Skip to main content

ACT365 Access Control Integration

Overview

ACT365 is a cloud-based access control platform that enables flexible, secure physical access management. The Nexudus integration with ACT365 automates credential provisioning and access group assignments based on customer contracts, passes, bookings, and desk assignments.

Key Features

  • Cloud-based management: Manage access from anywhere through ACT365’s web platform
  • Mobile access: Customers can use the Nexudus Passport app to unlock doors remotely
  • Automatic provisioning: Access is granted and revoked automatically based on plan changes, bookings, and pass assignments
  • Check-in tracking: Optionally use door events to check customers in/out
  • RFID card support: Up to 4 RFID cards per customer for physical access
  • Group-based permissions: Map your inventory (passes, resources, desks) to ACT365 cardholder groups
  • Booking-based temporary access: Automatic access during reservation windows

Integration Type

Cloud-based — ACT365 operates entirely in the cloud with no on-premises server requirements.

Capabilities

FeatureSupportedNotes
Pass-based access✅ YesCustomers receive access based on their active passes
Plan-based access✅ IndirectPlans grant access through the passes they include
Resource-based access✅ YesGrants temporary access during reservations
Desk/unit-based access✅ YesIncludes support for team billing contracts
Visitor access❌ NoNot supported by this integration
Booking guest access✅ YesCustomers added as booking guests can access spaces during booking windows
Check-in tracking✅ YesDoor events trigger automatic check-ins
Mobile app access✅ YesNexudus Passport app integration
Remote door unlock✅ YesCustomers can unlock doors without being physically present

How It Works

Access Control Model

ACT365 uses a cardholder group model to manage access permissions:
  • Cardholders represent individuals in the system (mapped to Nexudus customers)
  • Cardholder Groups define collections of doors that cardholders can access
  • Sites organize door controllers within your ACT365 account
  • Door Controllers manage individual doors or access points
When a customer’s access needs change in Nexudus (e.g., they purchase a pass, book a resource, or their contract renews), the integration automatically updates their cardholder record in ACT365 with the appropriate group memberships.

Multi-Door Support

ACT365 uses cardholder groups to grant permissions to multiple doors. Instead of mapping each door individually:
  1. In ACT365, create a cardholder group (e.g., “Coworking Space Access”)
  2. Add the relevant doors to that group in ACT365
  3. In Nexudus, map your pass/resource/desk to that group
  4. Customers with that pass automatically get access to all doors in the group
You must configure which doors belong to each group in the ACT365 platform. Nexudus assigns customers to groups, but the door-to-group mapping is managed in ACT365.

Prerequisites

Before connecting Nexudus to ACT365, ensure you have:
  1. Active ACT365 account with administrator access
  2. API credentials obtained from ACT365 (username and password for API authentication)
  3. ACT365 site configured with door controllers installed and online
  4. Cardholder groups created in ACT365 for different access levels (e.g., 24/7 access, business hours only)
  5. Nexudus location configured with plans, passes, and resources

Configuration

Step 1: Connect to ACT365

  1. In the Nexudus dashboard, go to Settings > Integrations
  2. Find ACT365 in the list and expand the settings
  3. Enable the Enable ACT365 integration toggle
  4. Enter your connection details:
    • Username: Your ACT365 API username
    • Password: Your ACT365 API password
  5. Click Save to establish the connection
  6. Once connected, select your ACT365 site from the dropdown menu that appears
  7. The configuration panels will load, showing your door controllers, cardholder groups, passes, resources, and desks
The site dropdown will show all sites available in your ACT365 account. Once you select a site, Nexudus will load the door controllers, cardholder groups, and other configuration options for that specific site. If your ACT365 account manages multiple sites, cardholders will be assigned to “All sites” (Site ID 0) automatically. For single-site accounts, cardholders are assigned to your selected site.

