> ## Documentation Index
> Fetch the complete documentation index at: https://learn.nexudus.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Salto KS

> Connect Nexudus with Salto KS cloud-based access control system to automate door access and manage Eloxx smart lockers based on plans, passes, bookings, and desk assignments

# Salto KS Integration

## Overview

Salto KS (formerly known as Salto Space) is a cloud-based access control platform that provides flexible, wire-free smart locks with mobile and RFID access capabilities. The Nexudus integration with Salto KS automates credential provisioning and access group assignments based on customer contracts, passes, bookings, and desk assignments. It also includes full support for **Salto Eloxx (Gantner) smart lockers**, enabling customers to reserve and unlock lockers directly from the Nexudus Passport app.

### Key Features

* **Cloud-based management**: Manage access from anywhere through Salto's web platform
* **OAuth authentication**: Seamless connection without API keys - just connect and authorize
* **Mobile access**: Customers can use mobile keys through the Salto app integrated with Nexudus Passport
* **Wire-free installation**: Battery-powered smart locks with no wiring required
* **Automatic provisioning**: Access is granted and revoked automatically based on plan changes, bookings, and pass assignments
* **Locker management**: Full support for Salto Eloxx (Gantner) smart lockers with self-service reservations and remote unlock
* **Visitor support**: Time-limited credentials for visitors with automatic expiry
* **Check-in tracking**: Use door unlock events to automatically check customers in/out
* **Multi-site support**: Manage multiple Salto sites from a single Nexudus location
* **RFID card support**: Traditional access cards with tag number assignments
* **Group-based permissions**: Map your inventory (passes, resources, desks) to Salto access groups

### Integration Type

**Cloud-based** — Salto KS operates entirely in the cloud with battery-powered smart locks.

### Capabilities

| Feature                    | Supported  | Notes                                                                             |
| -------------------------- | ---------- | --------------------------------------------------------------------------------- |
| **Pass-based access**      | ✅ Yes      | Primary access mechanism via pass-to-group mapping                                |
| **Plan-based access**      | ✅ Indirect | Plans grant access through the passes they include                                |
| **Resource-based access**  | ✅ Yes      | Temporary access during bookings with 15-min lead time                            |
| **Desk/unit-based access** | ✅ Yes      | Contract-based access with team billing support                                   |
| **Visitor access**         | ✅ Yes      | Time-limited credentials with access group assignment                             |
| **Booking guest access**   | ✅ Yes      | Customers added as booking guests can access spaces during booking windows        |
| **Check-in tracking**      | ✅ Yes      | Lock unlock events trigger automatic check-ins/check-outs                         |
| **Mobile app access**      | ✅ Yes      | Salto mobile keys via Nexudus Passport app integration                            |
| **Remote door unlock**     | ✅ Yes      | Unlock supported via remote access and mobile keys                                |
| **RFID card support**      | ✅ Yes      | Traditional access cards with tag number management                               |
| **PIN code sync**          | ❌ No       | PIN codes are generated by Salto and cannot be set from Nexudus                   |
| **Locker management**      | ✅ Yes      | Full support for Salto Eloxx/Gantner smart lockers with self-service reservations |

## How It Works

### Access Control Model

Salto KS uses a **site users and groups** model:

1. **Sites**: Each physical location is a separate site in Salto (you can have multiple sites)
2. **Site Users**: Each customer is created as a site user with their email, name, and optional RFID tag
3. **Access Groups**: Permissions are organized into groups (e.g., "24/7 Access", "Meeting Room A")
4. **Locks**: Individual smart locks at doors controlled through the cloud platform
5. **Credentials**: Users receive mobile keys, RFID tags, or both to access doors

When a customer should have access (based on their plan, passes, or bookings), Nexudus:

* Creates or updates their Salto site user profile
* Assigns them to the appropriate access groups
* Provisions credentials (mobile key or RFID tag)
* Updates or revokes access when contracts change

### Multi-Door Support

Salto KS uses **access groups** to grant permissions to multiple locks. Instead of mapping each lock individually:

1. In Salto, create an access group (e.g., "Coworking Space Access")
2. Add the relevant locks to that group in Salto
3. In Nexudus, map your pass/resource/desk to that access group
4. Customers with that pass automatically get access to all locks in the group

<Note>
  You must configure which locks belong to each access group in the Salto platform. Nexudus assigns customers to groups, but the lock-to-group mapping is managed in Salto.
</Note>

### Mobile Access Integration

Customers can use the Salto app to unlock doors using their smartphone. The integration works seamlessly with the Nexudus Passport app:

* When a customer signs in to Nexudus Passport, they can connect their Salto account
* Mobile keys are automatically provisioned based on their Nexudus access
* Customers can unlock doors directly from the Salto app on their device
* Mobile access follows the same rules as physical cards (based on passes, bookings, and contracts)

## Prerequisites

Before connecting Nexudus to Salto KS, ensure you have:

1. **Active Salto KS account** with administrator access
2. **Salto site configured** with smart locks installed and online
3. **Access groups created** in Salto for different access levels (e.g., 24/7 access, business hours only)
4. **Nexudus location configured** with plans, passes, and resources

<Note>
  **No API keys required!** Unlike other integrations, Salto KS uses OAuth for authentication. You simply click "Connect" and sign in to your Salto account. The integration is activated automatically as part of the authorization flow.
</Note>

## Configuration

### Step 1: Connect to Salto

1. In the Nexudus dashboard, go to **Settings > Integrations**
2. Find **Salto** in the list and expand the settings
3. Toggle **Enable Salto integration** to ON
4. Click **Connect** button
5. You'll be redirected to Salto's login page
6. Sign in with your Salto administrator credentials
7. Grant Nexudus permission to access your Salto account
8. You'll be redirected back to Nexudus

Once connected, Nexudus can read your Salto sites, locks, and access groups. The connection is maintained through OAuth tokens and will automatically refresh.

<Note>
  The connection process uses secure OAuth 2.0 authentication. Your Salto credentials are never stored in Nexudus - only secure access tokens that can be revoked at any time from your Salto account.
</Note>

### Step 2: Select Your Site

If you have multiple Salto sites:

1. From the **Site** dropdown, select the site that corresponds to this Nexudus location
2. Click **Save** to apply the selection
3. The page will reload showing the locks and access groups for the selected site

<Warning>
  After changing the selected site, you **must save and reload the page** before continuing with the rest of the configuration. The locks and groups displayed are specific to the selected site.
</Warning>

<Note>
  If you have multiple locations in Nexudus and multiple sites in Salto, you can map each Nexudus location to a different Salto site. Configure the integration separately for each location.
</Note>

### Step 3: Configure Presence Tracking (Optional)

Salto can trigger automatic check-ins when customers unlock specific locks.

1. In the **Presence Tracking** section, you'll see all locks from your Salto site
2. For each lock, choose an action:
   * **Nothing**: Lock access is tracked in Salto but doesn't affect Nexudus presence
   * **Check In**: Unlocking this lock checks the customer in
   * **Check Out**: Unlocking this lock checks the customer out
   * **Toggle**: Unlocking switches between checked in and checked out

**Common scenarios:**

* Set the main entrance lock to **Check In**
* Set the exit lock to **Check Out**
* Set internal locks to **Nothing** (access granted but doesn't affect presence)

**How it works:**

* When a customer unlocks a door using their RFID tag, mobile key, or remote unlock, Salto sends an event to Nexudus
* Based on your configuration, Nexudus automatically checks them in, out, or toggles their presence
* The customer is identified by their RFID tag number or email address
* Events are processed in near real-time (typically within seconds)

<Note>
  Check-in tracking works with access via RFID tags, mobile keys, and remote unlock methods. The system matches customers by their tag number or email address registered in both systems.
</Note>

### Step 4: Map Passes to Access Groups

Passes are the primary way customers receive access in Nexudus. Each pass can be mapped to a Salto access group.

