Deep links for cardholder management in XProtect Access

Wednesday, 13 April 2016

Author: Ole Lennert

Product News

XProtect Access 2016 supports cardholder management from within the Access Control workspace of the Smart Client, if your plugin and the integrated access control system supports it.

The actual implementation of cardholder management uses deep links. A deep link is a URL exposed in the user interface alongside the cardholder information. It is up to your XProtect Access plugin to ensure that when the user clicks on the link, the expected operation is performed. A deep link could lead to, or be used with a URL-based API to enable and/or disable a cardholder. Of course, it can also lead the user to a webpage where the cardholder information stored in the access control system can be managed – provided the access control system has implemented cardholder management that can be accessed with a URL.

If you want to update your plugin to support deep links, you should focus on your override of the GetCredentialHolder method in the ACCredentialHolder class. The event server calls this method when credential holder information is needed and not already cached.The returned information is cached by the event server so the plugin must raise either the StatesChanged or StatesInvalidated event when the state changes

The following code snippet from the demo access control plug-in in the MIP SDK (DemoAccessControlPlugin.csproj) illustrates the creation of a deep link. In this example deep link, the URL simply points to – it is up to you to make it point to a URL that is suitable for your integration.


public override ACCredentialHolder GetCredentialHolder(string credentialHolderId)
    Guid userId;
    if (Guid.TryParse(credentialHolderId, out userId))
        // Retrieve user info from Demo
        CredentialHolderDescriptor credentialHolderDescriptor = _system.Managers.ConnectionManager.GetCredentialHolder(userId);
        if (credentialHolderDescriptor != null)
            // Make a copy of the image to avoid GDI+ problems due to disposed buffers
            Bitmap image = new Bitmap(Image.FromStream(new MemoryStream(credentialHolderDescriptor.Picture)));
            List<ACProperty> properties = new List<ACProperty>();
            if (!string.IsNullOrWhiteSpace(credentialHolderDescriptor.Department))
                properties.Add(new ACProperty("Department", credentialHolderDescriptor.Department));
            if (!string.IsNullOrWhiteSpace(credentialHolderDescriptor.CardId))
                properties.Add(new ACProperty("Card Id", credentialHolderDescriptor.CardId));
            if (!string.IsNullOrWhiteSpace(credentialHolderDescriptor.Department))
                properties.Add(new ACProperty("Expiry date", credentialHolderDescriptor.ExpiryDate.ToLongDateString()));
            properties.Add(new ACProperty("Manage cardholder", "" + credentialHolderId));
            ACCredentialHolder credentialHolder = new ACCredentialHolder(credentialHolderId, credentialHolderDescriptor.CredentialHolderName, credentialHolderDescriptor.Roles ?? new string[] { }, image, properties);
            return credentialHolder;
    return null;

As you can see, a deep link is an ACProperty instance. The name of the property is displayed in the user interface as a link:

If you compare the screenshot with the code snippet, you'll see that if you click on the "Manage cardholder" link, XProtect Access will access the link stored in the value of the property, in this case<some guid stored in the credentialHolder string>.

  Cardholder Management

Your override of GetCredentialHolder is likely very different from the one in the sample above. You probably already have a list of ACProperty instances, for your existing integration. If not, create such an instance. Then populate your list of ACProperty instances with the deep link or links that are suitable for your integration. Finally, you need to include this list in the constructor when you instantiate the ACCredentialHolder you are going to return from the method.

Learn more: