UniFi Identity Enterprise - Enable Door Access and Manage Its Features
Door Access securely manages your access control system, allowing you to create access policies and manage door access features, and enabling users to unlock doors with phones, NFC cards, PINs, or other authentication methods.
The doorbell feature allows you to receive and respond to notifications, as well as unlock and monitor doors remotely. You can monitor doors remotely through the web-based Identity Enterprise Manager, the Identity Enterprise mobile app, or UniFi Talk.
Requirements
Make sure you have completed the following steps before enabling door access.
If Your Console Has Activated UniFi Identity Enterprise
Update your UniFi Access devices and Identity Enterprise Agent to meet the following requirements.
-
- UA Lite: v3.9.8.0 or later.
- UA Pro: v2.3.178 or later.
- UA Hub: v4.0.14.15 or later.
- Identity Enterprise Agent: v1.54.6 or later.
If Your Console Has Not Activated UniFi Identity Enterprise
- Install and set up the UniFi Access devices.
- Set up the UniFi Access application.
- Update UniFi Access devices and Identity Enterprise Agent to meet the following requirements.
- UA Lite: v3.9.8.0 or later.
- UA Pro: v2.3.178 or later.
- UA Hub: v4.0.14.15 or later.
- Identity Enterprise Agent: v1.54.6 or later.
Enable Door Access
- Go to your Identity Enterprise Manager (https://[your workspace domain].ui.com/cloud) > Services.
- Do either of the following:
- If you have not enabled Door Access at any site, find Door Access and Click to Enable.
- If you have enabled Door Access before and would like to enable it at other sites:
- Go to Door Access > Sites.
- Click Show All and select a site.
- Select a console and Click to Enable. If there is no console on the site, click Add Console and follow the steps here.
- After enabling Door Access, a default workspace access policy and site access policy are automatically generated. Custom door access policies are given precedence over the default door access policies. The default door access policies are applied if none of the user's conditions matches any of the custom door access policies.
- Allow Access to All Doors: This default workspace access policy includes all doors of the workspace, but no users are granted access. To assign it to users, click Assigned Users, click +, select All Organization Users or Specific Users, and click Assign.
- The Site's Default Policy: This default site access policy allows all users belonging to this site to access all the site's doors.
Migrate Door Access Devices
This feature allows you to migrate door access devices from one UniFi Console to another without removing them from the old console and adopting them in the new console.
Requirements
Before migration, please ensure that:
- Migrating UA-Ultra is currently not supported.
- The new console has been added to the same site as the existing console. Learn more about adding a console to an existing workspace
- The door access devices and consoles are online.
- The door access devices and the new console are in the same VLAN. To update the network settings of door access devices, go to your Access application > Settings > System > Network.
- The door access devices have been wired to the new console. Learn more about wiring UA devices
Migrate Door Access Devices
- Go to your Identity Enterprise Manager > Services > Door Access.
- Select a site and click Migrate Door Access Devices in the prompted panel.
- Ensure you have read and understand the Migration Requirements and then select the Source Console and Target Console.
- Click Migrate.
Create and Assign Access Policy
Create an access policy to set a time frame during which users can access designated locations, and then assign the access policy to users.
Create Access Policy
Identity Enterprise admins can create and edit access policies both in the UniFi Access application and Identity Enterprise Manager.
- Go to your Identity Enterprise Manager > Services > Door Access > Sites.
- Select a site, go to Policy, and click the + icon.
- Specify the policy name, and add the locations and users.
- Set a schedule to allow access during the specified timeframes:
- Tick the Use a Pre-Defined Schedule checkbox and select Always Allowed to allow authorized users to access doors anytime, or select a schedule from the predefined options.
- Customize the time when the location should remain unlocked, with up to 20 timeframes per day.
- To add an access period, hover over the schedule and click the + icon.
- To edit an access period, drag and drop it, or hover over the period and click the Ellipsis icon > Edit.
- To delete an access period, hover over the period and click the Ellipsis icon > Delete.