1. In the **Passes** section, you'll see all passes configured for this location
2. For each pass, select the Salto **Access Group** that customers should be assigned to when they hold that pass
3. Leave blank if a pass should not grant physical access

**How it works:**

* When a customer has an active contract on a plan that includes passes, they automatically receive those passes
* If the pass is mapped to a Salto group, the customer is added to that group in Salto
* When the pass expires or is consumed, access is revoked
* Time-limited passes (e.g., day passes with validity windows) automatically grant and revoke access at the appropriate times

**Example mapping:**

| Pass Name           | Salto Access Group | Purpose                            |
| ------------------- | ------------------ | ---------------------------------- |
| 24/7 Access Pass    | 24/7 Members       | Round-the-clock building access    |
| Business Hours Pass | Business Hours     | Access only during operating hours |
| Meeting Room Pass   | Meeting Rooms      | Access to meeting room zones       |

<Warning>
  Plans are **not** directly mapped to access groups. Instead:

  1. Plans include passes via the plan configuration
  2. Passes are what get mapped to access groups
  3. When a customer starts a contract on a plan, they receive the passes included in that plan
  4. Those passes then grant the associated Salto access
</Warning>

### Step 5: Map Resources to Access Groups

Resources (meeting rooms, event spaces, etc.) can require specific access permissions for bookings.

1. In the **Resources** section, you'll see all resources configured for this location
2. For each resource, select the Salto **Access Group** required to access that space
3. Leave blank if resource bookings should not grant physical access

**How it works:**

* When a customer books a resource, Nexudus grants them access 15 minutes before the booking starts
* Access is automatically revoked when the booking ends
* If the booking is cancelled, access is removed immediately
* Booking guests also receive the same access for the booking duration

**Example mapping:**

| Resource Name     | Salto Access Group | Purpose                            |
| ----------------- | ------------------ | ---------------------------------- |
| Conference Room A | Meeting Room A     | Access to specific meeting room    |
| Event Space       | Event Hall         | Access to event space for bookings |
| Private Office    | Private Offices    | Access to private office area      |

<Note>
  Resource-based access is temporary and booking-specific. A customer only receives access during their booking window (plus the 15-minute lead time), even if they don't hold a general access pass.
</Note>

### Step 6: Map Desks/Units to Access Groups

Floor plan desks and units can grant access to specific areas when included in a customer's contract.

1. In the **Desks/Units** section, you'll see all desks from your floor plans
2. For each desk, select the Salto **Access Group** required to access that area
3. Leave blank if desk assignments should not grant physical access

**How it works:**

* When a desk is added to a customer's contract, they receive access to the mapped access group
* Access is granted when the contract starts and revoked when it ends
* **Team billing support**: If a customer uses team billing (merged billing), they also receive access to desks included in the paying member's contracts

**Example mapping:**

| Desk/Unit Name        | Salto Access Group     | Purpose                                   |
| --------------------- | ---------------------- | ----------------------------------------- |
| Private Office #101   | Private Office Floor 1 | Access to first-floor private office area |
| Dedicated Desk Zone A | Desk Area A            | Access to dedicated desk zone A           |
| Studio #5             | Studio Access          | Access to individual studio unit          |

<Warning>
  Desk access is based on **contract assignments**, not direct desk bookings. Customers must have the desk included in an active contract to receive access. Ad-hoc desk bookings (if using desk booking) do not automatically grant Salto access.
</Warning>

### Step 7: Configure Visitor Access (Optional)

Salto supports time-limited credentials for visitors.

