Zone Sharing allows an organization to share its zones with other organizations. This enables other organizations to grant their users access to your zones, maintaining separate user databases for privacy and reducing the landlord's need to manage individual tenant users.

Prerequisites

• At least 1 Avigilon ACU.

• At least 1 Entry with any license.

• Two or more Avigilon Alta Orgs (generally one Landlord Org, and multiple Tenant Orgs).

Org Structure

• Org 1 - Landlord.

All common area hardware will be provisioned to this Org, including main entry, elevators, etc.

• Orgs 2+ - Tenants (each Tenant has their own Org).

Tenant Orgs may or may not have their own Avigilon Alta hardware provisioned and usually only consist of Users and Access Groups. In this case, the Partner configuring the Org must enable the ‘Auto-assign Basic’ feature from the Edit organization page (found in Partner Center > Manage organizations). This feature allows up to 500 Users to be created at no cost to the Tenant (which is required since they will not have any Entry licenses).

Zone Sharing Sample Diagram

How to Share Zones

1. Create a Zone with only the Entries you wish to share.

2. Enter the Org ID number in the “Organizations to share with” field, then click Save.

3. Once the Zone has been Shared, it will now be selectable by the Tenant Org, allowing them to provide their Users / Access Groups access to the Zone.

Reporting

• The Landlord has access to all event history at their Entries. The Tenants do not have visibility to history unless explicitly given access from the Landlord.

• If a Tenant should have access to run Reports or view Dashboards the Landlord can explicitly add the Tenant User to the Landlord Org with a limited scope (permissions), only allowing them access to Dashboards and Reports. In this case, it is often a good idea to segregate the Landlord Org into Sites and set up Role(s) for Tenant Report Admins using the ‘Limit to specific sites’ option, preventing Tenants from viewing information for Zones that are not relevant to them.  Note that the ‘Limit to specific sites’ option requires Premium or Enterprise licensing on the Landlord Org.

FAQ's

Q: What if the Landlord wants control over which Users can access an area, such as a Fitness Center which requires a waiver before Users are granted access?

A: The Landlord would not share the Fitness Center Zone, and would instead enroll the Tenant User.

Q: Can the Tenant change the Entry Schedule?

A: No, the Tenant user cannot change the Entry Schedule. Only a User with appropriate Role permissions on the Landlord Org can modify Entry Schedules. Tenant admins can only modify their employees' User Schedule (allowing access from 9-5 for example).

Q: Can the Tenant run Reports or View Dashboards?

A: Tenant Admins do not have visibility to event data from Zones and Entries that have been shared with them, as they belong to the Zone Owner. If a Tenant should have access to run Reports or view Dashboards the Landlord can explicitly add the Tenant User to the Landlord Org with a limited Scope only allowing them access to Dashboards and Reports. Learn more about Roles.

Q: Does this mean that Tenants can give their Users unlimited access to shared Zones?

A: Yes, Tenants will be able to create Users / Access Groups and give them 24/7 access. However, the Landlord controls the Default Entry State and Entry Schedules for their Entries. These can be set up in such a way that they can deny specific Unlock Trigger Methods such as Cards and/or Mobile Credentials (configured in Sites > Entry states) on a scheduled basis. For example, the Landlord could create an Entry Schedule for the Main Entrance which requires a User with Override Permission or 2FA after business hours. Tenant Users could be configured to meet these criteria, but most credentials/Users are generally not configured for Override permissions. Learn more about Entry States.

Related Pages:

How do I share Zones?