About cardholder and identity relationships
Depending on the type of systems you want to integrate in Genetec ClearID™, you can choose to manage your cardholders and credentials manually or use ClearID to manage them automatically.
For cardholders that aren’t created by ClearID, ClearID doesn’t initially know which identity the cardholder belongs to. In this situation, ClearID finds different cardholder fields, identifies relationships, and associates them with the correct corresponding identities in the ClearID system.
- Global unique identifier (GUID)
- When our system
creates a
cardholder, we use the same GUID as the identity to create it.Tip: You can find the GUID in the identity record URL for a ClearID user.
Where 139e92cd-44b9-427e-8727-bf7681ef0a8d is the GUID.https://demo.clearid.io/techdoc/organization/identities/139e92cd-44b9-427e-8727-bf7681ef0a8d
- Email address
- If the business email is the same as the cardholder email.
- External ID
- This field is an external identifier for creating identities in ClearID using the identity service API. The ClearID plugin creates this field in Security Center as a custom field for cardholders.
Scenario 1: Automatically manage cardholders and credentials
Select the Genetec ClearID: Cardholder and credential changes are synchronized back to Security Center radio button when you have a Security Center system and you want ClearID to create and manage your cardholders and credentials.
For example, a customer has a new Security Center system that is deployed without any cardholders or credentials already defined. By installing the ClearID plugin and adding access to identities, the corresponding cardholders and credentials are populated in the Security Center system and are automatically synchronized.
Scenario 2: Manually manage cardholders and credentials
Select the Security Center: Cardholders and credentials in ClearID are read-only radio button when you want ClearID to use existing cardholders and credentials without managing their state. In this situation, ClearID has access to Security Center cardholders and credentials in read-only mode because you want ClearID to know about your cardholders and credentials, but you never want ClearID to modify them.
- If the Genetec ClearID: Cardholder and credential changes are synchronized back to Security Center radio button isn’t selected when they add their systems, none of the cardholders or credentials information is modified or synchronized. Cardholders and credentials must be created and synchronized using other solutions. For example, Lightweight Directory Access Protocol (LDAP), Global Cardholder Synchronizer role, import plugins, and so on.
- If the Security Center system is already synchronized with an LDAP, they should synchronize ClearID with the same LDAP source.