1. Toggle **Create visitor PIN codes** to ON
2. In the **Visitor Group** dropdown, select the Salto access group that visitors should receive
3. Visitors can be assigned to only one group (unlike customer access which can span multiple groups)

**How visitor access works:**

* When a visitor is registered in Nexudus with an expected arrival time, Nexudus creates a temporary site user in Salto
* The visitor is assigned to the selected visitor access group
* **PIN code generation**: Salto automatically generates a unique PIN code for the visitor, which Nexudus retrieves and includes in the check-in notification sent to the visitor
* Access automatically expires:
  * **Guest on a booking**: Access is revoked when the booking ends
  * **Regular visitor**: Access expires at midnight (location's time zone) on the arrival date
* When the visitor is marked as departed or deleted, their Salto credentials are removed immediately
* Visitors can use the Salto-generated PIN code, mobile keys, or RFID tags depending on how you provision their credentials

<Note>
  Visitors can also be added as **guests on bookings**. When a customer adds a guest to a meeting room booking, the guest receives access to the resource's mapped access group, limited to the booking time window.
</Note>

### Step 8: Save Configuration

1. Review all mappings to ensure they're correct
2. Verify access group names match your Salto system
3. Click **Save** to apply the configuration
4. Nexudus will immediately start provisioning access for customers based on the new mappings

## How Access is Managed

### When Access is Granted

Nexudus automatically grants Salto access when:

1. **Contract starts**: Customer begins a contract on a plan → receives passes included in that plan → assigned to corresponding Salto access groups
2. **Pass activated**: Customer receives a pass directly (not via a contract) → assigned to the mapped Salto access group
3. **Booking created**: Customer books a resource → granted access to resource's group 15 minutes before booking start time
4. **Desk added to contract**: Desk is added to an active contract → customer receives access to the desk's mapped access group
5. **Booking guest added**: Non-customer is added as a guest on a booking → granted access to resource's group for the booking duration
6. **Visitor registered**: Visitor is added with expected arrival date → receives access to visitor group

### When Access is Revoked

Nexudus automatically revokes Salto access when:

1. **Contract ends or cancelled**: Customer loses passes from that contract → removed from corresponding Salto access groups
2. **Pass expires**: Pass validity ends or usage is consumed → removed from mapped Salto access group
3. **Booking ends or cancelled**: Booking time expires or is cancelled → access to resource's group is removed
4. **Desk removed from contract**: Desk is removed from contract → access to desk's group is revoked
5. **Customer deactivated**: Customer account is deactivated → all Salto access removed
6. **Visitor departed**: Visitor is marked as departed or deleted → Salto credentials removed

### Access Update Timing

* **Immediate updates**: Contract changes, pass assignments, and customer deactivations trigger access updates within seconds
* **Booking lead time**: Booking access is granted 15 minutes before the booking start time and revoked 15 minutes after the booking ends
* **Background processing**: Access updates are queued in background jobs to handle high volumes efficiently
* **OAuth token refresh**: Access tokens are automatically refreshed to maintain continuous connectivity

<Note>
  If a customer should have access but doesn't, check the connection status and verify the site selection. The Business Checkup page will show any integration errors.
</Note>

## RFID Card Management

Salto supports traditional RFID access cards in addition to mobile keys. To assign cards to customers:

1. Go to **Operations > Customers**
2. Select the customer
3. In their profile, enter the card tag number in the **Access Card ID** field
4. Separate multiple cards with commas: `123456,789012,345678`
5. Save the customer profile

**Card behavior:**

* **No card or mobile key**: Site user exists in Salto but cannot unlock doors (no credentials)
* **Card assigned**: Customer can use physical RFID card to unlock doors
* **Mobile key**: Customer can use the Salto app on their smartphone to unlock doors
* **Both assigned**: Customer can use either physical card or mobile app
* **Card removed**: Physical card access is revoked (site user and mobile access remain)

**Card numbering:**

* Card IDs are stored in Salto's `tag_number` field on the site user record
* Card IDs should match the format expected by your Salto system
* The same card number can be used across different sites if needed

<Note>
  Customers can have both RFID cards and mobile keys simultaneously. This provides flexibility for customers who prefer physical cards but want the convenience of mobile access.
</Note>

### PIN Code Limitations

<Warning>
  **PIN codes are managed by Salto only.** Unlike some other access control systems, Salto does not allow PIN codes to be set externally. If you have a PIN code configured in a customer's Nexudus profile, it will **not** be synced to Salto. Salto generates its own PIN codes automatically when needed, which cannot be customized or overridden through the API.

