A Series One Time Code (OTC)

A Series One Time Code (OTC) API

This describes the resources that make up the Sargent and Greenleaf A Series One Time Code (OTC) API.

  1. Overview
  2. Technician Login
  3. API Methods

Overview

A Series One Time Code (OTC) API is an application that serves as a middleware between LMS API and the Technician Mobile Application. Its primary role is to validate the technician's time while accessing LMS API methods if it falls to the defined Access Schedules in the database. This also has a web application that can manage Administrators and Technicians and view Audit Trails, System Status, ATMs, and Locks.

Technician Login


How To Get Started


  1. Login Technician

    This request will output the AccessToken that will be used in your request header upon calling API methods.

    POST https://entertainment-experts-acg-sg.azurewebsites.net/technician/login
    Request Information:

    Body Parameters

    LoginTechnicianRequest

    NameDescriptionTypeAdditional information
    Username

    Technician Username

    		 string

    Required
    Password

    Technician Password

    		 string

    Required
    MACAddress

    Device MACAddress

    		 string

    Required
    Request Formats

    Formats

    {
  "Username": "user",
  "Password": "password",
  "MACAddress": "00:26:37:17:3C:71"
}

    <LoginTechnicianRequest xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/SaG.OTC.API.Models.Requests">
  <Password>password</Password>
  <Username>user</Username>
  <MACAddress>MACAddress</MACAddress>
</LoginTechnicianRequest>

    Username=your-user-name&Password=your-password&MACAddress=your-mac-address
    Response Information:

    This will output both AccessToken and TechnicianId.


    LoginTechnicianResponse

    NameDescriptionTypeAdditional information
    Header

    Login technician response message header.

    		 ResponseHeader

    None.
    Body

    Login technician response message body.

    		 LoginTechnicianResponseBody

    None.
    Response Formats

    Formats

    {
  "Header": {
    "Message": "Successful",
    "StatusCode": 200,
    "Status": "Ok",
    "ErrorId": null
  },
  "Body": {
    "AccessToken": "ernaewziibp6rueoncgkrg5zvtsj0rtr",
    "TechnicianId": "9999999"
  }
}

    <AuthCodeResponse xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/SaG.OTC.API.Models.Responses">
  <Body>
    <AccessToken>ernaewziibp6rueoncgkrg5zvtsj0rtr</AccessToken>
    <TechnicianId>9999999</TechnicianId>
  </Body>
  <Header>
    <ErrorId i:nil="true" />
    <Message>Successful</Message>
    <Status>Ok</Status>
    <StatusCode>200</StatusCode>
  </Header>
</LoginTechnicianResponse>

    Code Samples

    $.ajax({               
	type: 'post',
        url: https://entertainment-experts-acg-sg.azurewebsites.net/technician/login,
        data: {
               Username: "ASeriesTech",
               Password: "locks",
               MACAddress: "00:26:37:17:3C:71"
        },				
        dataType: 'json',
    	success: function (data) {
            var AccessToken = data.Body.AccessToken;
            var TechnicianId = data.Body.TechnicianId;
        },
	error: function(status){
    	    alert('Technician login failed.');
	}
});

    $http({
	url: https://entertainment-experts-acg-sg.azurewebsites.net/technician/login,
	method: 'POST',
	data: {
               Username: "ASeriesTech",
               Password: "locks",
               MACAddress: "00:26:37:17:3C:71"
	      },
	})
	.success(function(response){
		 var AccessToken = response.Body.AccessToken;
         var TechnicianId = response.Body.TechnicianId;
       })
	.error(function(){
		 alert('Technician login failed.');
});

  2. Using the AccessToken in the request header.

    The access_token from Step 1 allows you to make requests to the API on behalf of the technician.

    You can pass this token in the Authorization header of each API method calls as shown below.

    {
    Authorization: accessToken
}

API Methods

Access

API user access methods

MethodAPIDescription
POST admin/login/auth_code

Authorization code request endpoint. Returns an authorization code that can be exchanged with an access token.
POST admin/login/access_token

Access token request endpoint. Returns a usable access token that can be used to access the API.
POST admin/logout

Kills the client access token. Making it unusable.
POST technician/login

Login technician.
POST technician/logout

Kills the client access token. Making it unusable.
POST technician/change_password

Change technician password.
POST verify_connection

Verify that the host and port number is accissible online. INPUTS==> host, port RETURN==> boolean

AccessSchedule

MethodAPIDescription
GET GET_ACCESS_SCHEDULE/{id}

No documentation available.
POST EDIT_ACCESS_SCHEDULE

No documentation available.