- (Optional) Tick the Set Holiday Schedule checkbox to specify unlock times for holidays:
- Click Edit Holiday to add or edit the holiday name and date.
- Hover over the schedule and click the + icon to add an access period.
- (Optional) Tick the Save as a Pre-Defined Schedule and enter the Schedule Name to save the customized schedule and use it in other access policies.
- Click Create.
Assign Access Policy
If UniFi Identity Enterprise is activated, user access management will be centralized in the Identity Enterprise Manager. As a result, you will no longer be able to assign policies to users through the Access application or OS Settings. To assign policies, do one of the following:
- Go to your Identity Enterprise Manager > Services > Door Access > select a site > Policy > Assigned Users.
- Go to your Identity Enterprise Manager > Organizations > Members > Users > select a user > Permissions.
- Go to your Identity Enterprise Manager > Organizations > Members > Groups > select a group > Permissions.
Manage Door Access Methods
To allow users to unlock doors using an access method, ensure that the method is enabled in both Identity Enterprise Manager and the UniFi Access application. Disabling a method in Identity Enterprise Manager will also hide it from the Access application.
- Go to your Identity Enterprise Manager > Services > Door Access > Advanced.
- Enable or disable Access Methods and configure settings. Learn more about Access Methods & Credentials
-
NFC Card
- Allow Third-Party NFC Cards
-
Mobile: Users can unlock locations with a simple tap on the Identity Enterprise mobile app, which uses Bluetooth Low Energy (BLE).
- Refresh Mobile Access Token Every [1 Day, 1 Week, 1 Month, or 3 Months]: For enhanced security, it's highly recommended to Refresh users' mobile access tokens regularly.
- Hand Wave: It cannot be used with the NFC access method simultaneously.
-
PIN
- Set the PIN length to 4 digits, 6 digits, or 8 digits. All users' PINs will become invalid once the PIN length is changed. It's advised to use long, complex PINs for enhanced security.
- Randomize Keypad Layout as needed. Supported only on G2 Reader Pro and Intercom.
- Allow Simple PIN to allow PINs to contain sequential or repeated numbers (e.g., 123456, 000000). For enhanced security, it's advised to use complex PIN combinations.
-
NFC Card
- Click Save.
Send Door Access Notifications to Owner/Super Admins
The Identity Enterprise Owner and Super Admins will receive notifications on their Identity Enterprise Manage, Identity Enterprise Workspace, and Identity Enterprise mobile and desktop apps.
- Go to your Identity Enterprise Manager > Services > Door Access > Advanced.
- Go to Notify Owner/Super Admin of and enable the following options:
- Doorbell Rings
- Unauthorized/Prolonged Door Openings
- Newly Discovered Devices
Enable LAN-Optimized Doorbell
This feature guarantees faster and more stable video calls while receiving and answering. If this feature is enabled, you will be temporarily unable to use UniFi Talk to answer calls until Phone Touch 1.11.1 or Phone Touch Max 2.11.0 is installed. You can manually disable this feature to resume answering calls via UniFi Talk.
Version Requirements
- Identity Enterprise Agent: 1.54.6 or later
- Identity mobile app:
- Android: 0.65.3 (1716)
- iOS: 0.65.3 (716)
- G2 Pro: 1.0.122 or later
- UA Pro: 2.5.208 or later
- Phone Touch: 1.11.1 or later
- Phone Touch Max: 2.11.0 or later
Enable This Feature
- Go to your Identity Enterprise Manager > Services > Door Access > Advanced.
- Tick the LAN-optimized doorbell feature checkbox.
- Click Save.
Sync Door Unlock Recordings from UniFi Access
Syncing door unlock recordings from UniFi Access to Identity Enterprise stores the recordings in the cloud, making them viewable in the System Log. Learn more about Managing Door Unlock Recordings in UniFi Access
- Go to your Identity Enterprise Manager > Services > Door Access > Advanced.
- Tick the Sync door unlock recordings from UniFi Access checkbox.
- Click Save.