Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • CACS - Coworking Access Control Sync - The core BSW product
  • ID File - Isonas's term for a person/user

Google Integration

  1. What permissions does Coworking Access Control Sync require from Google?
    List of Google OAuth Permissions

  2. Why does Coworking Access Control Sync require all of these permissions from Google?

  3. Calendar - CACS does not talk directly to Liquidspace.  Instead, it watches a Google Calendar (that you have LiquidSpace sync to) for booked reservations.
  4. Manage my email - In order to sidestep spam problems, when
    • View and manage my email
      When CACS emails the person that booked reservation with their badge info, it is desirable to use your facility's email address as the 'from address.'  This increases the likelihood that the user will recognize the email and reduces the chance of spam filters catching it.  In order to do that, CACS must authenticate to Google's SMTP servers.  Google provides a way for CACS to send email on your behalf without giving CACS your Google password.  The problem is, Google does not currently differentiate between giving CACS access to send email on your behalf and the permission to read your email.  See this link @ Google for more information.  Unfortunately, what this means is that for the moment, you just have to trust that we're not reading your email.  That is far from ideal and you shouldn't have to do that.  As soon as Google splits IMAP and SMTP OAuth scopes, we can change this.  In the meantime, we decided

  5. the tradeoff is worthwhile
    • that getting the badge code to your users with: a familiar from address, minimal SPAM potential, and without giving us your Google password was the best approach.

    • Know who you are on Google
      Required to obtain your username in order to send email using the approach noted above (SMTP/XOAUTH) 

    • View your email address
      We use this to populate the 'from address' on the emails mentioned above 

    • View your calendars
      CACS does not talk directly to Liquidspace.  Instead, it watches a Google Calendar (that you have LiquidSpace sync to) for booked reservations.

  6. How do I view what emails have been sent by CACS?

    • Emails sent to users will be visible in the 'sent mail' of the Google account you configure in the tool, just like ordinary emails.

Reservation Process

  1. When do Liquidspace users receive their badge code?

    • 48 hours before their reservations begin, the user receives an automated email (format is customized by you for your facility)
  2. How long does the shift and permission remain in Isonas after their reservation?

    • The first 8am time slot that comes around once 24 hours has passed since the end of their reservation.
    • Examples:
    • 1: User's reservation is from 7am to 7:30am on Tuesday. This will be cleaned up at 8AM on Wednesday.
    • 2: User's reservation is from 4PM to 5pm on Wednesday.  This will be cleaned up at 8AM on Friday.
  3. How does CACS setup a reservation start/end time in Isonas?

    • CACS creates a special group Isonas specifically for that user
    • CACS then creates a special shift and permission solely for that group that matches the reservation time
  4. What are the LSG and LS groups and shifts in my Isonas system?

    • Please see #3 above.  Please do not manually edit/delete these groups or shifts.
  5. How long does the user's ID File, badge, and group remain in Isonas after their reservation?

    • 30 days after their last reservation, the user, their badge, and all of their group memberships will be removed unless they have been added to an ignored group (see #4 below).
    • As long as the user books a reservation once every 30 days, their badge code will be the same (but it will only allow them in the facility during their reservations).
  6. What if a permanent member of my facility that already has a badge books a reservation in Liquidspace?

    • The configuration utility allows you to configure an Isonas group of people to ignore.  Every time a reservation is observed from a user in that group, CACS will ignore it completely.  For this to work, ensure the email addresses on your ID Files match those of your Liquidspace users.
  7. How does CACS associate email addresses with Isonas ID Files?

    • CACS uses the 'user defined fields' section of the ID File.  It currently uses up to 3 fields (based on the length of the email address), starting at 'Security Clearance'.
  8. What if an ID File already exists with an email address that matches the Liquidspace reservation?

    • If the user is not the ignored group, then the ID file will be used for the user's reservation and then managed according to the schedule noted in question 5 above.

System Requirements

  1. Why is a Windows PC required?

    • There is nothing inherent to CACS that needs Windows or .NET.  We chose .NET and Windows mainly because coworking facilities with Isonas Access Control already have a Windows PC there running the Crystal Matrix software.  Rather than add to the list of software platforms someone needs to keep up to date, we went with windows.

...

  1. Do you store my Google credentials?

    • CACS never sees your Google password.  We only see OAUTH tokens that grant us access to specific Google services (email, calendar data) that you participate in.
  2. How is my Isonas password and encryption key stored?

    • We work with the password and encryption key as .NET SecureString objects in memory.

    • When we store the SecureString objects, we encrypt the contents using a P/Invoke DPAPI call and then store the encrypted, base 64 encoded string in a .NET settings file.
  3. Can BSW Technology Consulting access my Isonas system?

    • No.  There is not currently any BSW service outside the firewall that can connect to your system.  Limited logging data for diagnostic purposes is sent to BSW Technology Consulting.

Backup/Local Storage

  1. What does CACS store on my machine and what should I backup?

    • CACS stores all of its data under the AppData\Roaming directory of the user you choose during the installation process.  For most installations, this will be C:\Users\bswcoworksync\AppData\Roaming\BSW Technology Consulting\Coworking Access Control Sync.  You should backup the entire directory.
    • venueinfo.db - This is a SQLite database that contains venue/room calendar settings, Isonas group settings, email templates, and keeps track of both current reservations and inactive reservations from the past 30 days.
    • isonas.config - This file contains your Isonas hostname, port, username, password (encrypted), and encryption key (encrypted).  If you ever need to reinstall CACS on a new machine, you will still need to run the configuration tool again to reset your password and encryption key.
    • google.api.config - This file contains the access token and client ID that ties your Google account to BSW Technology Consulting's Google account.  If you ever need to reinstall CACS on a new machine, you will still need to run the configuration tool again and re-authorize access to your Google account.
    • logs - Directory that contains information on what the sync tool does as reservations are processed.