How do I create a Physical Access Control System integration? (Developer's Guide)

Getting Started

To create a Physical Access Control System (PACS) integration for an account, the user must first go to the settings page and generate a bearer token:

mceclip0.png

 

This token is used as authorization to store devices and write annotations for this account. Once you have the user's token, store it securely and use it with the API calls below.

If your software solution supports OAuth flows, then you can request this token via OAuth with scope=annotations:write.

Devices (badge readers)

In order for Camio to know the user's available access control devices, send a payload to https://incoming.integrations.camio.com/pacs/devices when setting up the integration and whenever the user's devices are updated. This way, Camio can display the available devices on the user's settings page:

mceclip0.png

The user must select which access control devices are in view of which camera. This way, Camio can correlate the access control events with the associated video.

Note that POSTs to the https://incoming.integrations.camio.com/pacs/devices endpoint overwrite the user's stored devices, but Camio won't forget currently set devices unless the user removes them from the integration. They can remove the devices assigned to a camera by clicking the x next to the device names and then hitting save.

Access Control Events

When a new access control event occurs, send information to https://incoming.integrations.camio.com/pacs/webhooks. By including the user's authorization token and the access device's id, Camio matches the access control event to the user's video. Any labels you add to the video become searchable. See the payload described in the API to POST Events.

API Calls

Method + URL

Examples

Devices (optional)

 

POST /pacs/devices

Payload

{
  "devices": [
    {
      "device_id": "{{unique_id}}",
      "device_name": "{{display_name}}"
    },
    ...
  ]
}

 

Curl

curl --location --request POST 'https://incoming.integrations.camio.com/pacs/devices' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4ssrlJgepKRGLgA-s' \
--header 'Content-Type: application/json' \
--data-raw '{
    "readers": [
         {
             "device_id": "testDevice0129397",
             "device_name": "Test Device"
         },
         ...
    ]
}'

 

Response Codes

200/204

Success. No payload is returned.

400/422

Bad request / Malformed payload. Check that the payload you sent matches the example above. An empty payload also will return a 422.

401

Unauthorized. Most likely missing the Authorization header.

405

Method not allowed. Only supports GET and POST.

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

GET /pacs/devices

Payload

None

Curl

curl --location --request GET 'https://incoming.integrations.camio.com/pacs/devices' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4ssrlJgepKRGLgA-s'

Response Codes

200

Success. Returns a json payload in the same format as the POST above. Ex:

{
  "readers": [
    {
      "integration_name": "pacs",
      "device_id": "testDevice0129397",
      "device_name": "Test Device"
    },
    ...
  ]
}

401

Unauthorized. Most likely missing the Authorization header.

405

Method not allowed. Only supports GET and POST.

404

Not found. No stored devices found for the user.

{
"detail": "No devices found for {{user_id}}"
}

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

Events

 

POST /pacs/webhooks

Payload

Only device_id, timestamp, event_type, and actor_id are required.

{
   # Either event or events is required
   "event": {
      "device_id": {{unique_id}},
      "timestamp": {{ISO8601_datetime_UTC_string}},
      "event_type": {{valid_event_type}},
      "labels": [{{any_string}}],
      "actor_id": {{any_string}},
      "actor_name": {{any_string}},
    "actor_email": {{valid@email.com}}
   },
   "events": [
      ... # List of access events, structured the same way as event above
   ]
}

Curl

curl --location --request POST 'https://incoming.integrations.camio.com/pacs/webhooks' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4ssrlJgepKRGLgA-s' \
--header 'Content-Type: application/json' \
--data-raw '{
   "event": {
      "timestamp": "2023-08-04T22:28:44.989-0000",
      "event_type": "Entry Unlocked",
      "device_id": "testDevice0129397",
      "actor_id": "T.Smith0129486",
      "actor_name": "Tester Smith",
      "actor_email": "tsmith@gmail.com",
      "labels": [
         "South Entry",
         "Building 5"
      ]
}}'

Response Codes

200

Success. A payload is returned that includes the annotations that will be applied to any matching Camio events, as well as the estimated time that the annotations request will go through:

{
   "annotation_request": {
   "user_id": "...",
   "annotations": [{
      "timestamp": "2023-08-04T22:28:44.989000+00:00",
      "cameras": [{
         "camera_id": "...",
         "user_id": "..."
      }],
      "labels_to_add": [
         "integration:pacs",
         "entry.unlocked",
         "T.Smith0129486_entry.unlocked",
         "tester_smith_entry.unlocked",
         "tsmith@gmail.com_entry.unlocked",
         "pacs:entry.unlocked:2023-08-04T22:28:44.989000+00:00",
         "integration:pacs:2023-08-04T22:28:44.989000+00:00:Entry Unlocked:T.Smith0129486:tsmith@gmail.com:tester_smith",
         "T.Smith0129486",
         "Tester Smith",
         "South Entry",
         "Building 5"
      ],
      "labels_to_remove": []
   }],
   "create_time": "2023-08-04 22:54:29+00:00",
   "schedule_time": "2023-08-04 22:54:29.875997+00:00"
   }
}

400/422

Bad request / Malformed payload. Check that the payload you sent matches the example above. An empty payload also will return a 422.

