Document toolboxDocument toolbox

Set up integration with RCO R-CARD M5

This article is valid for Smart ID 22.04 and later.

This article describes how to configure the RCO Service, to enable integration between Smart ID Identity Manager and RCO R-Card M5.

RCO R-Card M5 is an access control system provided by RCO and managed by a GUI and a web service on the server. After integration, all administration of Users, Access Token and Entitlements (besides defining them) should be done in Identity Manager, never in RCO. 

For details on which data can be imported and exported from RCO R-CARD M5, see About import and export to Physical Access.

Prerequisites

The following prerequisites apply:

  • Physical Access and the RCO R-CARD M5 Docker container/service are installed. See Deploy Smart ID.

  • Physical Access has been tested with version 5.39.4.

  • The message queue server must be running

  • If MIFARE card technology is used, the PACS MIFARE number must be available as raw data (not encrypted, truncated, or similar). 

  • A working network connection to the connected physical access control systems (PACS) must be in place.

Configure RCO Service data fields

The RCO data is configured in the configuration table in the Physical Access database. All configuration is cached when the service starts so any configuration changes will require the service to be restarted in order to take effect.

Configure database

For information about how to connect to a PACS system, see Connect to a PACS system in PACS admin panel.

For information about group: messagingqueue, see Physical Access database - common parameters.

group: rco.system

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

systemName

string

Optional

The name of the RCO system.

Default: RCARDSYSTEM

username

string

Optional

The username that will be used when logging in to the RCO system.

Default: rcard

password

string

Optional

The password that will be used when logging in to the RCO admin service.

Default: 1234

group: rco.general

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

connectionString

string

Required

The connection string for the R-CARD M5 system.

Example: user id=IDC; password=mypassword; server=rco.mycompany.my; database=rcoDb; connection timeout=30

useDomainNames

bool

Optional

Whether to include the domain in the name of access groups in IDC.

Default: true

domainNameSeparator

string

Optional

The string that will separate the domain name and the name of the access group.

Default: “ – “

group: rco.index

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

id

int

Optional

The RCO index of the attribute where the IDC person ID should be stored.

Default: 9

idSearch

int

Optional

The RCO search index of the attribute where the IDC person ID is stored.

Default: 6

group: rco.export

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

updatesPerPoll

int

Optional

The number of persons to export per poll.

Default: 100

useCategory

bool

Optional

Determines whether to use the card’s category or layout as name in RCO.

Default: false

idPadding

string

Required

The value to pad the Physical Access person IDs in RCO with. IDs must be padded because, when searching, RCO does partial matching. For example, searching for “1” matches all IDs containing “1”. The value must consist of 1-3 characters and valid characters are: A-Za-z_!

Default: IDC

layoutIdentifierType 

string

Required

This is a type of identifier which we want to use to refer layout of access token.

categoryIdentifierType

string 

Required

This is a type of identifier which we want to use to refer category of access token.

userfieldmappings 

string

Optional

userfieldmappings is used to export additional data of users to RCO. The value in configuration setting is combination of table_name.value_of_type_column, field_id_of_rco. This configuration setting is the mapping between the Physical Access table field and RCO field Id.

User column fields can be sent by adding the configuration user.column_name, rco_field_id.

The following table shows sample configurations for userfieldmappings:

system

key

value

group

index

system

key

value

group

index

RCO

userfieldmappings

user.Ssn,6

rco.export

0

RCO

userfieldmappings

useradditionalfield.other,27

rco.export

0

RCO

userfieldmappings

email.work,13

rco.export

0

RCO

userfieldmappings

user.title,7

rco.export

0

group: rco.card.mapping.{value of layout identifier}

This group contains compound configuration elements using the config_index column. For each unique config_index value in this group, each key defined below must be defined exactly once. Note that this group is not required as a whole, and should only be used if you have specific requirements for one or more card layouts.

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

layout

string

Optional

The name of the card layout to match (case insensitive) for this mapping. Each layout may only be mapped once.

cardNumberIdentifier

string

Optional

This indicates the identifier for card number.

format

string

Optional

The format that the card number should be converted into before exporting it to RCO.

Valid values: Linear, LinearReverse, Block, BlockReverse.

length

int

Optional

The length that the card number should be trimmed (leading digits) or padded (with leading zeroes) to after converting it.

group: rco.card.mapping.default

This group defines how to export card numbers by default, when a card’s layout does not have a specific mapping.

key

Data type

Required or Optional

Description

key

Data type

Required or Optional

Description

cardNumberIdentifier 

string

Optional

The default identifier type to read card numbers.

Default: CardNumber

format

string

Optional

The format that the card number should be converted into before exporting it to RCO.

Valid values: Linear, LinearReverse, Block, BlockReverse.

Default: Linear

length

int

Optional

The length that the card number should be trimmed (leading digits) or padded (with leading zeroes) to after converting it.

Default: 9

Restart service

Restart the RCO R-CARD M5 connector service:

Restart Physical Access RCO R-CARD M5 connector
cd <SMARTIDHOME>/compose/physicalaccess docker-compose restart smartid-pa-rco



Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions