET \ --url 'https://{baseurl}/api/holiday_groups?limit=SOME_STRING_VALUE&offset=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create holiday groups on BioStar X.
object (HolidayGroup) | |||||||
| |||||||
{- "HolidayGroup": {
- "name": "Idul Fitri 2022",
- "description": "Idul Fitri for year 2022",
- "holidays": {
- "0": {
- "repeat_interval": 0,
- "start_date": "2022-05-02T00:00:00.00Z"
}, - "1": {
- "repeat_interval": 0,
- "start_date": "2022-05-03T00:00:00.00Z"
}
}
}
}This API is used to update holiday groups on BioStar X.
| id required | string ID of the holiday group which will be updated. |
object (HolidayGroup) | |||||||
| |||||||
{- "HolidayGroup": {
- "name": "Idul Fitri 2022",
- "description": "Idul Fitri for year 2022",
- "holidays": {
- "0": {
- "repeat_interval": 0,
- "start_date": "2022-05-02T00:00:00.00Z"
}, - "1": {
- "repeat_interval": 0,
- "start_date": "2022-05-03T00:00:00.00Z"
}
}
}
}This API is used to delete holiday group.
| id required | integer Example: 1 ID of the holiday group which will be deleted |
curl --request DELETE \ --url https://{baseurl}/api/holiday_groups/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all Trigger & Actions.
| limit | string Limit the number of responses by n records. Remove this parameter to view all. |
| offset | string Offset the response shown by n records. |
curl --request GET \ --url 'https://{baseurl}/api/trigger_actions?limit=SOME_STRING_VALUE&offset=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
You can set the device or BioStar X to do a specific operation when a specific event has occurred at the devices, doors and zones.
object (TriggerAction) | |||||||||||
| |||||||||||
{- "TriggerAction": {
- "name": "Zone",
- "priority": 0,
- "schedule_id": {
- "id": 4
}, - "trigger": {
- "source_type": 3,
- "event_types": {
- "0": {
- "code": 41472
}, - "1": {
- "code": 38912
}
}, - "zones": {
- "0": {
- "id": "32794"
}, - "1": {
- "id": "32793"
}
}
}, - "action": {
- "email_action_id": {
- "receipients": {
- "0": "aaa@aaa.com"
}
}, - "smtp_id": {
- "id": 1
}
}
}
}This API is used to update Trigger/Actions.
| id required | integer Example: 2 ID of the Trigger & Actions which will be updated. |
object (TriggerAction) | |||||||||||
| |||||||||||
{- "TriggerAction": {
- "name": "Door",
- "priority": 0,
- "schedule_id": {
- "id": 3
}, - "trigger": {
- "source_type": 2,
- "event_types": {
- "0": {
- "code": 21504
}
}, - "doors": {
- "0": {
- "id": 5
}, - "1": {
- "id": 32
}
}
}, - "action": {
- "email_action_id": {
- "receipients": {
- "0": "agni@oxx.id",
- "1": "you@axx.id"
}
}, - "smtp_id": {
- "id": 1
}
}
}
}This API is used to view all Trigger & Actions.
| id required | integer Example: 2 ID of the Trigger & Action which will be deleted. |
curl --request DELETE \ --url https://{baseurl}/api/trigger_actions/2 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create multiple trigger actions.
object (MultipleTriggerAction) | |||||||||||||
| |||||||||||||
{- "TriggerAction": {
- "name": "sample triggeraction",
- "priority": 0,
- "schedule_id": {
- "id": 1
}, - "is_quick_action": "N",
- "trigger": {
- "source_type": 2,
- "event_types": {
- "0": {
- "code": 22016
}
}, - "devices": { },
- "doors": {
- "0": {
- "id": 1
}
}, - "zones": { }
}, - "action": {
- "device_action_id": {
- "device_id": {
- "id": 50355072
}, - "relay_signal_id": {
- "id": 1
}, - "relay_index": 0
}, - "email_action_id": {
- "receipients": {
- "0": "abc@xyz.co",
- "1": "abe@xyz.co"
}
}, - "smtp_id": {
- "id": 1
}, - "door_action": {
- "0": {
- "door_id": {
- "id": 1
}, - "door_signal": 346
}
}
}
}
}{- "TriggerAction": {
- "name": "ta 1",
- "priority": 0,
- "trigger": {
- "source_type": 1
}, - "schedule_id": {
- "id": 1
}, - "action": {
- "id": 800001,
- "device_action_id": {
- "device_id": {
- "id": 50355260
}, - "relay_index": 0,
- "relay_signal_id": {
- "id": 1
}
}, - "email_action_id": {
- "receipients": {
- "0": "wawe@test.com"
}
}, - "smtp_id": {
- "id": 1
}
}
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to delete multiple trigger actions by ID.
| id | string Trigger and Action ID(s). Delimit each ID by using plus symbol (+; ex: 1+2+3) |
curl --request DELETE \ --url 'https://{baseurl}/api/multiple/trigger_actions?id=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to update multiple trigger actions by ID.
| id required | string Trigger & Action's ID |
object (MultipleTriggerAction) | |||||||||||||
| |||||||||||||
{- "TriggerAction": {
- "name": "sample triggeraction",
- "priority": 0,
- "schedule_id": {
- "id": 1
}, - "is_quick_action": "N",
- "trigger": {
- "source_type": 2,
- "event_types": {
- "0": {
- "code": 22016
}
}, - "devices": { },
- "doors": {
- "0": {
- "id": 1
}
}, - "zones": { }
}, - "action": {
- "device_action_id": {
- "device_id": {
- "id": 50355072
}, - "relay_signal_id": {
- "id": 1
}, - "relay_index": 0
}, - "email_action_id": {
- "receipients": {
- "0": "abc1@xyz.co",
- "1": "abe2@xyz.co"
}
}, - "smtp_id": {
- "id": 1
}, - "door_action": {
- "0": {
- "door_id": {
- "id": 1
}, - "door_signal": 346
}
}
}
}
}{- "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to view trigger actions by ID.
| id required | string ID of the Trigger and Action which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/multiple/trigger_actions/{id} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "TriggerAction": {
- "name": "sample triggeraction",
- "priority": 0,
- "trigger": {
- "source_type": 2,
- "doors": [
- {
- "id": 1,
- "name": "door1"
}
], - "event_types": [
- {
- "code": 22016,
- "name": "FORCED_OPEN_ALARM"
}
]
}, - "schedule_id": {
- "id": 1,
- "name": "Always"
}, - "action": {
- "id": 1,
- "device_action_id": {
- "device_id": {
- "id": 50355072
}, - "relay_index": 0,
- "relay_signal_id": {
- "id": 1,
- "name": "Relay Signal 1",
- "delay": 0,
- "count": 0,
- "on_duration": 0,
- "off_duration": 0
}
}, - "email_action_id": {
- "receipients": {
- "0": "abc@xyz.co"
}
}, - "smtp_id": {
- "id": 1,
- "name": "SMTP Server",
- "smtp_server_addr": "smtp.example.com",
- "smtp_server_port": 587,
- "smtp_security": 1
}
}
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to trigger Quick Action by ID.
| id required | integer Example: 2 ID of the Quick Action which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/quick_action/2 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "QuickActionID": 1,
- "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to fetch Trigger Actions with Quick Action status enabled.
curl --request GET \ --url https://{baseurl}/api/v2/quick_action/alarm_set \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "alarm_sets": {
- "id": 1,
- "alarm_sets": [
- {
- "alarmSetUID": 1,
- "name": "ta 1",
- "prio": 0,
- "scheduleUID": 1,
- "alarmType": 1,
- "alarmActionUID": 800001,
- "quickAction": "Y"
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to fetch all configured quick actions.
curl --request GET \ --url https://{baseurl}/api/v2/quick_action \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "quick_action": [
- {
- "id": 1,
- "name": "qc 1",
- "description": "quick action test",
- "operator_levels": [
- {
- "id": 1,
- "permission": {
- "id": 1,
- "name": "Administrator",
- "description": "this is a permission for Administrator",
- "jsonText": "{\n \n \"module\": {\n \n \"Dashboard\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"User\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Device\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Door\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Elevator\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Zone\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"AccessControl\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Monitoring\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"TA\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Setting\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Video\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Visitor\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Report\": {\n \n \"read\": true,\n \n \"write\": true\n \n }\n \n },\n \n \"filter\": {\n \n \"UserGroup\": [\n \n 1\n \n ],\n \n \"DeviceGroup\": [\n \n 1\n \n ],\n \n \"DoorGroup\": [\n \n 1\n \n ],\n \n \"ElevatorGroup\": [\n \n 1\n \n ],\n \n \"ZoneType\": [\n \n \"-1\"\n \n ],\n \n \"AccessGroup\": [\n \n 0\n \n ],\n \n \"GraphicMapGroup\": [\n \n 1\n \n ]\n \n }\n \n }",
- "createdAt": "2023-11-06T10:00:55.000+00:00"
}
}
], - "order_number": 1,
- "status": "I",
- "confirm_before_run": "Y",
- "trigger_actions": {
- "id": 1,
- "alarm_sets": [
- {
- "alarmSetUID": 1,
- "name": "ta 1",
- "prio": 0,
- "scheduleUID": 1,
- "alarmType": 1,
- "alarmActionUID": 800001,
- "quickAction": "Y"
}
]
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to save/update/delete Quick Action.
To CREATE: Fill in all Quick Action(s) parameter (excluding ID). It is possible to create multiple Quick Action in one payload.
In the case creating new one while there's existing Quick Action(s), the new one doesn't require ID while the existing require it.
To DELETE: Fill in all Quick Action(s) parameter (including ID). Input all Quick Action(s) besides the one that will be deleted. To delete all, simply send an empty payload.
To UPDATE: Fill in all Quick Action(s) parameter (including ID). Input all Quick Action(s) including any which will not be updated.
Array of objects | |||||||||||||||
Array
| |||||||||||||||
{- "QuickActions": {
- "0": {
- "name": "qa 1",
- "description": "sfsf",
- "confirm_before_run": "Y",
- "operator_level_ids": {
- "0": 2,
- "1": 3
}, - "trigger_action_ids": {
- "0": 3
}, - "order_number": 1
}, - "1": {
- "name": "qa 2",
- "description": "dsfsdf",
- "confirm_before_run": "Y",
- "operator_level_ids": {
- "0": 1,
- "1": 254
}, - "trigger_action_ids": {
- "0": 4
}, - "order_number": 2,
- "id": 1
}
}
}{- "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to fetch Quick Actions by Permission ID.
| id required | string Permission ID of the Quick Action which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/v2/quick_action/permission/{id} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "quick_action": [
- {
- "id": 1,
- "name": "qc 1",
- "description": "quick action test",
- "operator_levels": [
- {
- "id": 1,
- "permission": {
- "id": 1,
- "name": "Administrator",
- "description": "this is a permission for Administrator",
- "jsonText": "{\n \n \"module\": {\n \n \"Dashboard\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"User\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Device\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Door\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Elevator\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Zone\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"AccessControl\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Monitoring\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"TA\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Setting\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Video\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Visitor\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Report\": {\n \n \"read\": true,\n \n \"write\": true\n \n }\n \n },\n \n \"filter\": {\n \n \"UserGroup\": [\n \n 1\n \n ],\n \n \"DeviceGroup\": [\n \n 1\n \n ],\n \n \"DoorGroup\": [\n \n 1\n \n ],\n \n \"ElevatorGroup\": [\n \n 1\n \n ],\n \n \"ZoneType\": [\n \n \"-1\"\n \n ],\n \n \"AccessGroup\": [\n \n 0\n \n ],\n \n \"GraphicMapGroup\": [\n \n 1\n \n ]\n \n }\n \n }",
- "createdAt": "2023-11-06T10:00:55.000+00:00"
}
}
], - "order_number": 1,
- "status": "I",
- "confirm_before_run": "Y",
- "trigger_actions": {
- "id": 1,
- "alarm_sets": [
- {
- "alarmSetUID": 1,
- "name": "ta 1",
- "prio": 0,
- "scheduleUID": 1,
- "alarmType": 1,
- "alarmActionUID": 800001,
- "quickAction": "Y"
}
]
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to fetch Quick Action information by ID.
| id required | string ID of the Quick Action which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/v2/quick_action/{id} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "quick_action": [
- {
- "id": 1,
- "name": "qc 1",
- "description": "quick action test",
- "operator_levels": [
- {
- "id": 1,
- "permission": {
- "id": 1,
- "name": "Administrator",
- "description": "this is a permission for Administrator",
- "jsonText": "{\n \n \"module\": {\n \n \"Dashboard\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"User\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Device\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Door\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Elevator\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Zone\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"AccessControl\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Monitoring\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"TA\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Setting\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Video\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Visitor\": {\n \n \"read\": true,\n \n \"write\": true\n \n },\n \n \"Report\": {\n \n \"read\": true,\n \n \"write\": true\n \n }\n \n },\n \n \"filter\": {\n \n \"UserGroup\": [\n \n 1\n \n ],\n \n \"DeviceGroup\": [\n \n 1\n \n ],\n \n \"DoorGroup\": [\n \n 1\n \n ],\n \n \"ElevatorGroup\": [\n \n 1\n \n ],\n \n \"ZoneType\": [\n \n \"-1\"\n \n ],\n \n \"AccessGroup\": [\n \n 0\n \n ],\n \n \"GraphicMapGroup\": [\n \n 1\n \n ]\n \n }\n \n }",
- "createdAt": "2023-11-06T10:00:55.000+00:00"
}
}
], - "order_number": 1,
- "status": "I",
- "confirm_before_run": "Y",
- "trigger_actions": {
- "id": 1,
- "alarm_sets": [
- {
- "alarmSetUID": 1,
- "name": "ta 1",
- "prio": 0,
- "scheduleUID": 1,
- "alarmType": 1,
- "alarmActionUID": 800001,
- "quickAction": "Y"
}
]
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to update various BioStar X settings.
object | |||||||||||||
| |||||||||||||
{- "BioStar": {
- "session_timeout": "216000",
- "server_port": "51212",
- "server_matching": {
- "matching-concurrency-count": 2,
- "use-server-matching": false,
- "security-level": 6,
- "fast-mode": true,
- "face-security-level": 1
}, - "user_sync_method": 1,
- "user_by_device_sync_method": 0,
- "log_sync_method": 0,
- "check_duplicate_id_at_devices": 0,
- "automatic_server_upgrade": 0,
- "upgrade_when": 0,
- "fingerprint_format": 0,
- "backup": {
- "use": false,
- "cycle": 2,
- "day": 28,
- "weekday": 2,
- "time": 10800,
- "path": ".\\bk",
- "overwritable": "false"
}, - "support_mobile_credential": "true",
- "language": "en",
- "server_addr": "",
- "delete_credential_after_aoc": "false",
- "secure_communication": {
- "mode": "0",
- "use_external_cert": "false",
- "enable_data_encryption": "false",
- "enable_db_data_encryption": "false",
- "ischanged_data_encryption": "false",
- "ischanged_db_data_encryption": "false",
- "enable_db_encryption": "false",
- "is_random_encryption_key": "true",
- "is_random_hash_key": "true",
- "has_encryption_key": "false",
- "has_hash_key": "true"
}, - "system_security": {
- "password_strength": "2",
- "use_password_update_cycle": "false",
- "password_update_cycle": "60",
- "use_allow_login_failed": "false",
- "allow_login_failed_count": "5",
- "allow_login_failed_minutes": "10",
- "use_allow_password_change": "false",
- "allow_password_change_count": "1",
- "use_allow_simultaneous_connection": "true"
}, - "web_request_timeout": "60",
- "imglog_dir": ".\\imagelog\\",
- "websocket_cors": "*",
- "enable_websocket_connection_bsSessionId": "false",
- "enckey_dir": "C:\\Program Files\\BioStar 2(x64)\\util",
- "device_event_log_skip_enroll_success_user": "false",
- "http": {
- "port": "80",
- "root_path": "html"
}, - "https": {
- "use_ssl": "1",
- "port": "443",
- "ssl_addr": "192.168.1.5",
- "server.ssl.key-store-password.use_enc": "1"
}, - "cloud": {
- "use_cloud": "0",
- "server_address": "api.biostar2.com",
- "http_port": "52000",
- "version": "v2",
- "sub_domain": "oddbit",
- "email": "team-suprema@oddbit.id",
- "account_id": "611dcbe1f3e8e50a179b105c",
- "email_use_enc": "1"
}, - "tna": {
- "use_tna": "true",
- "http_port": "3000",
- "https_port": "3002",
- "ngrok_port": "51000"
}, - "video": {
- "use_video": "true",
- "http_port": "3010",
- "https_port": "3012",
- "ngrok_port": "52002"
}, - "licenses": {
- "0": {
- "product_type": "1",
- "name": "biostar_def",
- "available": {
- "ZONE": "false",
- "ELEVATOR": "false",
- "SERVER_MATCHING": "false",
- "CLOUD": "false",
- "MOBILE_CARD": "false",
- "GRAPHICMAP": "false"
}, - "activated": "true"
}, - "1": {
- "product_type": "2",
- "name": "biostar_std",
- "activated": "false"
}, - "2": {
- "product_type": "3",
- "name": "biostar_tna",
- "activated": "false"
}, - "3": {
- "product_type": "4",
- "name": "biostar2_basic",
- "activated": "false"
}, - "4": {
- "product_type": "5",
- "name": "biostar2_std",
- "activated": "false"
}, - "5": {
- "product_type": "6",
- "name": "biostar2_adv",
- "available": {
- "ZONE": "true",
- "ELEVATOR": "true",
- "SERVER_MATCHING": "true",
- "CLOUD": "true",
- "MOBILE_CARD": "true",
- "GRAPHICMAP": "true"
}, - "activated": "true",
- "customer": "Oddbit",
- "expires_on": "permanent"
}, - "6": {
- "product_type": "7",
- "name": "biostar2_pro",
- "activated": "false"
}, - "7": {
- "product_type": "8",
- "name": "biostar2_ent",
- "activated": "false"
}, - "8": {
- "product_type": "9",
- "name": "biostar2_video",
- "activated": "false"
}, - "9": {
- "product_type": "10",
- "name": "biostar2_visitor",
- "activated": "false"
}, - "10": {
- "product_type": "11",
- "name": "biostar2_tna_std",
- "activated": "false"
}, - "11": {
- "product_type": "12",
- "name": "biostar2_tna_adv",
- "activated": "false"
}, - "12": {
- "product_type": "13",
- "name": "biostar2_tna_pro",
- "activated": "false"
}
}, - "mobile": {
- "use_mobile_credential": "1",
- "email": "agni@supremainc.com",
- "password": "****************",
- "mc_port": "443",
- "siteid": "6482",
- "site_type": "REGULAR"
}, - "log_level": {
- "enable": "true",
- "log_retain_days": "60",
- "level": "none",
- "filter": {
- "SYS": "info",
- "DBG": "none",
- "NET": "info",
- "WEB": "info",
- "SQL": "none",
- "WSS": "none"
}
}, - "server_ip_list": {
- "0": {
- "ip": "192.168.1.5",
- "version": "v4"
}
}, - "use_alphanumeric": "false",
- "is_set_new_administrator_password": "false",
- "ischanged_db_data_encryption": "false",
- "ischanged_data_encryption": "false",
- "eventlog": {
- "event_log_retain_days": "60",
- "active": "false"
}, - "log": {
- "log_retain_days": "60",
- "cron": "0 0 0 * * *",
- "path": "logs"
}
}
}This API is used to create user custom field(s) on BioStar X.