  For visitors, however, Salto generates a PIN code automatically when the visitor is created, and Nexudus retrieves this PIN and includes it in the check-in notification sent to the visitor.
</Warning>

## Locker Management (Salto Eloxx/Gantner)

Salto KS includes support for **Salto Eloxx** (also known as Gantner) smart lockers. These battery-powered electronic lockers integrate seamlessly with the Salto access control system, allowing customers to reserve, unlock, and release lockers directly from the Nexudus Passport app.

### Overview

The Salto Eloxx locker integration provides:

* **Automatic locker sync**: Lockers and locker groups are automatically imported from Salto into Nexudus
* **Self-service reservations**: Customers can browse available lockers and reserve them through the Nexudus Passport app
* **Remote unlock**: Customers can unlock their reserved locker remotely from the app
* **Audit trail**: All locker actions (reserve, unlock, release) are logged with timestamps and customer details
* **Push notifications**: Customers receive notifications when they successfully unlock a locker
* **Real-time availability**: View which lockers are available, occupied, or offline

### How Locker Management Works

#### Locker Sync Process

When you connect to Salto, Nexudus automatically:

1. **Retrieves locker groups** from your Salto site
2. **Creates resources** in Nexudus for each locker group (one resource per group)
3. **Creates floor plan desks** for each individual locker within the groups
4. **Syncs locker status** (available, occupied, online/offline)

**Locker hierarchy:**

```
Salto Locker Group → Nexudus Resource → Floor Plan → Individual Lockers (as Floor Plan Desks)
```

Each locker group in Salto becomes:

* A **Resource** in Nexudus with a special locker designation
* A **Floor Plan** containing all lockers in that group
* Individual **Floor Plan Desks** representing each physical locker

<Note>
  Lockers are automatically synced when you first connect the Salto integration. To refresh locker data after adding new lockers in Salto, use the **Sync Salto Eloxx Locker data** button in Settings > Integrations > Salto.
</Note>

#### Locker Reservation Flow

1. **Customer browses available lockers** in the Nexudus Passport app
   * Only lockers the customer has permission to book are displayed
   * Availability is shown in real-time
2. **Customer reserves a locker** by selecting it from the list
   * The locker is assigned to the customer
   * Reservation timestamp is recorded
3. **Customer unlocks the locker** using the "Unlock" button in the app
   * Salto Eloxx lock receives the unlock command
   * Customer receives a push notification confirming the unlock
4. **Customer releases the locker** when finished
   * Locker is unassigned and becomes available for others
   * Release action is audited

### Configuration

#### Step 1: Enable Locker Integration

The locker integration is automatically enabled when you:

1. Connect to Salto KS using OAuth
2. Select a site that has Salto Eloxx lockers installed

No additional configuration is needed - lockers are detected and synced automatically.

#### Step 2: Sync Locker Data

After connecting Salto:

1. Go to **Settings > Integrations**
2. Find the **Salto** integration
3. Click **Sync Salto Eloxx Locker data** button
4. Wait for the sync to complete

This will:

* Create a special resource type called "Salto Eloxx Lockers"
* Import all locker groups as resources
* Create floor plans for each locker group
* Import individual lockers as floor plan desks

<Note>
  The sync is also triggered automatically when you first connect the integration. You only need to manually sync if you add new lockers in Salto after the initial connection.
</Note>

#### Step 3: Configure Locker Permissions

Lockers are linked to **Resources** in Nexudus, which means you can control who can book them using standard resource permissions:

1. Go to **Settings > Resources**
2. Find the resources created for your locker groups (they'll have the locker group name from Salto)
3. Edit each resource to configure:
   * **Visibility**: Control whether the resource appears in the Passport app
   * **Booking permissions**: Set which customer types or plans can book these lockers
   * **Pricing**: Optionally charge for locker usage (per hour, per day, etc.)
   * **Advance booking**: Set how far in advance lockers can be reserved