Step 2: Configure Presence Tracking (Optional)

ACT365 can trigger automatic check-ins when customers unlock specific doors.
  1. In the Door Controllers section, you’ll see all doors from your ACT365 site
  2. For each door, choose an action:
    • Nothing: Door access is tracked in ACT365 but doesn’t affect Nexudus
    • Check In: Unlocking this door checks the customer in
    • Check Out: Unlocking this door checks the customer out
    • Toggle: Unlocking switches between checked in and checked out
Common scenarios:
  • Set the main entrance to Check In
  • Set the exit door to Check Out
  • Set internal doors to Nothing (access granted but doesn’t affect presence)
Check-in tracking requires event processing. Nexudus syncs door events every 12 minutes and triggers the appropriate check-in action based on your configuration.

Step 3: Map Passes to Cardholder Groups

Passes are the primary way customers receive access in Nexudus. Each pass can be mapped to an ACT365 cardholder group.
  1. In the Passes section, you’ll see all passes configured for this location
  2. For each pass, select the ACT365 Cardholder Group that customers should be assigned to when they hold that pass
  3. Leave blank if a pass should not grant physical access
How it works:
  • When a customer has an active contract on a plan that includes passes, they automatically receive those passes
  • If the pass is mapped to an ACT365 group, the customer is added to that group
  • When the pass expires or is consumed, access is revoked
  • Time-limited passes (e.g., day passes with validity windows) automatically grant and revoke access at the appropriate times
Example mapping:
Pass NameACT365 GroupPurpose
24/7 Access Pass24/7 MembersRound-the-clock building access
Business Hours PassBusiness HoursAccess only during operating hours
Meeting Room PassMeeting RoomsAccess to meeting room zones
Plans are not directly mapped to cardholder groups. Instead:
  1. Plans include passes via the plan configuration
  2. Passes are what get mapped to cardholder groups
  3. When a customer starts a contract on a plan, they receive the passes included in that plan
  4. Those passes then grant the associated ACT365 access

Step 4: Map Resources to Cardholder Groups

Resources (meeting rooms, event spaces, etc.) can require specific access permissions for bookings.
  1. In the Resources section, you’ll see all resources configured for this location
  2. For each resource, select the ACT365 Cardholder Group required to access that space
  3. Leave blank if resource bookings should not grant physical access
How it works:
  • When a customer books a resource, Nexudus grants them access 15 minutes before the booking starts
  • Access is automatically revoked when the booking ends
  • If the booking is cancelled, access is removed immediately
Example mapping:
Resource NameACT365 GroupPurpose
Conference Room AMeeting Room AAccess to specific meeting room
Event SpaceEvent HallAccess to event space for bookings
Private OfficePrivate OfficesAccess to private office area
Resource-based access is temporary and booking-specific. A customer only receives access during their booking window, even if they don’t hold a general access pass.

Step 5: Map Desks/Units to Cardholder Groups

Floor plan desks and units can grant access to specific areas when included in a customer’s contract.
  1. In the Desks/Units section, you’ll see all desks from your floor plans
  2. For each desk, select the ACT365 Cardholder Group required to access that area
  3. Leave blank if desk assignments should not grant physical access
How it works:
  • When a desk is added to a customer’s contract, they receive access to the mapped group
  • Access is granted when the contract starts and revoked when it ends
  • Team billing support: If a customer uses team billing (merged billing), they also receive access to desks included in the paying member’s contracts
Example mapping:
Desk/Unit NameACT365 GroupPurpose
Private Office #101Private Office Floor 1Access to first-floor private office area
Dedicated Desk Zone ADesk Area AAccess to dedicated desk zone A
Studio #5Studio AccessAccess to individual studio unit
Desk access is based on contract assignments, not direct desk bookings. Customers must have the desk included in an active contract to receive access. Ad-hoc desk bookings (if using desk booking) do not automatically grant ACT365 access.