object (CustomFieldCollection) | |||||||||||||||
| |||||||||||||||
{- "CustomFieldCollection": {
- "rows": {
- "0": {
- "order": 5,
- "name": "text input box",
- "type": 0,
- "enable": true
}, - "1": {
- "order": 2,
- "name": "number input",
- "type": 1,
- "enable": true
}, - "2": {
- "order": 3,
- "name": "combo box",
- "type": 2,
- "data": "abc; def",
- "enable": true
}, - "3": {
- "order": 4,
- "name": "file upload",
- "type": 3,
- "enable": true
}
}
}
}{- "code": "0",
- "message": "Success",
- "by": "web"
}This example shows how to update custom field.
Note:
GET /api/setting/custom_fieldsPUT method.object (CustomFieldCollection) | |||||||||||||||
| |||||||||||||||
{- "CustomFieldCollection": {
- "rows": {
- "0": {
- "id": 1,
- "order": 1,
- "name": "text input box",
- "type": 0
}, - "1": {
- "id": 2,
- "order": 2,
- "name": "number input",
- "type": 1
}, - "2": {
- "id": 3,
- "order": 3,
- "name": "combo box",
- "type": 2,
- "data": "abc; def"
}, - "3": {
- "id": 4,
- "order": 4,
- "name": "file upload",
- "type": 3
}
}
}
}This API is used to delete user custom fields which recorded on BioStar X.
| id | string ID of the Custom Field(s) which will be deleted. Use space ( ) as separator for multiple IDs. |
curl --request DELETE \ --url 'https://{baseurl}/api/setting/custom_fields?id=SOME_STRING_VALUE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view all available user custom fields.
curl --request GET \ --url https://{baseurl}/api/setting/custom_fields \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "CustomFieldCollection": {
- "total": 5,
- "rows": {
- "0": {
- "id": 1,
- "name": "combo box 1",
- "type": 2,
- "order": 1,
- "data": "1; 2; 3"
}, - "1": {
- "id": 3,
- "name": "number input",
- "type": 1,
- "order": 2
}, - "2": {
- "id": 4,
- "name": "combo box 2",
- "type": 2,
- "order": 3,
- "data": "Option 1; Option 2"
}, - "3": {
- "id": 5,
- "name": "file upload",
- "type": 3,
- "order": 4
}, - "4": {
- "id": 2,
- "name": "text input box",
- "type": 0,
- "order": 5
}
}
}, - "Response": {
- "code": "0",
- "message": "Success"
}
}This API is used to view output signals which used on certain actions for setting the relay of the device to trigger in certain signals. The trigger & action from the device configuration is one of them.
curl --request GET \ --url https://{baseurl}/api/setting/output_signals \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to create output signal.
object | |||||||||||
| |||||||||||
{- "OutputSignal": {
- "name": "TestElevatorSignal2",
- "delay": 0,
- "count": 0,
- "on_duration": 0,
- "off_duration": 0
}
}This API is used to update output signal.
| id required | string ID of the output signal which will be updated. |
curl --request PUT \ --url https://{baseurl}/api/setting/output_signals/{id} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to delete output signal.
| id required | string ID of the output signal which will be deleted. |
curl --request DELETE \ --url https://{baseurl}/api/setting/output_signals/{id} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
If server matching enabled, the user’s fingerprint will be matched from BioStar X, not the device. The Server Matching can be used when the corresponding license is activated.
object | |||||||||||||||
| |||||||||||||||
{- "BioStar": {
- "server_matching": {
- "use-server-matching": false,
- "security-level": 6,
- "face-security-level": 1,
- "fast-mode": true,
- "matching-concurrency-count": 2
}
}
}This API is used to check BioStar X's version.
curl --request GET \ --url https://{baseurl}/js/info.json \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to test BioStar X connection with Windows Active Directory.
Successful connection will return code : 0.
See these articles for more information on connecting BioStar X with Active Directory:
Active Directory or Entra ID connection configuration parameters
| serverAddress required | string IP Address of the Domain Controller |
| userName required | string User Name which will be used to connect to the Domain Controller |
| password required | string <password> User Name's corresponding password |
| userDomainName required | string BaseDN of the Domain Controller |
| useSSL required | boolean Option to use encryption when communicating with a Windows Active Directory server. Install Active Directory Certificate Services and set the keystore password by referring to Active Directory Encryption. |
| adlogin required | boolean Enable logging into BioStar X using the Windows Active Directory account. |
| RedirectionUri required | string <uri> Required for Entra ID interworking. |
| adEnable required | string Set to 0. |
| adType required | string Enum: "A" "E" Interworking target classification. (Active Directory= |
| prevAdType required | string Enum: "A" "E" It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| prevDomainName required | string It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| prevServerAddr required | string It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| resetSync required | boolean Default: false Delete existing users and user groups due to changes in connection information and set them to |
| scheduleSyncInterval required | integer [ 0 .. 10080 ] Set the time interval for automatic synchronization. ( |
| syncEvtCheck required | boolean Settings for whether to leave event logs on BioStar X. ( |
| syncType required | string Enum: "N" "A" Toggle automatic synchronization. ( |
| useCustomField required | boolean Set this parameter to |
{- "serverAddress": "",
- "userName": "3323232-1111-33b6-a0a0-dfeq6bc7a762",
- "password": "asdfasdfas~!2sdfsdfasdf",
- "userDomainName": "test.onmicrosoft.com",
- "useSSL": false,
- "adlogin": false,
- "adEnable": "0",
- "adType": "E",
- "prevAdType": "E",
- "prevDomainName": "test.onmicrosoft.com",
- "prevServerAddr": "",
- "resetSync": false,
- "scheduleSyncInterval": 0,
- "syncEvtCheck": false,
- "syncType": "N",
- "useCustomField": true
}To run BioStar X AD APIs, it is required to be connected to the AD server.
This API is used to get User Group information from the Domain Controller.
It is required to put domain name information on the body.
The response value is returned in JSON format. At this time, Collection.rows.userGroups is used for the next user group update.
"DC=domain,DC=com"Based on the user group information queried in User Group Search, the user group which will be linked is updated.
Update the user group and save it to the Biostar X server.
| allUserGroup required | boolean Toggle True when selecting all User Groups. |
| dn required | string Domain Name |
| lastSyncVersion required | integer Set to 0 |
| userGroups required | Array of objects Put |
| userGroupFilters required | Array of objects Place the id and name of the user groups to be synchronized into an array. |
{- "allUserGroup": true,
- "dn": "DC=domain,DC=com",
- "lastSyncVersion": 0,
- "userGroups": {
- "0": {
- "id": 0,
- "dn": "oddtest.id",
- "name": "oddtest.id",
- "objectGuid": "oddtest.id",
- "children": {
- "0": {
- "id": 1,
- "dn": "OU=Domain Controllers,DC=oddtest,DC=id",
- "name": "Domain Controllers",
- "objectGuid": "0921243F0254453F3F3F72273F4F7C",
- "children": { },
- "isGroup": true
}
}, - "isGroup": true
}
}, - "userGroupFilters": {
- "0": {
- "id": 10,
- "name": "Guests"
}
}
}View group information, subgroup information and filter information that Active Directory or EntraID is using.