**Common permission configurations:**

* **All active customers**: Set "Can be booked by" to all customer types
* **Specific plans only**: Restrict booking to customers with certain passes or plans
* **Free vs. paid**: Some locker groups can be free for members, others charged for guests

### Troubleshooting Lockers

<AccordionGroup>
  <Accordion title="Lockers not appearing in Nexudus after connection">
    **Possible causes:**

    1. **Lockers not synced**: The initial sync didn't run or failed
       * **Solution**: Go to Settings > Integrations > Salto and click "Sync Salto Eloxx Locker data"

    2. **No Eloxx lockers in Salto**: Your Salto site doesn't have Eloxx lockers configured
       * **Solution**: Verify in Salto that you have Eloxx locker groups and lockers set up

    3. **Wrong site selected**: The Nexudus location is connected to a different Salto site
       * **Solution**: Verify the selected site has the Eloxx lockers you're expecting
  </Accordion>

  <Accordion title="Customer can't see any available lockers">
    **Possible causes:**

    1. **Resource not visible**: The locker resource is set to hidden
       * **Solution**: Go to Settings > Resources and ensure the locker resource has "Visible" enabled

    2. **No booking permission**: Customer doesn't have permission to book the locker resource
       * **Solution**: Edit the resource and configure "Can be booked by" to include the customer's type or plan

    3. **All lockers occupied**: There are no available lockers in the group
       * **Solution**: Check the floor plan to see if all lockers are assigned, or release some lockers

    4. **Lockers offline**: All lockers in the group have lost connectivity
       * **Solution**: Check Salto to verify locker status and connectivity
  </Accordion>

  <Accordion title="Unlock command not working">
    **Possible causes:**

    1. **Locker offline**: The specific locker has lost connection to Salto
       * **Solution**: Check the locker's battery and connectivity in Salto system

    2. **Not the locker owner**: Someone else reserved the locker
       * **Solution**: Customer can only unlock lockers they have reserved

    3. **OAuth token expired**: The Salto connection needs to be refreshed
       * **Solution**: Reconnect the Salto integration from Settings > Integrations

    4. **Network connectivity**: Temporary network issue between Nexudus and Salto
       * **Solution**: Retry the unlock after a few moments
  </Accordion>

  <Accordion title="Locker stuck as occupied after customer finished">
    **Possible causes:**

    1. **Customer didn't release**: Customer closed the app without releasing the locker
       * **Solution**: Admin can manually release the locker by editing the floor plan desk and removing the customer assignment

    2. **Release failed**: The release action didn't complete successfully
       * **Solution**: Check the audit log for errors, then manually release as admin
  </Accordion>

  <Accordion title="New lockers added in Salto not appearing in Nexudus">
    **Possible causes:**

    1. **Sync not run**: Nexudus doesn't automatically detect new lockers
       * **Solution**: Go to Settings > Integrations > Salto and click "Sync Salto Eloxx Locker data" to import the new lockers
  </Accordion>
</AccordionGroup>

## Mobile Access Setup

### For Administrators

To enable mobile access for your customers:

1. Ensure Salto integration is connected and configured
2. Verify that access groups are properly mapped to passes, resources, and desks
3. Customers will be automatically provisioned as site users in Salto when they receive access

### For Customers

Customers can set up mobile access through the Nexudus Passport app:

1. Download the Nexudus Passport app (iOS or Android)
2. Sign in with their Nexudus credentials
3. Navigate to the access control section
4. Connect to Salto by authorizing their account
5. Their mobile key is automatically provisioned based on their Nexudus access
6. Use the Salto app to unlock doors

**Mobile key features:**

* Real-time access updates based on passes, bookings, and contracts
* Access is automatically revoked when contracts end or passes expire
* Multiple devices can be registered per customer

## Troubleshooting

<AccordionGroup>
  <Accordion title="Customer has an active contract but can't access doors">
    **Possible causes:**

    1. **Pass not mapped**: The passes included in the customer's plan are not mapped to any Salto access groups
       * **Solution**: Go to Settings > Integrations > Salto and select an access group for the relevant passes

