Turn smartphones into access cards using Bluetooth or NFC. Two mobile credential systems are available: HID Mobile Access and PassFlow.
What Are Mobile Credentials?
Digital credentials stored on smartphones that unlock doors via Bluetooth Low Energy (BLE) or NFC. No physical card needed.
Benefits
Requirements
Two Mobile Credential Systems
DoorFlow supports two mobile credential platforms:
HID Mobile Access
What it is
When to use
PassFlow
What it is
When to use
Checking Your Mobile Credential Types
Request:
curl -X GET "https://api.doorflow.com/api/3/credential_types" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Response:
{
"credential_types": [
{
"id": 8,
"name": "HID Mobile Access",
"format": "mobile",
"description": "HID Mobile Access credential"
},
{
"id": 9,
"name": "PassFlow",
"format": "mobile",
"description": "PassFlow mobile credential"
}
]
}
Your account will show whichever system(s) your hardware supports.
Creating Mobile Credentials
When to Use Mobile Credentials
Best for
Not ideal for
Comparison: HID vs PassFlow
| Feature | HID Mobile Access | PassFlow |
| Setup complexity | More complex | Simpler |
| Hardware | HID-compatible readers | PassFlow-compatible readers |
| App ecosystem | HID's mobile app | PassFlow app |
| Enterprise features | Extensive | Standard |
| Integration | HID platform required | DoorFlow native |
| Best for | Large enterprises | Small to mid-size |
Choosing between them
Best Practices
Always Provide Backup Credentials
Phone batteries die. Always issue a backup credential:
# Issue mobile credential (primary)
POST /api/3/people/12345/credentials
{
"credential_type_id": 9,
"value": "passflow-id",
"enabled": true
}
# Issue PIN (backup)
POST /api/3/people/12345/credentials
{
"credential_type_id": 6,
"value": "******",
"enabled": true
}
Test Bluetooth Range
Before deploying mobile credentials:
- Test at each door location
- Verify reliable connection range
- Check for interference from metal doors, concrete walls
- Ensure readers are positioned for easy phone access
User Training
Mobile credentials require user education:
- How to install the mobile app
- How to present phone to reader
- What to do if phone is dead (use backup PIN)
- How to re-enroll if changing phones
Handle Device Changes
When users get new phones
# Disable old phone's credential
PUT /api/3/people/12345/credentials/cred_oldphone
{ "enabled": false }
# Issue new phone's credential
POST /api/3/people/12345/credentials
{
"credential_type_id": 9,
"value": "new-phone-passflow-id",
"enabled": true
}
Consider Accessibility
Not everyone can use smartphones:
- Some users don't have smartphones
- Some have accessibility needs that make phone use difficult
- Always offer alternative credential type (card or PIN)
Managing Mobile Credentials
Disabling Mobile Credentials
Temporarily disable without deleting:
curl -X PUT "https://api.doorflow.com/api/3/people/12345/credentials/cred_pf789" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"person_credential": {
"enabled": false
}
}'
Use cases
Re-enabling Mobile Credentials
curl -X PUT "https://api.doorflow.com/api/3/people/12345/credentials/cred_pf789" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"person_credential": {
"enabled": true
}
}'
Deleting Mobile Credentials
Permanently remove:
curl -X DELETE "https://api.doorflow.com/api/3/people/12345/credentials/cred_pf789" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Troubleshooting Mobile Credentials
Mobile credential not working at door
Check credential is enabled
GET /api/3/people/12345/credentials
Verify "enabled": true
Check person has group membership
GET /api/3/people/12345
Verify group_ids includes appropriate groups
Check Bluetooth is enabled on phone User must have Bluetooth enabled and mobile app running (may vary by platform)
Check reader compatibility Verify door reader supports mobile credentials (BLE/NFC capability)
Re-enroll device Sometimes re-enrolling in the mobile app solves connectivity issues
Common Questions
Do mobile credentials work when phone is offline?
A: Depends on the technology. Some Bluetooth credentials work offline for a limited time (credentials cached on reader). Consult HID/PassFlow documentation for specifics.
Can one person have multiple mobile credentials (multiple phones)?
A: Yes. Create separate mobile credentials for each device. Useful if user has work phone and personal phone.
What happens if phone battery dies?
A: Mobile credential won't work. This is why backup PINs are essential.
Do I need a mobile app to use mobile credentials?
A: Yes. HID Mobile Access requires HID's app. PassFlow requires PassFlow app. Users must install and enroll their device.
Can I see which device a person used in the events log?
A: Yes. Events show which specific credential was used, allowing you to distinguish between different devices.
How quickly do mobile credentials provision?
A: Very fast. Once the person enrolls their device in the mobile app and you issue the credential via API, access is typically granted within seconds.
Quick Reference
List credential types:
GET /api/3/credential_types
Create HID mobile credential:
POST /api/3/people/{person_id}/credentials
Body: {
"credential_type_id": 8,
"value": "hid-mobile-id",
"enabled": true
}
Create PassFlow credential:
POST /api/3/people/{person_id}/credentials
Body: {
"credential_type_id": 9,
"value": "passflow-id",
"enabled": true
}
Disable mobile credential:
PUT /api/3/people/{person_id}/credentials/{credential_id}
Body: { "enabled": false }
Required OAuth scope: account.person (write) or account.person.readonly (read)
Next Steps
Deep dive into HID Mobile Access
Need different credential types?
- [Card Credentials] - Physical access cards
- [PIN Credentials] - Keypad codes for backup