curl --request GET \ --url https://{baseurl}/api/v2/setting/adUserGroupFilterSetting \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "success",
- "by": "web"
}, - "Collection": {
- "total": 1,
- "rows": {
- "0": {
- "allUserGroup": false,
- "dn": "supremabss.onmicrosoft.com",
- "lastSyncVersion": 0,
- "userGroups": {
- "0": {
- "id": 0,
- "dn": "supremabss.onmicrosoft.com",
- "name": "supremabss.onmicrosoft.com",
- "objectGuid": "supremabss.onmicrosoft.com",
- "filter": false,
- "children": {
- "0": {
- "id": 1,
- "dn": "OU=A,DC=supremabss.onmicrosoft.com",
- "name": "A",
- "objectGuid": "e1dd535c-76ce-4181-9f3b-869eea61b0b1",
- "filter": true,
- "children": {
- "0": {
- "id": 2,
- "dn": "OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "B",
- "objectGuid": "9745e0df-1723-4c42-8ea5-febb02865f28",
- "filter": true,
- "children": {
- "0": {
- "id": 3,
- "dn": "OU=C,OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "C",
- "objectGuid": "8754dd0a-d1a6-455d-8ffc-04357322ff1e",
- "filter": true,
- "children": { },
- "depth": 3,
- "isGroup": true
}
}, - "depth": 2,
- "isGroup": true
}
}, - "depth": 1,
- "isGroup": true
}, - "1": {
- "id": 4,
- "dn": "OU=Test3,DC=supremabss.onmicrosoft.com",
- "name": "Test3",
- "objectGuid": "77952318-d550-4616-b516-6a65c3f44b57",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}, - "2": {
- "id": 5,
- "dn": "OU=Test4,DC=supremabss.onmicrosoft.com",
- "name": "Test4",
- "objectGuid": "cffad5c5-afe5-4029-a44e-4f67ba96baf9",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}, - "3": {
- "id": 6,
- "dn": "OU=Test9,DC=supremabss.onmicrosoft.com",
- "name": "Test9",
- "objectGuid": "ea407a19-c769-4db5-b4f6-c8e2ba28fc70",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}
}, - "depth": 0,
- "isGroup": true
}
}, - "userGroupFilters": {
- "0": {
- "id": 1,
- "dn": "OU=A,DC=supremabss.onmicrosoft.com",
- "name": "A",
- "objectGuid": "e1dd535c-76ce-4181-9f3b-869eea61b0b1",
- "filter": true,
- "children": {
- "0": {
- "id": 2,
- "dn": "OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "B",
- "objectGuid": "9745e0df-1723-4c42-8ea5-febb02865f28",
- "filter": true,
- "children": {
- "0": {
- "id": 3,
- "dn": "OU=C,OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "C",
- "objectGuid": "8754dd0a-d1a6-455d-8ffc-04357322ff1e",
- "filter": true,
- "children": { },
- "depth": 3,
- "isGroup": true
}
}, - "depth": 2,
- "isGroup": true
}
}, - "depth": 1,
- "isGroup": true
}, - "1": {
- "id": 2,
- "dn": "OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "B",
- "objectGuid": "9745e0df-1723-4c42-8ea5-febb02865f28",
- "filter": true,
- "children": {
- "0": {
- "id": 3,
- "dn": "OU=C,OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "C",
- "objectGuid": "8754dd0a-d1a6-455d-8ffc-04357322ff1e",
- "filter": true,
- "children": { },
- "depth": 3,
- "isGroup": true
}
}, - "depth": 2,
- "isGroup": true
}, - "2": {
- "id": 3,
- "dn": "OU=C,OU=B,OU=A,DC=supremabss.onmicrosoft.com",
- "name": "C",
- "objectGuid": "8754dd0a-d1a6-455d-8ffc-04357322ff1e",
- "filter": true,
- "children": { },
- "depth": 3,
- "isGroup": true
}, - "3": {
- "id": 4,
- "dn": "OU=Test3,DC=supremabss.onmicrosoft.com",
- "name": "Test3",
- "objectGuid": "77952318-d550-4616-b516-6a65c3f44b57",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}, - "4": {
- "id": 5,
- "dn": "OU=Test4,DC=supremabss.onmicrosoft.com",
- "name": "Test4",
- "objectGuid": "cffad5c5-afe5-4029-a44e-4f67ba96baf9",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}, - "5": {
- "id": 6,
- "dn": "OU=Test9,DC=supremabss.onmicrosoft.com",
- "name": "Test9",
- "objectGuid": "ea407a19-c769-4db5-b4f6-c8e2ba28fc70",
- "filter": true,
- "children": { },
- "depth": 1,
- "isGroup": true
}
}
}
}
}
}This API is used to set the user field configuration.
The payload is in the form of a JSON array.
Each array has BioStar X column name (columnm), AD column name (adcolumnm), whether to use (use), and column description (columnmdescription).
[
{"columnm":"usrid","adcolumnm":"sAMAccountName","use":"true","columnmdescription":"userid"} {"columnm":"nm","adcolumnm":"displayName" ,"use":"true","columnmdescription":"User NAME"}
]
If you set the payload as above, you can sync the username as well.
| columnm required | string BioStar X column name |
| adcolumnm required | string Active Directory column name |
| use required | string Whether to use this mapping |
| columnmdescription required | string Column description |
{- "0": {
- "columnm": "usrid",
- "adcolumnm": "initials",
- "use": "true",
- "columnmdescription": "User ID"
}, - "1": {
- "columnm": "nm",
- "adcolumnm": "displayName",
- "use": "true",
- "columnmdescription": "User Name"
}
}This API is used to synchronizes AD user information with Biostar X.
If there is no user group change or field reorganization then only this synchronization operation is sufficient.
serverAddress, userName, password, userDomainName, and useSSL must be sent in the payload.
lastSyncTime, lastSyncResult, lastUpdateTime fields on response are "recent sync time with ad server", "recent sync result", "recent update time of ad server information",
It can be checked through GET /api/v2/setting/adserversetting
| serverAddress required | string IP Address of the Domain Controller |
| userName required | string User Name which will be used to connect to the Domain Controller |
| password required | string <password> User Name's corresponding password |
| userDomainName required | string BaseDN of the Domain Controller |
| useSSL required | boolean Option to use encryption when communicating with a Windows Active Directory server. Install Active Directory Certificate Services and set the keystore password by referring to Active Directory Encryption. |
| adlogin required | boolean Enable logging into BioStar X using the Windows Active Directory account. |
| RedirectionUri required | string <uri> Required for Entra ID interworking. |
| adEnable required | string Set to 0. |
| adType required | string Enum: "A" "E" Interworking target classification. (Active Directory= |
| prevAdType required | string Enum: "A" "E" It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| prevDomainName required | string It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| prevServerAddr required | string It is required to enter the previous connection information when modifying the interworking target. If there is no change, enter the current connection information. |
| resetSync required | boolean Default: false Delete existing users and user groups due to changes in connection information and set them to |
| scheduleSyncInterval required | integer [ 0 .. 10080 ] Set the time interval for automatic synchronization. ( |
| syncEvtCheck required | boolean Settings for whether to leave event logs on BioStar X. ( |
| syncType required | string Enum: "N" "A" Toggle automatic synchronization. ( |
| useCustomField required | boolean Set this parameter to |
{- "adType": "E",
- "scheduleSyncInterval": 0,
- "syncType": "N",
- "useSSL": false,
- "adlogin": false,
- "adEnable": "0",
- "serverAddress": "",
- "userName": "3323232-1111-33b6-a0a0-dfeq6bc7a762",
- "password": "asdfasdfas~!2sdfsdfasdf",
- "userDomainName": "test.onmicrosoft.com",
- "syncEvtCheck": true,
- "prevAdType": "E",
- "prevDomainName": "",
- "prevServerAddr": "",
- "resetSync": false,
- "useCustomField": true
}curl --request GET \ --url https://{baseurl}/api/v2/setting/adserversetting \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "ADServerSettingCollection": {
- "total": 1,
- "rows": {
- "0": {
- "serverAddress": "192.111.22.3",
- "userName": "test",
- "password": "test1!",
- "userDomainName": "DC=test,DC=co,DC=kr",
- "lastSyncTime": 1748311298580,
- "lastSyncResult": "0",
- "lastUpdateTime": 1748311298580,
- "useSSL": false,
- "adlogin": false,
- "adType": "A",
- "scheduleSyncInterval": 0,
- "adEnable": "0",
- "syncEvtCheck": false,
- "resetSync": false,
- "targetUserIds": { }
}
}
}, - "Response": {
- "code": "0",
- "message": "success",
- "by": "web"
}
}Retrieves the mapping relationships between user attribute fields in BioStar X and those used in Active Directory or Entra ID.
