UniFi Access - Configure and Assign Access Policies

You can create an access policy to set a time frame during which users can access designated locations, and then assign the access policy to users.

Create an Access Policy

UniFi Access

The Access application automatically generates the following default policies once the application is configured. 

  • If you set up the Access application running before v1.21.4:
    • Default Admin Policy: Allow admins to access all locations anytime.
    • Default UniFi Console Policy: Allow non-admin users to access all locations from Monday to Friday, from 9:00 AM to 6:00 PM.
  • If you set up the Access application running 1.21.4 or later:
    • Default Site Policy: Allow non-admin users to access all locations from Monday to Friday, from 9:00 AM to 6:00 PM.
  1. Go to your Access application > Settings > Policies > User Entry Policies.
  2. Click + New Policy, specify the policy name, and click Select Locations.
  3. Select location hubs or door groups and click Add Location.
  4. In the Schedule section, select “Always“ or ”Custom“.
    1. Always: Allow users to access the selected locations at any time.
    2. Custom: Specify a time frame during which users can access the selected locations. 
  5. If you select Custom, perform the following actions based on your tasks.
    1. Add an access period: Hover your mouse over the “Not allowed to visit” period and click Add Schedule.
    2. Edit an access period: Use the drag-and-drop to edit or hover your mouse over a period and click the Ellipsis icon > Edit.
    3. Delete an access period: Hover your mouse over a period and click the Ellipsis icon > Delete.
    4. Use a different schedule during holidays: Tick the Set Holiday Schedule checkbox, click Add Holiday, and specify the holidays and schedules.
    5. Save the customized schedule as a predefined schedule: Tick the Save as a Predefined Schedule checkbox.
  6. Click Create.

UniFi Identity Enterprise

Identity Enterprise admins can create and edit access policies both in the UniFi Access application and Identity Enterprise Manager. 

  1. Go to your Identity Enterprise Manager > Services > Door Access.
  2. Select a site, go to Policy, and click the “+” icon.
  3. Specify the policy name, and assign the locations and users.
  4. Do either of the following to specify the schedule:
    • Customize the schedule by performing the following tasks.
      1. Add an access period: Hover your mouse over the “Not allowed to visit” period and click the “+” icon.
      2. Edit an access period: Use the drag-and-drop to edit or hover your mouse over a period and click the Ellipsis icon > Edit.
      3. Delete an access period: Hover your mouse over a period and click the Ellipsis icon > Delete.
      4. Use a different schedule during holidays: Tick the Set Holiday Schedule checkbox, click Add Holiday, and specify the holidays and schedules.
      5. Save the customized schedule as a predefined schedule: Tick the Save as a Predefined Schedule checkbox.
    • Tick the Use a Predefined Schedule checkbox and select a schedule you previously created. The “Always Allow Access” schedule is created by default, which allows authorized users to access doors anytime.
  5. Click Create.

Assign Access Policy

UniFi Access

  1. Go to your Access application > Users. If your UniFi OS version is 3.2.5 or later, the system will direct you to the OS Settings > Admins & Users page.
  2. Go to the Users or Groups tab.
  3. Select a user or group and click Settings.
  4. Assign door access policies and other resources as needed.

UniFi Identity Enterprise

If UniFi Identity Enterprise is activated, access management for users will be centralized in the Identity Enterprise Manager. Consequently, it will not be possible to assign policies to users through the Access application or OS Settings.  Do either of the following to assign policies:

  • Go to your Identity Enterprise Manager > Services > Door Access > select a site > Policy > Assigned Users.
  • Go to your Identity Enterprise Manager > Organizations > Members > Users > select a user > Permissions.
  • Go to your Identity Enterprise Manager > Organizations > Members > Groups > select a group > Permissions.
Was this article helpful?
4 out of 10 found this helpful