Common error is that the user has no camera mapped to the device_id. Make sure the user has a camera mapped to the device on their settings page

Response when there are no cameras mapped to the device looks like this:

{
"detail": "No annotations could be created from the events."
}

401

Unauthorized. Most likely missing the Authorization header.

405

Method not allowed. Only supports POST.

404

User does not have PACS integration settings saved.

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

**required

**at least one is required

Valid Event Types

Valid event types are searchable with additional natural language queries and may go through additional analysis such as tailgating detection.

event_type (not case sensitive)

entry unlocked

forced open

entry ajar

 

Legacy API Calls

These endpoints are deprecated in favor of the new integration server https://incoming.integrations.camio.com used in the examples above. These endpoints will continue to work but new features and improvements will not be added.

Method + URL

Examples

POST /api/integrations/pacs/devices

Payload

{
  readers: [
    {
      device_id: {{unique_id}},
      device_name: {{display_name}}
    },
    ...
  ]
}


Curl

curl --location --request POST 'https://camio.com/api/integrations/pacs/devices' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4s4srlJgepKRGLgA-s' \
--header 'Content-Type: application/json' \
--data-raw '{
    "readers": [
         {
             "device_id": "testDevice0129397",
             "device_name": "Test Device"
         },
         ...
    ]
}'

 

Response Codes

200/204

Success. No payload is returned.

400

Bad request / Malformed payload. Check that the payload you sent matches the example above. An empty payload also will return a 400.

Also returned for unsupported methods. Supported methods are GET, POST, and PUT.

401

Unauthorized. Most likely missing the Authorization header.

403

Unauthorized. Caller does not have permission to make this request.

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

GET /api/integrations/pacs/devices

Payload

None

Curl

curl --location --request GET 'https://camio.com/api/integrations/pacs/devices' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4s4srlJgepKRGLgA-s'

Response Codes

200

Success. Returns a json payload in the same format as the POST above. Ex:

{
  "readers": [
    {
      "device_id": "testDevice0129397",
      "device_name": "Test Device"
    },
    ...
  ]
}

400

Bad request. Returned for unsupported methods. Supported methods are GET, POST, and PUT.

401

Unauthorized. Most likely missing the Authorization header.

404

Not found. No stored devices found for the user.

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

POST /api/integrations/pacs/webhooks

Payload

{ 
    device_id: {{unique_id}},
    timestamp: {{ISO8601_datetime_UTC_string}},
    event_type: {{valid_event_type}},
    labels: [{{any_string}}],
    actor_id: {{any_string}},
    actor_name: {{any_string}},
  actor_email: {{valid@email.com}}
}

Curl

curl --location --request POST 'https://camio.com/api/integrations/pacs/webhooks' \
--header 'Authorization: Bearer 42g-D0T41A5HIu4s4srlJgepKRGLgA-s' \
--header 'Content-Type: application/json' \
--data-raw '{
  "device_id": "testDevice0129397",
  "timestamp": "2021-11-01T17:30:10.000Z",
  "event_type": "Entry Unlocked",
  "labels": [
    "South Entry",
    "Building 5"
  ],
  "actor_id": "T.Smith0129486",
  "actor_name": "Tester Smith",
  "actor_email": "tsmith@gmail.com"
}'

Response Codes

200/204

Success. No payload is returned.

400

Bad request / Malformed payload. Check that the payload you sent matches the example above. An empty payload also will return a 400.

Also returned for unsupported methods. Supported methods are POST and PUT.

401

Unauthorized. Most likely missing the Authorization header.

403

Unauthorized. Caller does not have permission to make this request.

Also returned if the user does not have a PACS integration.

404

No camera mapped to the device_id. Make sure the user has a camera mapped to the device on their settings page.

500

Server error. Something unexpected went wrong. If this does not seem to be a transient error, please contact support@camio.com for help resolving this error.

**required

**at least one is required

Valid Event Types

Valid event types are searchable with additional natural language queries and may go through additional analysis such as tailgating detection.

event_type (not case sensitive)

entry unlocked

forced open

entry ajar

Have more questions? Submit a request

Comments