Administrator

MethodAPIDescription
POST BROWSE_ADMINISTRATOR

No documentation available.
POST ADD_ADMINISTRATOR

No documentation available.
GET GET_ADMINISTRATOR/{id}

No documentation available.
POST EDIT_ADMINISTRATOR

No documentation available.
POST DELETE_ADMINISTRATOR/{id}

No documentation available.

Atm

AtmController

MethodAPIDescription
POST BROWSE_ATM

This function will return a list of all available ATMs in the database.

AuditTrail

MethodAPIDescription
POST BROWSE_AUDIT_TRAIL

Retrieves all of the audit trail records from the database. The list of records returned will be filtered by NumberOfHoursBackwardForShowingAuditTrail and NumberOfAuditTrailRecordsToShow being set in the web config file.
POST BROWSE_AUDIT_TRAIL_WITH_FILTER

Retrieves all of the audit trail records from the database. The list of records returned will be filtered by NumberOfHoursBackwardForShowingAuditTrail and NumberOfAuditTrailRecordsToShow being set in the web config file. Result is filtered by NumberOfHoursBackwardForShowingAuditTrail and NumberOfAuditTrailRecordsToShow from web config settings.

Device

Device Controller

MethodAPIDescription
GET device/get/{id}

Get the Device record of the speicified device id.
POST device/register

Register a new device.
POST device/update

Update Device record.
POST device/delete/{id}

Delete registered device.
POST device/browse

Browse all registered devices.
POST device/is_registered

Check to see if the device has already been registered in the system.

ErrorMessage

ErrorMessage Controller

MethodAPIDescription
GET GetErrorMessage

Get the error message record for the specified error code.

Lock

Lock Controller

MethodAPIDescription
POST BROWSE_LOCK

No documentation available.

OperationCodes

Operation Codes Inquiry methods

MethodAPIDescription
POST OPEN_LOCK_NOW

Generate an operation code that can be used to open a lock, using the current date/time for the start date/time of the operation code. INPUTS==> TECHNICIAN ID, ATM ID, USER ID. RETURN==> OPERATION CODE (open lock)
POST RESET_TAMPER_NOW

Generate an operation code that can be used to reset a tamper condition, using the current date/time for the start date/time of the operation code. INPUTS==> TECHNICIAN ID, ATM ID, USER ID. RETURN==> OPERATION CODE (reset tamper)
POST RESET_USER_KEY_NOW

Generate an operation code that can be used to reset a touch key, using the current date/time for the start date/time of the operation code. INPUTS==> TECHNICIAN ID, ATM ID, USER ID. RETURN==> OPERATION CODE (reset user key)
POST CLOSE_CODE_VIA_LOCK_ID

Close an active operation code. INPUTS==> TECHNICIAN ID, LOCK ID, OPERATION CODE, RESULT (0, F, Z). RETURN==> no returned value
POST CLOSE_CODE_VIA_A_SEAL

Close an active operation code using the A Seal value. INPUTS==> TECHNICIAN ID, USER ID, A SEAL VALUE. RETURN==> (result)
POST RETURN_ACTIVE_OPERATION_CODES

Return all active operation codes for the technician or lock. INPUTS==> LOCK ID (optional), EMPLOYEE_ID RETURN==> (result)

Registration

Registration Controller

MethodAPIDescription
POST registration/add_available_registrations

Update tblSystem's TotalRegistrationsAvailable value.
GET registration/statistics

Retreive Device registration statistics.
POST registration/lock

Lock registration page for Adminstrator account
POST registration/validate_confirmation_code

Validate confirmation code
POST registration/is_account_locked

Check if account is locked
POST registration/unlock

Unlock registration page for Adminstrator account
POST registration/generate_registration_request_number

No documentation available.
POST registration/generate_unlock_request_number

No documentation available.
POST registration/has_available_registrations

Check to see if the system has available mobile registrations.

Result

Result API methods.

MethodAPIDescription
GET GET_RESULT_DESCS

Return a list of all of the result descriptions.

SystemInfo

System information API methods

MethodAPIDescription
GET SystemInfo

Return the system information for the API setup.
POST CheckVersionUpdate

Check version update.

Technician

MethodAPIDescription
POST technician/browse

No documentation available.
POST technician/add

No documentation available.
POST technician/import

No documentation available.
GET technician/get/{id}

No documentation available.
POST technician/edit

No documentation available.
POST technician/delete/{id}

No documentation available.

Utilities

Utilities Controller

MethodAPIDescription
GET GET_TIMEZONES

Get Time Zones.
GET GET_SYSTEM_INFO

Return the system information for the API setup.
© 2025 Sargent and Greenleaf