Please note that the required mapping information differs between Entra ID and Active Directory.
curl --request GET \ --url https://{baseurl}/api/v2/setting/adusrmappinglist \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "ADUsrMappingCollection": {
- "total": 9,
- "rows": {
- "0": {
- "columnm": "userID",
- "adcolumnm": "none"
}, - "1": {
- "columnm": "userName",
- "adcolumnm": "displayName"
}, - "2": {
- "columnm": "email",
- "adcolumnm": "mail"
}, - "3": {
- "columnm": "phone",
- "adcolumnm": "businessPhones"
}, - "4": {
- "columnm": "expiry_datetime",
- "adcolumnm": "employeeLeaveDateTime"
}, - "5": {
- "columnm": "department",
- "adcolumnm": "department"
}, - "6": {
- "columnm": "user_title",
- "adcolumnm": "jobTitle"
}, - "7": {
- "columnm": "usergroup",
- "adcolumnm": "memberOf"
}
}
}, - "Response": {
- "code": "0",
- "message": "success",
- "by": "web"
}
}Retrieve user property information used by Active Directory or EntraID.
curl --request GET \ --url https://{baseurl}/api/v2/setting/adcolumnlist \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "List<String>": {
- "total": 286,
- "rows": {
- "0": {
- "seq": 208,
- "adcolumnm": "aboutMe",
- "adtype": "E"
}, - "1": {
- "seq": 209,
- "adcolumnm": "accountEnabled",
- "adtype": "E"
}, - "2": {
- "seq": 1,
- "adcolumnm": "accountExpires",
- "adtype": "A"
}, - "3": {
- "seq": 2,
- "adcolumnm": "accountNameHistory",
- "adtype": "A"
}, - "4": {
- "seq": 3,
- "adcolumnm": "aCSPolicyName",
- "adtype": "A"
}, - "5": {
- "seq": 4,
- "adcolumnm": "adminCount",
- "adtype": "A"
}
}
}, - "Response": {
- "code": "0",
- "message": "success",
- "by": "web"
}, - "ADColumnCollection": {
- "total": 286,
- "rows": {
- "0": {
- "seq": 208,
- "adcolumnm": "aboutMe",
- "adtype": "E"
}, - "1": {
- "seq": 209,
- "adcolumnm": "accountEnabled",
- "adtype": "E"
}, - "2": {
- "seq": 1,
- "adcolumnm": "accountExpires",
- "adtype": "A"
}, - "3": {
- "seq": 2,
- "adcolumnm": "accountNameHistory",
- "adtype": "A"
}, - "4": {
- "seq": 3,
- "adcolumnm": "aCSPolicyName",
- "adtype": "A"
}, - "5": {
- "seq": 4,
- "adcolumnm": "adminCount",
- "adtype": "A"
}
}
}
}Checks whether Entra ID SSO Login is enabled.
If the "BioStar X Login with Entra ID" option is enabled in the Directory Integration settings, the returned value is 'E'. If it is disabled (default), the value is 'D'.
curl --request GET \ --url https://{baseurl}/api/v2/setting/checkEntraIDSetting \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "code": "0",
- "message": "D",
- "by": "web"
}This API is used to view the email template for Visual Face and BioStar X QR.
curl --request GET \ --url https://{baseurl}/api/setting_email \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to set email template for Visual Face and BioStar X QR.
| email_type | integer Example: email_type=1 1:Visual face mobile enrollment contents, 2:QR credential contents |
| title required | string Enter the title of the email. |
| company_name required | string Enter the company name. |
| company_logo required | string Supported image file formats are GIF, JPG, JPEG, JPE, JFIF, PNG. |
| admin_contact required | string Enter the contact information of the person in charge. |
| use_setting required | boolean To use the enrollment set it as Use. If you set it as Not Use, BioStar X will be unable to send the visual face mobile enrollment link or QR to users. |
{- "title": "VisualFace",
- "company_name": "Suprema Inc.",
- "company_logo": "",
- "admin_contact": "admin@example.com",
- "use_setting": true
}This API is used to set email template for Visual Face and BioStar X QR.
| email_type | integer Example: email_type=1 1:Visual face mobile enrollment contents, 2:QR credential contents |
| title required | string Enter the title of the email. |
| company_name required | string Enter the company name. |
| company_logo required | string Supported image file formats are GIF, JPG, JPEG, JPE, JFIF, PNG. |
| admin_contact required | string Enter the contact information of the person in charge. |
| use_setting required | boolean To use the enrollment set it as Use. If you set it as Not Use, BioStar X will be unable to send the visual face mobile enrollment link or QR to users. |
{- "title": "VisualFace",
- "company_name": "Suprema Inc.",
- "company_logo": "",
- "admin_contact": "admin@example.com",
- "use_setting": true
}This API is used to view the SMTP (Simple Mail Transfer Protocol) for sending emails.
curl --request GET \ --url https://{baseurl}/api/setting/alarm_smtps \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to set the SMTP (Simple Mail Transfer Protocol) for sending emails.
Note:
When using an SMTP server with an email account that has two-factor authentication (2FA) enabled, be aware of the following:
object | |||||||||||||||||
| |||||||||||||||||
{- "AlarmSmtp": {
- "name": "smtp.example.com",
- "description": "Example SMTP Server",
- "smtp_server_addr": "smtp.example.com",
- "smtp_server_port": "587",
- "smtp_username": "user@example.com",
- "smtp_password": "pa$$word",
- "smtp_security": "2",
- "smtp_sender": "sender@example.com"
}
}This API is used to update the SMTP (Simple Mail Transfer Protocol) for sending emails.
Note:
When using an SMTP server with an email account that has two-factor authentication (2FA) enabled, be aware of the following:
Once 2FA is set up, the SMTP password is not the same as the email account password. Instead, it corresponds to an app password generated specifically for use with 2FA.
If you change the email account password, all existing app passwords are automatically revoked. As a result, the previously configured SMTP password will no longer work.
After changing the email account password, you must generate a new app password and update the SMTP settings with the new value.
| id required | string ID of the SMTP setting which will be updated. |
object | |||||||||||||||||
| |||||||||||||||||
{- "AlarmSmtp": {
- "name": "smtp.example.com",
- "description": "Example SMTP Server",
- "smtp_server_addr": "smtp.example.com",
- "smtp_server_port": "587",
- "smtp_username": "user@example.com",
- "smtp_password": "pa$$word",
- "smtp_security": "2",
- "smtp_sender": "sender@example.com"
}
}This API is used to test SMTP connection by sending an email to the specified address.
Do note that the address input here need to be a complete email address.
| target_email | string Target email address to send the test email. |
{- "target_email": "example@example.com"
}This API is used to view preference information.
| id required | integer Example: 1 ID of the user which preference will be viewed. |
curl --request GET \ --url https://{baseurl}/api/preferences/1 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update preference configuration.
| id required | integer Example: 1 |
object | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{- "Preference": {
- "language": "en",
- "date_format": "yyyy/MM/dd",
- "time_format": "HH:mm",
- "time_long_term_format": "HH:mm:ss",
- "time_zone": "25",
- "dst1": "0",
- "dst2": "0",
- "depend_on_os": true,
- "user_id": {
- "user_id": 6
}
}
}This API is used to add preference configuration.
object | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{- "Preference": {
- "language": "en",
- "date_format": "yyyy/MM/dd",
- "time_format": "HH:mm",
- "time_long_term_format": "HH:mm:ss",
- "time_zone": "25",
- "dst1": "0",
- "dst2": "0",
- "depend_on_os": true,
- "user_id": {
- "user_id": 6
}
}
}This feature allows external systems (e.g., mobile T&A apps) to send punch/access events directly to BioStar X without database-level integration.
To ensure data consistency, each event must be associated with a Virtual Device — a device record created inside BioStar X to represent the external source.
Notes:
Virtual Devices are non-functional placeholders and cannot be used for access control, doors, or Advanced AC features. Their only purpose is to logically link imported events to a known device identity.
BioStar X Event Log API license is required for the feature.
Use POST /api/v2/virtual_devices to create a new virtual device.
Usable ID range: 100001–999999
Ensure it’s not a duplicate ID or name.
Assign it to an existing device group.
GET /api/v2/virtual_devicesto confirm your virtual device is registered and visible.
Prepare your event payload with the same packet_device_id as the virtual device ID.
Ensure all timestamps are in UTC.
Use POST /api/events/import to upload multiple events at once.
After import, use existing endpoints such as:
POST /api/events/searchto confirm the events are visible in BioStar X event logs.
If an error occurs:
Check that is_virtual_device is "true".
Confirm all user_ids exist.
Verify datetime formatting (YYYY-MM-DDTHH:mm:ssZ).
Ensure the event code is either 4088 or 6400.
Registers a virtual device within BioStar X.
Each virtual device:
Must have a unique id (range: 100001–999999).
Cannot duplicate existing device IDs or names.
Appears in device lists when ?virtual=true is included in search queries.
Notes:
Virtual devices are non-functional placeholders (cannot control doors or perform access).
Once created, the device ID cannot be modified.