Step 6: Save Configuration

  1. Review all mappings to ensure they’re correct
  2. Click Save to apply the configuration
  3. Nexudus will immediately start provisioning access for customers based on the new mappings

How Access is Managed

When Access is Granted

Nexudus automatically grants ACT365 access when:
  1. Contract starts: Customer begins a contract on a plan → receives passes included in that plan → assigned to corresponding ACT365 groups
  2. Pass activated: Customer receives a pass directly (not via a contract) → assigned to the mapped ACT365 group
  3. Booking created: Customer books a resource → granted access to resource’s group 15 minutes before booking start time
  4. Desk added to contract: Desk is added to an active contract → customer receives access to the desk’s mapped group
  5. Booking guest added: Non-customer is added as a guest on a booking → granted access to resource’s group for the booking duration

When Access is Revoked

Nexudus automatically revokes ACT365 access when:
  1. Contract ends or cancelled: Customer loses passes from that contract → removed from corresponding ACT365 groups
  2. Pass expires: Pass validity ends or usage is consumed → removed from mapped ACT365 group
  3. Booking ends or cancelled: Booking time expires or is cancelled → access to resource’s group is removed
  4. Desk removed from contract: Desk is removed from contract → access to desk’s group is revoked
  5. Customer deactivated: Customer account is deactivated → all ACT365 access removed
  6. Check-in expires: If customer checks out or check-in expires, certain temporary access may be revoked

Access Update Timing

  • Immediate updates: Contract changes, pass assignments, and customer deactivations trigger access updates within seconds
  • Booking lead time: Booking access is granted 15 minutes before the booking start time
  • Background processing: Access updates are queued in background jobs to handle high volumes efficiently
  • Event processing: Door events are synced every 12 minutes for check-in tracking
If a customer should have access but doesn’t, the system automatically retries access provisioning. Check the Business Checkup page for any integration errors.

Mobile App Experience

Customers can use the Nexudus Passport mobile app to unlock doors remotely.

Setup for Customers

  1. Customer downloads the Nexudus Passport app (iOS or Android)
  2. Signs in with their Nexudus credentials
  3. App detects ACT365 integration is active
  4. Customer can view available doors and unlock them remotely

Using Mobile Access

  1. Customer opens the Nexudus Passport app
  2. Navigates to Unlock Doors section
  3. Views list of doors they currently have access to
  4. Taps Unlock to remotely unlock a door

RFID Card Management

ACT365 supports traditional RFID access cards alongside mobile access. To assign cards:
  1. Go to Operations > Customers
  2. Select the customer
  3. In their profile, enter card IDs in the Access Card ID field
  4. Separate multiple cards with commas: 123456,789012,345678 (up to 4 cards)
  5. Save the customer profile
Card behavior:
  • No card: Cardholder is disabled in ACT365 (mobile-only access)
  • Card assigned: Cardholder is enabled for both physical and mobile access
  • Card removed: Cardholder is disabled again (reverts to mobile-only)
Only numeric card IDs are supported. Non-numeric cards are automatically filtered out.