    2. **Wrong site selected**: The Nexudus location is mapped to a different Salto site than where the customer's locks are located
       * **Solution**: Verify the selected site matches your physical location and locks

    3. **Access group no longer exists**: The selected access group was deleted from Salto
       * **Solution**: Select a different access group or recreate the group in Salto, then refresh the integration

    4. **Pass expired or inactive**: The customer's pass has expired or hasn't started yet
       * **Solution**: Check the customer's passes under their profile to verify validity windows

    5. **Site user not created**: The customer wasn't created in Salto
       * **Solution**: Check the Business Checkup page for integration errors, or manually trigger an update by editing and saving the customer's profile

    6. **Access group permissions**: The Salto access group exists but isn't assigned to any locks
       * **Solution**: In Salto, verify the access group includes the correct locks

    7. **No credentials**: Customer exists in Salto but has no RFID card or mobile key
       * **Solution**: Assign an RFID card in the customer's Access Card ID field, or have the customer set up mobile access

    8. **OAuth token expired**: The connection between Nexudus and Salto needs to be refreshed
       * **Solution**: Check the integration status. If disconnected, click "Connect" again to re-authorize
  </Accordion>

  <Accordion title="Integration shows as disconnected">
    **Possible causes:**

    1. **OAuth token expired**: Access tokens expire after a period of inactivity
       * **Solution**: Click the "Connect" button again and re-authorize your Salto account

    2. **Salto account changes**: Your Salto account password was changed or permissions were revoked
       * **Solution**: Reconnect the integration by clicking "Connect" and signing in again

    3. **Salto platform maintenance**: Temporary service disruption
       * **Solution**: Wait a few minutes and check the Salto status page, then reconnect if needed
  </Accordion>

  <Accordion title="Check-ins not working when customers unlock doors">
    **Possible causes:**

    1. **Lock not configured**: The lock action is set to "Nothing"
       * **Solution**: Go to Settings > Integrations > Salto > Presence Tracking and set the appropriate action (Check In, Check Out, or Toggle)

    2. **Customer identification failed**: Customer's RFID tag or email doesn't match between systems
       * **Solution**: Verify the customer's Access Card ID in Nexudus matches the tag\_number in Salto, or ensure their email addresses match

    3. **Events not being received**: Webhooks from Salto aren't reaching Nexudus
       * **Solution**: Check with Nexudus support to verify webhook configuration is correct

    4. **Customer already checked in**: The check-in action failed because the customer is already checked in
       * **Solution**: This is normal behavior - check-ins only succeed when the customer's state changes
  </Accordion>

  <Accordion title="Booking guests can't access the space">
    **Possible causes:**

    1. **Resource not mapped**: The resource isn't mapped to any Salto access group
       * **Solution**: Go to Settings > Integrations > Salto > Resources and select an access group for the resource

    2. **Guest not created in system**: Booking guest wasn't properly registered as a contact
       * **Solution**: Ensure the guest has a valid email address and contact record in Nexudus

    3. **Timing issue**: Guest is trying to access before the 15-minute lead time
       * **Solution**: Access is granted 15 minutes before the booking starts - ask the guest to wait

    4. **Guest has no credentials**: Guest doesn't have an RFID card or mobile access
       * **Solution**: Assign an access card or have the guest set up mobile access through their contact profile
  </Accordion>

  <Accordion title="Mobile access not working for customers">
    **Possible causes:**

    1. **Customer hasn't authorized Salto**: The customer needs to connect their Salto account through Nexudus Passport
       * **Solution**: Direct the customer to the Nexudus Passport app to authorize the Salto integration

    2. **Mobile key not provisioned**: The customer's mobile device isn't registered in Salto
       * **Solution**: Have the customer open the Salto app and complete the device registration process

    3. **Access not synced**: The customer's mobile app hasn't synced recent access changes
       * **Solution**: Ask the customer to open the Salto app and pull to refresh their access permissions