Virtual devices can be listed using GET /api/v2/devices/search?virtual=true.
required | object (VirtualDeviceInput) Root object containing virtual device details. | ||||||||
| |||||||||
{- "VirtualDevice": {
- "id": 100001,
- "name": "Virtual Device 100001",
- "description": "Virtual device for mobile punch import",
- "device_group_id": {
- "id": 1
}
}
}{- "VirtualDevices": [
- {
- "id": 100001,
- "name": "Virtual Device 100001",
- "description": "Virtual device for mobile punch import",
- "device_group_id": {
- "id": 1
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}Retrieve a list of registered virtual devices.
curl --request GET \ --url https://{baseurl}/api/v2/virtual_devices \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "VirtualDevices": [
- {
- "id": 100001,
- "name": "Virtual Device 100001",
- "description": "Virtual device for mobile punch import",
- "device_group_id": {
- "id": 1
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}Deletes one or more virtual devices based on provided IDs.
| id | integer Example: id=100002 ID of the Virtual Devices which will be deleted. Use plus symbol (+) to delimit multiple IDs (e.g. 10001+10002) |
curl --request DELETE \ --url 'https://{baseurl}/api/v2/virtual_devices?id=100002' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "Response": {
- "code": "0",
- "message": "Devices deleted successfully",
- "by": "web"
}
}Modify existing virtual device details. Only updatable fields need to be included.
| id required | integer Example: 100001 ID of the Virtual Device which will be modified. |
{- "VirtualDevice": {
- "device_group_id": {
- "id": 1
}
}
}{- "VirtualDevices": [
- {
- "id": 100001,
- "name": "Virtual Device 100001",
- "description": "Virtual device for mobile punch import",
- "device_group_id": {
- "id": 1
}
}
], - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}Imports external access events into the system.
Allows batch import of Access Granted (4088) and Access Denied (6400) events generated by a Virtual Device.
This is typically used when an external app generates punch logs (e.g., mobile attendance).
Each imported event is stored as a normal BioStar X event, visible in event logs and reports.
Important Rules
packet_device_id and every events[].dev_id must match.
Only virtual devices are allowed.
Only event codes 4088 or 6400 are permitted.
datetime must be in UTC (convert local time accordingly).
All user_ids must exist in the system.
Each imported event will be logged individually (one row per event).
Event import data containing device information and events array
| packet_device_id required | integer Must match |
| is_virtual_device required | boolean Indicates whether the device is virtual. Must be |
required | Array of objects (ImportEventItem) List of event objects to import. |
{- "packet_device_id": 100001,
- "is_virtual_device": true,
- "events": {
- "0": {
- "dev_id": 100001,
- "evt": 6400,
- "datetime": "2025-10-30T15:12:00Z",
- "user_id": "2",
- "tna_key": "1"
}, - "1": {
- "dev_id": 100001,
- "evt": 6400,
- "datetime": "2025-10-30T15:13:01Z",
- "user_id": "2",
- "tna_key": "1"
}
}
}{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to delete Mobile Access Card in Airfob Portal.
There are three variations in using this API:
Using Card ID
Using User ID
Using ALL parameter on User ID
To delete multiple card_id or user_id, separate each value with comma (,). Ex: ["1", "2", "3"]
This API only remove Mobile Access Card information from Airfob Portal. To remove Mobile Access credential from the user, use PUT /api/users/:id
object | |||||||||||
| |||||||||||
{- "MobileCollection": {
- "mobile": {
- "user_id": "ALL",
- "card_id": {
- "0": "1",
- "1": "2",
- "2": "3"
}, - "param": {
- "UserIDs": "ALL",
- "query": {
- "group_id": 1
}
}
}
}
}{- "failedUsers": { },
- "failedCards": { },
- "mobileUsers": {
- "0": "3",
- "1": "4"
}, - "status": 0,
- "errorMessage": "",
- "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to create Mobile Access Card in Airfob Portal.
Note:
ToM
Card AuthMode Mapping Table:
| cardAuthModeEx | cardAuthMode |
|---|---|
| 21 - Card | 2 - Card only |
| 22 - Card + Face | 3 - Card + Fingerprint |
| 23 - Card + Fingerprint | 3 - Card + Fingerprint |
| 24 - Card + PIN | 4 - Card + PIN |
| 25 - Card + Face or Fingerprint | 5 - Card + Fingerprint or PIN |
| 26 - Card + Face or PIN | 5 - Card + Fingerprint or PIN |
| 27 - Card + Fingerprint or PIN | 5 - Card + Fingerprint or PIN |
| 28 - Card + Face or Fingerprint or PIN | 5 - Card + Fingerprint or PIN |
| 29 - Card + Face + Fingerprint | 6 - Card + Fingerprint + PIN |
| 30 - Card + Face + PIN | 6 - Card + Fingerprint + PIN |
| 31 - Card + Fingerprint + Face | 6 - Card + Fingerprint + PIN |
| 32 - Card + Fingerprint + PIN | 6 - Card + Fingerprint + PIN |
| 33 - Card + Face or Fingerprint + PIN | 6 - Card + Fingerprint + PIN |
| 34 - Card + Face + Fingerprint or PIN | 6 - Card + Fingerprint + PIN |
| 35 - Card + Fingerprint + Face or PIN | 6 - Card + Fingerprint + PIN |
required | object | ||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||
{- "MobileCollection": {
- "mobile": {
- "user_id": {
- "0": "3"
}, - "name": {
- "0": "test2"
}, - "title": {
- "0": null
}, - "department": {
- "0": null
}, - "phone": {
- "0": null
}, - "email": {
- "0": "test2@suprema.com"
}, - "portraitData": {
- "0": null
}, - "card_id": {
- "0": "2"
}, - "startDate": {
- "0": 1703563320000
}, - "endDate": {
- "0": 1703649720000
}, - "startTime": {
- "0": 978274800000
}, - "endTime": {
- "0": 1924959540000
}, - "issueCount": {
- "0": 1
}, - "duressMask": {
- "0": null
}, - "useAlphanumericID": {
- "0": 0
}, - "cardAuthModeEx": {
- "0": 21
}, - "pin": {
- "0": null
}, - "accessGroupId": {
- "0": null
}, - "mobileCardType": {
- "0": "4"
}
}
}
}{- "MobileCollection": {
- "listMobile": [
- {
- "apisnddt": "2023-12-26T04:03:17.382Z",
- "userid": 2,
- "crdid": 2,
- "portalrslt": ""
}
], - "recordMobile": [
- {
- "number": 2,
- "status": "INACTIVE",
- "cardType": "REGULAR",
- "startDate": "0",
- "endDate": "253402300799000",
- "startTime": "978274800000",
- "endTime": "1924959540000",
- "name": "test2",
- "department": "",
- "title": "",
- "issueCount": 1,
- "cardAuthMode": 2,
- "cardAuthModeEx": 21,
- "mobileCardType": 4
}
]
}, - "Response": {
- "code": "0",
- "message": "Success",
- "by": "web"
}
}This API is used to fetch CSN Mobile information deleted from the list.
| limit | integer Example: limit=50 Limit the number of responses by n records. Remove this parameter to view all. |
| offset | integer Offset the response shown by n records. |
| search_type | string Example: search_type=DELETED_CSN_MOBILE Filter the response by card type (DELETED_CSN_MOBILE). |
curl --request GET \ --url 'https://{baseurl}/api/v2/cards/mobile/search?limit=50&offset=0&search_type=DELETED_CSN_MOBILE' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "CardCollection": {
- "rows": {
- "0": {
- "id": 11,
- "card_id": 1234,
- "user_id": 12,
- "user_name": "test3",
- "display_card_id": 1234,
- "card_type": {
- "id": 4,
- "name": "CSN Mobile",
- "type": 4
}
}, - "1": {
- "id": 12,
- "card_id": 5678,
- "user_id": 13,
- "user_name": "test4",
- "display_card_id": 5678,
- "card_type": {
- "id": 4,
- "name": "CSN Mobile",
- "type": 4
}
}, - "2": {
- "id": 15,
- "card_id": 2222,
- "user_id": 16,
- "user_name": "test7",
- "display_card_id": 2222,
- "card_type": {
- "id": 4,
- "name": "CSN Mobile",
- "type": 4
}
}
}, - "total": 3
}, - "Response": {
- "code": 0
}
}This API is used to delete CSN Mobile information.
| id | string Example: id=18,19,20 Card UID value, separate using comma (,). Use asterisk (*) to select all. |
curl --request DELETE \ --url 'https://{baseurl}/api/v2/cards/mobile/enable?id=18%2C19%2C20' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to count deleted CSN Mobile information.
| cardUids required | string List of Mobile Card UID(s) which will be counted, separated by comma (,). |
{- "cardUids": "11,12,13,16,17"
}{- "CardCollection": {
- "count": 2
}, - "Response": {
- "code": "0"
}
}This API is used to download exported CSV files from BioStar X Server.
Supports downloading both user-related CSV files and events-related CSV files. The system automatically detects the file type based on the filename pattern.
Supported File Types:
POST /api/users/csv_exportPOST /api/events/exportUsage:
csv_export for users, export for events)| csv_filename required | string Examples:
Name of the CSV file to download (supports both user and events files) |
curl --request GET \ --url https://{baseurl}/download/User_Import_Error_20220124T143708.csv \ --header 'bs-session-id: REPLACE_KEY_VALUE'
When query events through Search Events (/api/events/search), events that contain image logs include the response fields.
The image_data value can be used to retrieve the corresponding image file.
| image_data required | string (String, Required) – The identifier of the image, obtained from the event search response. |
curl --request GET \ --url https://{baseurl}/api/events/images/{image_data} \ --header 'bs-session-id: REPLACE_KEY_VALUE'
{- "image_id": {
- "image_data": 1.7550623415478388e+24,
- "image_type": "JPG",
- "photo": "false"
}
}This API is used to view events with thermal data.
