The current Openpath Jira and Confluence instances will be migrated to the MSI On-Premise solution from August 9th-11th, the current platform will be set to read-only and all future usage will be in the Avigilon Instance. Please ensure access to MSI Jira & MSI Confluence, both are accessible through OKTA. For additional information and details please refer to the Atlassian migration page

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Zone Sharing allows an Org to share its Zone(s) with other Orgs. This allows other Orgs to give their Users access to your Zones, providing privacy of segregated User databases and reducing the burden of a Landlord who does not need to manage the individual Tenant Users.

Prerequisites

  • At least 1 Openpath ACU

  • At least 1 Entry with any license

  • Two or more Openpath Orgs (generally one Landlord Org, and multiple Tenant Orgs)

Org Structure

  • Org 1 - Landlord

All common area hardware will be provisioned to this Org, including main entry, elevators, etc.

  • Orgs 2+ - Tenants (each Tenant has their own Org)

Tenant Orgs may or may not have their own Openpath hardware provisioned and usually only consist of Users and Groups. In this case, the Partner configuring the Org must enable the ‘Auto-assign Basic’ feature from the Edit organization page (found in Partner Center > Manage organizations). This feature allows up to 500 Users to be created at no cost to the Tenant (which is required since they will not have any Entry licenses).

Zone Sharing Sample Diagram

How to Share Zones

  1. Create a Zone with only the Entries you wish to share.

  2. Enter the Org ID number in the “Organizations to share with” field, then click Save.

  3. Once the Zone has been Shared, it will now be selectable by the Tenant Org, allowing them to provide their Users/Groups access to the Zone.

Note: To find the Org ID, click your profile icon in the top right corner, then hover over the name of the Org to which you’re sharing the Zone. Org ID is also visible in the browsers address bar following “o/”; for example https://control.openpath.com/o/7874/dashboards/activityDashboard

Reporting

  • The Landlord has access to all event history at their Entries. The Tenants do not have visibility to history unless explicitly given access from the Landlord.

  • If a Tenant should have access to run Reports or view Dashboards the Landlord can explicitly add the Tenant User to the Landlord Org with a limited scope (permissions), only allowing them access to Dashboards and Reports. In this case, it is often a good idea to segregate the Landlord Org into Sites and set up Role(s) for Tenant Report Admins using the ‘Limit to specific sites’ option, preventing Tenants from viewing information for Zones that are not relevant to them.  Note that the ‘Limit to specific sites’ option requires Premium or Enterprise licensing on the Landlord Org.

FAQ's

Q: Can the Tenant change the Entry Schedule?

A: No, the Tenant user cannot change the Entry Schedule. Only a User with appropriate Role permissions on the Landlord Org can modify Entry Schedules. Tenant admins can only modify their employees' User Schedule (allowing access from 9-5 for example).

Q: Can the Tenant run Reports or View Dashboards?

A: Tenant Admins do not have visibility to event data from Zones and Entries that have been shared with them, as they belong to the Zone Owner. If a Tenant should have access to run Reports or view Dashboards the Landlord can explicitly add the Tenant User to the Landlord Org with a limited Scope only allowing them access to Dashboards and Reports. Learn more about Roles.

Q: Does this mean that Tenants can give their Users unlimited access to shared Zones?

A: Yes, Tenants will be able to create Users/Groups and give them 24/7 access. However, the Landlord controls the Default Entry State and Entry Schedules for their Entries. These can be set up in such a way that they can deny specific Unlock Trigger Methods such as Cards and/or Mobile Credentials (configured in Sites > Entry states) on a scheduled basis. For example, the Landlord could create an Entry Schedule for the Main Entrance which requires a User with Override Permission or 2FA after business hours. Tenant Users could be configured to meet these criteria, but most credentials/Users are generally not configured for Override permissions. Learn more about Entry States

Related Pages:

How do I share Zones?

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.