Troubleshooting

Possible causes:
  1. Pass not mapped: The passes included in the customer’s plan are not mapped to any ACT365 cardholder groups
    • Solution: Go to Settings > Integrations > ACT365 and map the relevant passes to cardholder groups
  2. Pass expired or inactive: The customer’s pass has expired or hasn’t started yet
    • Solution: Check the customer’s passes under their profile to verify validity windows
  3. Cardholder not created: The customer wasn’t created in ACT365
    • Solution: Check the Business Checkup page for integration errors, or manually trigger an update by editing and saving the customer’s profile
  4. Access group permissions: The ACT365 cardholder group exists but isn’t assigned to any doors
    • Solution: In ACT365, verify the cardholder group includes the correct door controllers
  5. Card not assigned: Customer exists in ACT365 but is disabled (no RFID card)
    • Solution: Assign an RFID card in the customer’s Access Card ID field, or ensure mobile access is working
Possible causes:
  1. Resource not mapped: The booked resource is not mapped to an ACT365 cardholder group
    • Solution: Map the resource to a cardholder group in Settings > Integrations > ACT365
  2. Booking too far in future: Access is only granted 15 minutes before booking start time
    • Solution: Wait until booking is within 15 minutes of start time
  3. Booking not confirmed: Some resources require booking confirmation
    • Solution: Confirm the booking if it’s in pending state
Possible causes:
  1. No active access: Customer doesn’t have any passes or bookings that grant access
    • Solution: Verify customer has an active pass or upcoming booking mapped to ACT365 groups
  2. Cardholder disabled: Customer has no RFID card assigned and cardholder is disabled
    • Solution: Assign a dummy RFID card or contact ACT365 support about enabling cardholders without physical cards
  3. App not refreshed: Door list hasn’t updated after access was granted
    • Solution: Customer should pull down to refresh the door list in the app
Possible causes:
  1. Door action not configured: Door controller is set to “Nothing” instead of a check-in action
    • Solution: Configure the door controller action in Settings > Integrations > ACT365
  2. Event processing disabled: Setting ACT365.DoNotProcessEvents is enabled
    • Solution: Ensure this setting is disabled in your business settings
  3. Sync delay: Background task runs every 12 minutes
    • Solution: Wait up to 12 minutes for the next event sync cycle
Cause: Your ACT365 API credentials have expired or are incorrect.Solution:
  1. Verify your username and password in the ACT365 admin portal
  2. Reconnect the integration with updated credentials
  3. Check that your ACT365 account has API access enabled
  4. Contact ACT365 support if credentials are correct but connection fails

Monitoring Integration Errors

Nexudus monitors your access control integration and alerts you to any issues that need attention.

Business Checkup Dashboard

Access control integration errors are displayed on the Business Checkup page:
  1. Go to Home > Important Items in the dashboard, or
  2. Navigate directly to dashboard.nexudus.com/dashboards/checkup
  3. Look for the Access Control Integration tile
  4. If there are errors, the tile will be displayed in red

What Gets Flagged

  • Authentication failures: Expired credentials or invalid API tokens
  • Provisioning errors: Failed attempts to create or update customer access
  • Configuration issues: Missing or invalid cardholder group mappings
  • Synchronization problems: Delays or failures in updating access permissions
Each error includes:
  • The customer affected
  • The nature of the problem
  • When the error occurred
  • Suggested actions to resolve it
Nexudus automatically retries failed operations. If errors persist, check the Business Checkup page for detailed information and follow the suggested resolution steps.

Security Considerations

Data Shared with ACT365

When provisioning access, Nexudus shares the following information with ACT365:
  • Customer data: First name, last name, email address, mobile phone
  • External ID: Nexudus customer ID (used to link records between systems)
  • RFID cards: Card IDs from the Access Card ID field
Nexudus does not share:
  • Billing information
  • Payment details
  • Contract specifics (only cardholder group assignments)
  • Personal notes or custom fields

Credential Management

  • Physical cards: Managed entirely in ACT365; Nexudus only assigns cardholder groups
  • Mobile credentials: Nexudus triggers unlock commands but doesn’t handle credentials
  • User passwords: Never shared with Nexudus; authentication to ACT365 is handled by ACT365

Best Practices

Cardholder Group Organization

Create cardholder groups based on access levels, not products or plans:
  • Good: “24/7 Access”, “Business Hours”, “Meeting Rooms”, “Private Offices”
  • Avoid: “Hot Desk Plan”, “Dedicated Desk Plan” (these are billing products, not access types)
This approach lets you grant the same physical access through multiple plans.

Technical Details

API Architecture

  • Base URL: https://userapi.act365.eu/api/
  • Authentication: Resource Owner Password Credentials (username/password)
  • Token endpoint: https://userapi.act365.eu/api/account/login
  • Token type: Bearer token (stored in session)
  • Rate limiting: 30 requests per minute per username (semaphore-based across multiple servers)

Key Endpoints

  • Cardholders: /api/cardholder (GET, POST, PUT, DELETE)
  • Cardholder Groups: /api/cardholdergroup
  • Doors: /api/door
  • Door Groups: /api/doorgroup
  • Sites: /api/sites
  • Access Events: /api/logeventsofcategory?category=7&fromafter={date}&maxlimit=100
  • Doors for Cardholder: /api/doorsofcardholder?cardholderid={id}
  • Remote Unlock: POST /api/door with {Door: "{doorId}", Command: "Pass"}