Parameters on this API is the same as Search Events.
{- "Query": {
- "limit": 51,
- "conditions": {
- "0": {
- "column": "datetime",
- "operator": 3,
- "values": {
- "0": "2021-01-27T16:00:00.000Z",
- "1": "2022-01-28T15:59:59.000Z"
}
}
}, - "orders": {
- "0": {
- "column": "datetime",
- "descending": false
}
}
}
}This API is used to export events to a .csv file. Exported .csv will be saved on BioStar X Server installation path. To get it from the server, use Download Events Exported CSV API.
| time_offset | integer Example: time_offset=480 Shift time on the exported file by n minutes |
| use_centigrade | boolean Example: use_centigrade=true Toggle for the use of centigrade |
object (ExportCSV) | |||||||||
| |||||||||
{- "Query": {
- "conditions": {
- "0": {
- "column": "datetime",
- "operator": 3,
- "values": {
- "0": "2022-01-27T16:00:00.000Z",
- "1": "2022-01-28T15:59:59.000Z"
}
}
}, - "offset": 0,
- "columns": {
- "0": "datetime",
- "1": "door_id.name",
- "2": "device_id.id",
- "3": "device_id.name",
- "4": "user_group_id",
- "5": "user_id",
- "6": "temperature",
- "7": "event_type_id",
- "8": "tna_key"
}, - "headers": {
- "0": "Date",
- "1": "Door",
- "2": "Device ID",
- "3": "Device",
- "4": "User Group",
- "5": "User",
- "6": "Temperature",
- "7": "Event",
- "8": "TNA Key"
}
}
}This example shows how to use the parameters on this API to filter responses according to the datetime of the alert events.
object | |||||
| |||||
{- "Query": {
- "conditions": {
- "0": {
- "column": "event_id.datetime",
- "operator": 3,
- "values": {
- "0": "2023-02-02T00:00:00.00Z",
- "1": "2023-02-03T00:00:00.00Z"
}
}
}, - "orders": {
- "0": {
- "column": "event_id.datetime",
- "descending": true
}
}
}
}This API is used to log alertable: true events (GET /api/event_types) to Alert Collection (POST /api/alerts/search)
| alert_id required | integer Example: 1.643790735054372e+29 Unique ID recorded on hint parameter (POST /api/events/search) |
object | |||||||||
| |||||||||
{- "Alert": {
- "event_id": {
- "datetime": "2022-02-02T00:00:00.00Z"
}, - "status": 1,
- "ack_user_id": {
- "user_id": "1"
}, - "ack_message": "test"
}
}This API is used to view a muster zone status.
| id required | integer Example: 32787 |
object | |||
| |||
{- "Query": {
- "limit": 51
}
}This API is used to view Audit Trail logs.
It is possible to use multiple conditions in a request. Separate each condition using comma (,).
Example: [ {condition 1}, {condition 2}, .. ]
Search criteria and pagination settings for audit trail logs
required | object Search query configuration with conditions and pagination | ||||||||
| |||||||||
{- "Query": {
- "offset": 0,
- "limit": 5,
- "conditions": {
- "0": {
- "column": "DATE",
- "operator": 3,
- "values": {
- "0": "2024-02-17T16:00:00.000Z",
- "1": "2024-03-18T15:59:59.000Z"
}
}
}, - "total": false
}
}This API is used to filter user by the specified input.
Do note the API will only show records of user which have Audit Trail logs only.
object (AuditSearchRequest) | |||||||
| |||||||
{- "Userlist": {
- "search": "ag",
- "limit": 201,
- "offset": 0
}
}This API is used to filter Operator Level by the specified input.
Do note the API will only show records of Operator Level which have Audit Trail logs only.
object (AuditSearchRequest) | |||||||
| |||||||
{- "Permlist": {
- "search": "ag",
- "limit": 201,
- "offset": 0
}
}This API is used to filter IP records by the specified input.
Do note the API will only show records which have Audit Trail logs only.
object (AuditSearchRequest) | |||||||
| |||||||
{- "Iplist": {
- "search": "ag",
- "limit": 201,
- "offset": 0
}
}This API is used to filter Target records by the specified input.
Do note the API will only show records which have Audit Trail logs only.
object (AuditSearchRequest) | |||||||
| |||||||
{- "Targetlist": {
- "search": "ag",
- "limit": 201,
- "offset": 0
}
}This API is used to generate CSV file based on the parameters. Make use of Events\Download Events Exported CSV API to download the exported CSV.
| time_offset | integer Example: time_offset=480 Adjust the time value according to the required Time Zone. If the required TZ is UTC+8, then the value will be 480 (60 x 8). |
object (ExportCSV) | |||||||||
| |||||||||
{- "Query": {
- "offset": 0,
- "conditions": {
- "0": {
- "column": "DATE",
- "operator": 3,
- "values": {
- "0": "2024-02-17T16:00:00.000Z",
- "1": "2024-03-18T15:59:59.000Z"
}
}
}, - "columns": {
- "0": "DATE",
- "1": "USRID",
- "2": "PERM",
- "3": "IP",
- "4": "MENU",
- "5": "TARGET",
- "6": "METHOD",
- "7": "CONTENT"
}, - "headers": {
- "0": "Datetime",
- "1": "User",
- "2": "Operator Level",
- "3": "IP",
- "4": "Category",
- "5": "Target",
- "6": "Action",
- "7": "Modification"
}
}
}Interlock zone monitors the status of two or more doors by door sensor and relay state to control that one door cannot be opened or close if other doors are open or unlocked. You can also disable access if a user stays within the zone.
An interlock zone can be configured with up to 4 doors.
An interlock zone can only set the doors with the devices connected to the CoreStation.
A device set as an interlock zone cannot be set to another zone.
A door set as an interlock zone cannot be set to another zone other than the fire alarm zone.
required | object | ||||||||||||
| |||||||||||||
{- "Zone": {
- "name": "IN1",
- "description": "",
- "zone_type": 7,
- "is_global": 0,
- "enable": 1,
- "inter_lock": {
- "doors": {
- "0": {
- "id": 2
}, - "1": {
- "id": 3
}
}, - "sensor_inputs": {
- "0": {
- "device": {
- "id": 546091003
}, - "input_index": 0,
- "duration": 300,
- "normal_open": 0,
- "input_type": "input"
}
}, - "alarm_actions": {
- "0": {
- "input_event_id": 41472,
- "output_type": 3,
- "output_device_id": {
- "id": 546091003,
- "buzzer": true
}, - "output_buzzer_volume": 1
}
}
}
}
}curl --request GET \ --url https://{baseurl}/api/zones \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This endpoint allows administrators to reset the Anti-Passback state within a zone. It can be applied either to all users in the zone or to a specific set of users
Response Codes:
200 OK: Request successful
400 Bad Request (Code 671): Zone ID mismatch (zone not found)
401 Unauthorized: Login required or invalid session token
object | |
Array of objects List of user objects with user_id. Required when UserType= |
{- "AntiPassBackConfig": {
- "Zone": {
- "ZoneCollection": {
- "rows": {
- "0": {
- "id": "32774"
}
}
}
}, - "UserType": 1
}
}{- "code": "0",
- "message": "Success",
- "by": "web"
}This API is used to update a Zone.
| id required | string ID of the Zone which will be updated. |
object | |||||||||||||
| |||||||||||||
{- "Zone": {
- "name": "testmuster1",
- "zone_type": 8,
- "is_global": 1,
- "enable": 1,
- "status": 64,
- "muster": {
- "access_groups": {
- "0": {
- "id": "1"
}
}, - "entry_devices": {
- "0": {
- "id": "731"
}
}, - "exit_devices": {
- "0": {
- "id": "729"
}
}, - "time_limit": "1200",
- "alarm_actions": { }
}
}
}This API is used to delete a Zone.
| id required | integer Example: 32786 ID of the zone which will be deleted. |
curl --request DELETE \ --url https://{baseurl}/api/zones/32786 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to view a zone detailed information.
| id required | integer Example: 32787 ID of the zone which will be viewed. |
curl --request GET \ --url https://{baseurl}/api/zones/32787 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Create and manage occupancy limit zones to control population density in specific areas and prevent overcrowding.
You can monitor occupancy status and set alerts when zones reach capacity.
Capacity: Up to 100 occupancy limit zones can be added.