    4. **Offline mode**: Customer is trying to unlock without prior sync
       * **Solution**: Mobile keys work offline after initial sync, but the customer needs internet connection for the first sync
  </Accordion>

  <Accordion title="Changes to pass mappings not taking effect">
    **Possible causes:**

    1. **Settings not saved**: Changes were made but not saved
       * **Solution**: Click the "Save" button at the bottom of the integration settings

    2. **Background job delay**: Access updates are processed asynchronously
       * **Solution**: Wait a few minutes for the background job to process the changes

    3. **Site not selected**: You changed mappings before selecting a site
       * **Solution**: Ensure a site is selected from the dropdown, then review and save the mappings again
  </Accordion>

  <Accordion title="Visitor access not working">
    **Possible causes:**

    1. **Visitor PIN codes not enabled**: The feature is toggled off
       * **Solution**: Go to Settings > Integrations > Salto and toggle "Create visitor PIN codes" to ON

    2. **No visitor group selected**: A visitor access group hasn't been chosen
       * **Solution**: Select a Salto access group from the "Visitor Group" dropdown

    3. **Visitor hasn't arrived yet**: Access hasn't started
       * **Solution**: Visitor access begins at the expected arrival time - wait until then

    4. **Visitor access expired**: Access was time-limited and has ended
       * **Solution**: Regular visitors lose access at midnight on their arrival date. Re-register for a new visit or mark as departed and re-add

    5. **No credentials provisioned**: Visitor doesn't have a way to unlock doors
       * **Solution**: Provision an RFID card or mobile key for the visitor through their contact profile
  </Accordion>
</AccordionGroup>

## Best Practices

### Access Group Organization

* Create separate access groups for different zones (e.g., "Lobby", "Coworking Floor 1", "Private Offices")
* Use descriptive names that make it clear what area each group grants access to
* Document which locks belong to each group in Salto
* Review and update access group mappings when you add new locks

### Pass Mapping Strategy

* Map general membership passes to broad access groups (e.g., "24/7 Access")
* Map specialized passes to restricted areas (e.g., "Meeting Room Pass" → "Conference Rooms")
* Use time-based passes for temporary access needs (e.g., "Day Pass" with validity window)
* Avoid mapping too many passes to the same group unless they represent the same level of access

### Resource and Desk Mapping

* Map resources to the most specific access group needed (don't over-grant access)
* Consider that booking guests will receive the same access as the resource grants
* Map desks to access groups that cover common areas plus the specific desk location
* For team billing, ensure desk access groups cover areas that team members need

### Mobile Access Rollout

* Educate customers on how to set up mobile access through Nexudus Passport
* Provide clear instructions in your welcome emails and onboarding materials
* Offer RFID cards as a backup option for customers who prefer physical credentials
* Monitor adoption rates and provide support for customers who have trouble connecting

### Monitoring and Maintenance

* Regularly check the Business Checkup page for integration errors
* Review access logs in Salto to ensure access is being granted and revoked properly
* Test the integration periodically with a test customer account
* Keep your Salto access groups organized and documented
* Verify the OAuth connection is active - reconnect if the integration shows as disconnected

### Security Considerations

* Review who has administrator access to both Nexudus and Salto
* Audit access group assignments periodically to ensure customers have appropriate access
* Remove access immediately when customers leave or contracts are terminated
* Use mobile access for enhanced security (can be revoked instantly, no lost cards)
* Monitor check-in tracking for unusual patterns that might indicate security issues

<Note>
  Regular audits of access permissions help maintain security and ensure customers only have the access they need based on their current contracts and passes.
</Note>

## Additional Resources

* [Salto KS Documentation](https://saltosystems.com) - Official Salto platform documentation
* [Nexudus Passport App](/apps/passport) - Mobile app for customer access
* [Access Control Overview](/platform/access-control) - General access control concepts in Nexudus
* [Pass Management](/platform/billing/passes) - How to configure passes in Nexudus
* [Resource Bookings](/platform/spaces/resources) - Managing bookable resources