Synchronization

  • Access updates: Debounced by 5 seconds per customer to batch rapid changes
  • Background task: Polls door events every 12 minutes for check-in tracking
  • Event query: Uses category=7 for access events, queries from lastEventDate + 1 second
  • Event limit: Maximum 100 events per request
  • Distributed locking: Prevents race conditions in multi-server deployments
  • User provisioning: Lazy creation on first inventory assignment
  • Cardholder updates: Created/updated/deleted as inventory changes
  • Access signature hashing: Prevents unnecessary API calls when access hasn’t changed

Site Assignment

  • Multi-site accounts: Cardholders assigned to “All sites” (Site ID 0)
  • Single-site accounts: Cardholders assigned to configured Site ID
  • Site ID setting: Act365.SiteId business setting

External IDs

  • Customers: ExternalID set to Nexudus coworker ID (integer)
  • Visitors: ExternalID set to NEXVIS-{visitorId}
  • Lookup: Cardholders retrieved via /api/cardholder?externalid={coworkerId}

Cardholder Model

{
  "CardHolderID": 12345,
  "ExternalID": "67890",
  "FirstName": "John",
  "LastName": "Doe",
  "Email": "john@example.com",
  "MobileNumber": "+1234567890",
  "CardholderGroups": [1, 2, 3],
  "Cards": ["123456", "789012"],
  "SiteId": 0,
  "Active": true
}

RFID Card Management

  • Card ID field: Comma-separated numeric IDs in AccessCardID field (up to 4 cards)
  • Non-numeric cards: Automatically filtered out
  • No cards: Cardholder disabled in ACT365 (mobile-only access via Nexudus Passport app)
  • Card assignment: Cardholder enabled for both physical and mobile access

Business Settings Reference

SettingPurpose
Act365.EnableIntegration enabled flag (“true”/“false”)
Act365.UsernameACT365 API username for authentication
Act365.PasswordACT365 API password for authentication
Act365.SiteIdSite ID for cardholder assignment
ACT365.DoNotProcessEventsDisable event processing (“true”/“false”)
ACT365.LastEventDateLast processed event timestamp (ISO 8601)
ACT365.Controller.Id_{doorId}.ActionCheck-in action per door (Nothing/CheckIn/CheckOut/Toggle)

Contract-Based Desk Access

  • Desk access determined by active contracts: coworker.ActiveContracts().SelectMany(x => x.Desks)
  • Team billing support: Customer receives access to desks in paying member’s contracts
  • Multi-site organizations: Access groups managed per site
  • Desk mapping: Each desk mapped to comma-separated cardholder group IDs

Access Update Logic

  1. Passes: Active passes from contracts + shared passes from paying member
  2. Check-ins: Passes from open check-ins (maintains access during session)
  3. Bookings: Resources with bookings starting within 15 minutes
  4. Booking guests: Resources from bookings where customer is a visitor
  5. Desks: Desks from active contracts (own + team billing)
  6. Cardholder groups: Aggregated list of unique group IDs
  7. Cardholder provisioning: Create/update cardholder with aggregated groups
  8. Card status: Enable if cards exist, disable if no cards (mobile-only)

Event Processing

  • Event category: 7 for access granted events
  • Event date format: dd/MM/yyyy HH:mm (e.g., “25/12/2024 14:30”)
  • Event retention: Events processed from lastEventDate, limited to last 24 hours if gap > 1 day
  • Pagination: Results returned in batches of 100
  • Check-in trigger: Only “Open” actions with matching door controller configuration

Error Handling

  • Authentication failures: Stored in business log entries
  • Provisioning errors: Automatic retry with exponential backoff
  • Business Checkup: Integration errors displayed on dashboard
  • Distributed locks: Prevent concurrent updates to same customer