Compatible Devices:
Important Notes:
| time_zone | integer Default: 26 Example: time_zone=25 Time Zone ID for system operations. Affects timing calculations based on UTC offset. Available Time Zones:
|
| is_enabled required | integer Enum: 0 1 Deactivate the occupancy limit zone. If the zone is deactivated, both Count that refers to the number of users in the zone and Count Bypass settings will be initialized. Select Active to enable it. ( |
| name required | string [ 1 .. 48 ] characters Enter an occupancy limit zone name. Name can be up to 48 characters in length and cannot be set to the same name as other zones. |
| zone_type required | integer View the zone type. |
| status required | integer Current status of the zone |
required | object |
{- "is_enabled": 1,
- "name": "OccupancyZone1",
- "zone_type": 11,
- "status": 0,
- "occupancy_detail": {
- "limit_count": 100,
- "entry_devices": {
- "0": "543720368"
}, - "exit_devices": {
- "0": "542353521"
}, - "almost_full_alert_setting": {
- "level": 1,
- "step_1": 95,
- "step_2": 0
}, - "auto_reset_count_time": {
- "is_enabled": 1,
- "minute": 1439
}, - "network_fail_action": 0,
- "bypass_groups": [
- {
- "acsgruid": 1
}
]
}
}curl --request DELETE \ --url https://{baseurl}/api/v2/zones/occupancy \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list all configured Occupancy Zone.
curl --request GET \ --url https://{baseurl}/api/v2/zones/occupancy \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to update occupancy zone configuration.
| id required | integer Example: 32784 ID of the occupancy zone which will be updated. |
| time_zone | integer Default: 26 Example: time_zone=25 Time Zone ID for system operations. Affects timing calculations based on UTC offset. Available Time Zones:
|
| is_enabled required | integer Enum: 0 1 Deactivate the occupancy limit zone. If the zone is deactivated, both Count that refers to the number of users in the zone and Count Bypass settings will be initialized. Select Active to enable it. ( |
| name required | string [ 1 .. 48 ] characters Enter an occupancy limit zone name. Name can be up to 48 characters in length and cannot be set to the same name as other zones. |
| zone_type required | integer View the zone type. |
| status required | integer Current status of the zone |
required | object |
{- "is_enabled": 1,
- "name": "OccupancyZone1",
- "zone_type": 11,
- "status": 0,
- "occupancy_detail": {
- "limit_count": 100,
- "entry_devices": {
- "0": "543720368"
}, - "exit_devices": {
- "0": "542353521"
}, - "almost_full_alert_setting": {
- "level": 1,
- "step_1": 95,
- "step_2": 0
}, - "auto_reset_count_time": {
- "is_enabled": 1,
- "minute": 1439
}, - "network_fail_action": 0,
- "bypass_groups": [
- {
- "acsgruid": 1
}
]
}
}This API is used to view details of an Occupancy Zone.
| id required | integer Example: 32784 ID of the Occupancy Zone which will be viewed. |
| time_zone | integer Example: time_zone=25 |
curl --request GET \ --url 'https://{baseurl}/api/v2/zones/occupancy/32784?time_zone=25' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to search Occupancy Zone by name.
| id required | string Example: occ Name of the Occupancy Zone which will be searched. |
curl --request GET \ --url https://{baseurl}/api/v2/zones/occupancy/search/occ \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to get a list of dual authentication devices.
curl --request GET \ --url https://{baseurl}/api/v2/zones/occupancy/devices/dual \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to list assigned devices on a Occupancy Zone.
| id required | integer Example: 32784 ID of the Occupancy Zone |
curl --request GET \ --url https://{baseurl}/api/v2/zones/occupancy/devices/32784 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to increase an occupancy count.
Count will be higher or equal to 0 and will be lower or equal to Count Limit.
| id required | integer Example: 32784 ID of the Occupancy Limit. |
curl --request PUT \ --url https://{baseurl}/api/v2/zones/occupancy/count/increase/32784 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to decrease an occupancy count.
Count will be higher or equal to 0 and will be lower or equal to Count Limit.
| id required | integer Example: 32784 ID of the Occupancy Limit |
curl --request PUT \ --url https://{baseurl}/api/v2/zones/occupancy/count/decrease/32784 \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This API is used to set and occupancy limit count.
Count value will be higher or equal to 0 and will be lower or equal to Count Limit.
| id required | integer Example: 32784 ID of the Occupancy Limit. |
| count required | integer Set count value |
{- "count": 85
}This API is used to reset current counts and bypass counts of the occupancy limit zone.
| ids | Array of integers List of Occupancy Zone IDs which will be reset. |
{- "ids": {
- "0": 32784
}
}This API is used to disable Occupancy Limit Zone.
{- "ids": {
- "0": 32784
}
}This API is used to enable Occupancy Limit Zone.
{- "ids": {
- "0": 32784
}
}This API is used for listing event types recorded on BioStar X.
| is_break_glass | boolean Filter event types which is marked as break glass. |
| setting_alert | boolean Toggle |
| setting_all | boolean Example: setting_all=true Toggle true to list all events recorded on database. |
curl --request GET \ --url 'https://{baseurl}/api/event_types?is_break_glass=false&setting_alert=false&setting_all=true' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
This example shows how to view event log from device with id: 543308153 (device timezone set as UTC+8) and log with datetime between 2022-06-01 00:05 to 2022-06-30 23:58.
Note that the datetime used on the API criteria is different from what the user would like to see. This is because the device was set to use UTC+8, so to view the correct log, use datetime which have been converted to UTC-0.
object | |||||||
| |||||||
{- "Query": {
- "limit": 5,
- "conditions": {
- "0": {
- "column": "datetime",
- "operator": 3,
- "values": {
- "0": "2022-05-31T16:05:00.000Z",
- "1": "2022-06-30T15:58:00.000Z"
}
}, - "1": {
- "column": "device_id",
- "operator": 0,
- "values": {
- "0": "543308153"
}
}
}, - "orders": {
- "0": {
- "column": "datetime",
- "descending": true
}
}
}
}After logged in, use this API to view the User ID setting of the BioStar X, is it AlphaNumeric or Number.
It can be seen on parameter use_alphanumeric, if the value is false then the current setting for User ID is Number, else it's AlphaNumeric.
curl --request GET \ --url https://{baseurl}/api/setting/biostar \ --header 'bs-session-id: REPLACE_KEY_VALUE'
After User ID setting of BioStar X is confirmed, use this API to get the next user_id for new user.
This API will only shows next available ID in number format.
Keep this ID for input on user_id parameter when creating new user.
curl --request GET \ --url https://{baseurl}/api/users/next_user_id \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Next step on creating a new user it to enroll the credential that the user will be using. Either it's Card, Face, Visual Face or Fingerprint.
This API is used to enroll card credential using the specified device.
Keep the card_id value on the response which shows after running this API to apply it to the user which will be created.
To view device(s) with capability to enroll a card, use View Device(s) Based on Enrollment Type API.
| id required | integer Example: 543720368 ID of the device which will be used for enrollment |
curl --request POST \ --url https://{baseurl}/api/devices/543720368/scan_card \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Use this API to enroll face credential from a device.
Set the pose_sensitivity to 0 if you're doing a Visual Face scan.
Keep the response of this API after running to apply it to the user which will be created.
To view device(s) with capability to enroll Face/Visual Face, use View Device(s) Based on Enrollment Type API.
| id required | integer Example: 543408590 ID of the device which will be used to enroll |
| pose_sensitivity | integer Example: pose_sensitivity=4 Set the sensitivity for the position, angle, and distance of a face when registering the face. Set the sensitivity high if you wish to obtain a detailed face template. 0-9 |
curl --request GET \ --url 'https://{baseurl}/api/devices/543408590/credentials/face?pose_sensitivity=4' \ --header 'bs-session-id: REPLACE_KEY_VALUE'
Use this API to scan a fingerprint.
On calling this API, it is required to specify the device which will be used as fingerprint scanner. It is done by specifying Device ID on the API Path, which marked by :dev_id.
The procedure to add a fingerprint as follows:
POST /api/server_matching/identify_finger to check if it's already existPOST /api/devices/:dev_id/verify_fingerprint to make sure that 1st and 2nd scan are the same finger Verify Fingerprint Scan, keep the value of template 0 and 1 to assign the enrolled finger to a user using POST|PUT /api/users/:id| dev_id required | integer Example: 544140034 Unique identifier of the device to perform fingerprint scanning |
required | object |
| noblockui required | boolean |
{- "ScanFingerprintOption": {
- "enroll_quality": 80,
- "raw_image": false
}, - "noblockui": true
}After preparing available user_id and credential(s), use this API to create a new user using the basic configuration.
For applying configuration beyond this, such as credential(s) or custom fields, refer to the subsequent example.
When Setting > Server is set to Number, you can make use of endpoint /api/users/next_user_id to automatically get the next user_id.
Known validation errors:
name is more than 48 charactersuser_id, email, or login_idrequired | object | ||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||
{- "User": {
- "user_id": "1001",
- "name": "John Doe",
- "user_group_id": {
- "id": "1"
}, - "disabled": false,
- "start_datetime": "2001-01-01T00:00:00.00Z",
- "expiry_datetime": "2030-12-31T23:59:00.00Z",
- "email": "john.doe@example.com",
- "department": "Engineering",
- "title": "Software Engineer",
- "photo": "",
- "phone": "+1-555-0123",
- "permission": {
- "id": "1"
}, - "access_groups": [
- {
- "id": "1"
}
], - "login_id": "john.doe",
- "password": "ZxwOzbCK2VQ1dyv",
- "user_ip": "192.168.1.100",
- "pin": 1234
}
}