List Credential Profiles
Enterprise only
Only available for enterprise customers. Returns all credential profiles for the authenticated account.
Request
# Sign the payload
PAYLOAD="{}"
SIG=$(printf '%s' "$(echo -n "$PAYLOAD" | base64)" | openssl dgst -sha256 -hmac "$SHARED_SECRET" -hex | awk '{print $NF}')
# Send curl request
curl -X GET \
-H "X-ACCT-ID: $ACCOUNT_ID" \
-H "X-PAYLOAD-SIG: $SIG" \
--data-urlencode "sig_payload=$PAYLOAD" \
https://api.accessgrid.com/v1/console/credential-profiles
require 'accessgrid'
account_id = ENV['ACCOUNT_ID']
secret_key = ENV['SECRET_KEY']
client = AccessGrid::Client.new(account_id, secret_key)
profiles = client.console.credential_profiles.list
profiles.each do |profile|
puts "ID: #{profile.id}, Name: #{profile.name}, AID: #{profile.aid}"
end
import AccessGrid from 'accessgrid';
const accountId = process.env.ACCOUNT_ID;
const secretKey = process.env.SECRET_KEY;
const client = new AccessGrid(accountId, secretKey);
const listProfiles = async () => {
try {
const profiles = await client.console.credentialProfiles.list();
profiles.forEach(profile => {
console.log(`ID: ${profile.id}, Name: ${profile.name}, AID: ${profile.aid}`);
});
} catch (error) {
console.error('Error listing credential profiles:', error);
}
};
listProfiles();
from accessgrid import AccessGrid
import os
account_id = os.getenv('ACCOUNT_ID')
secret_key = os.getenv('SECRET_KEY')
client = AccessGrid(account_id, secret_key)
profiles = client.console.credential_profiles.list()
for profile in profiles:
print(f"ID: {profile.id}, Name: {profile.name}, AID: {profile.aid}")
package main
import (
"context"
"fmt"
"os"
"github.com/Access-Grid/accessgrid-go"
)
func main() {
accountID := os.Getenv("ACCOUNT_ID")
secretKey := os.Getenv("SECRET_KEY")
client, err := accessgrid.NewClient(accountID, secretKey)
if err != nil {
fmt.Printf("Error creating client: %v\n", err)
return
}
ctx := context.Background()
profiles, err := client.Console.CredentialProfiles.List(ctx)
if err != nil {
fmt.Printf("Error listing credential profiles: %v\n", err)
return
}
for _, profile := range profiles {
fmt.Printf("ID: %s, Name: %s, AID: %s\n", profile.ID, profile.Name, profile.AID)
}
}
using AccessGrid;
using System;
using System.Threading.Tasks;
public async Task ListProfilesAsync()
{
var accountId = Environment.GetEnvironmentVariable("ACCOUNT_ID");
var secretKey = Environment.GetEnvironmentVariable("SECRET_KEY");
var client = new AccessGridClient(accountId, secretKey);
var profiles = await client.Console.CredentialProfiles.ListAsync();
foreach (var profile in profiles)
{
Console.WriteLine($"ID: {profile.Id}, Name: {profile.Name}, AID: {profile.Aid}");
}
}
import com.organization.accessgrid.AccessGridClient;
import com.organization.accessgrid.model.CredentialProfile;
import java.util.List;
public class CredentialProfileService {
private final AccessGridClient client;
public CredentialProfileService() {
String accountId = System.getenv("ACCOUNT_ID");
String secretKey = System.getenv("SECRET_KEY");
this.client = new AccessGridClient(accountId, secretKey);
}
public void listProfiles() throws AccessGridException {
List<CredentialProfile> profiles = client.console().credentialProfiles().list();
for (CredentialProfile profile : profiles) {
System.out.printf("ID: %s, Name: %s, AID: %s%n",
profile.getId(),
profile.getName(),
profile.getAid());
}
}
}
<?php
require 'vendor/autoload.php';
use AccessGridClient;
$accountId = $_ENV['ACCOUNT_ID'];
$secretKey = $_ENV['SECRET_KEY'];
$client = new Client($accountId, $secretKey);
$profiles = $client->console->credentialProfiles->list();
foreach ($profiles as $profile) {
echo "ID: {$profile->id}, Name: {$profile->name}, AID: {$profile->aid}\n";
}
Response
[
{
"id": "a1b2c3d4e5f",
"aid": "F56401",
"name": "Main Office Profile",
"apple_id": "desfire_accessgrid_v1",
"created_at": "2025-01-15T12:00:00Z",
"card_storage": "4K EV1",
"keys": [
{ "ex_id": "00", "label": "Master", "keys_diversified": null, "source_key_index": null },
{ "ex_id": "01", "label": "Generic / Read", "keys_diversified": null, "source_key_index": null }
],
"files": [
{ "ex_id": "00", "file_type": "standard", "file_size": null, "communication_settings": "encrypted_with_mac", "read_rights": "read", "write_rights": "master", "read_write_rights": "master", "change_rights": "no-keys" }
]
},
{
"id": "f6e5d4c3b2a",
"aid": "ACCE55",
"name": "Warehouse Profile",
"apple_id": "accessgrid_kdf_desfire_v1",
"created_at": "2025-02-20T09:30:00Z",
"card_storage": "4K EV1",
"keys": [
{ "ex_id": "00", "label": "Master", "keys_diversified": false, "source_key_index": null },
{ "ex_id": "01", "label": "Generic / Read", "keys_diversified": true, "source_key_index": 0 },
{ "ex_id": "02", "label": "Privacy", "keys_diversified": true, "source_key_index": 0 }
],
"files": [
{ "ex_id": "00", "file_type": "standard", "file_size": null, "communication_settings": "encrypted_with_mac", "read_rights": "read", "write_rights": "master", "read_write_rights": "master", "change_rights": "no-keys" }
]
}
]
Create Credential Profile
Enterprise only
Only available for enterprise customers. Creates a new credential profile with DESFire keys for the authenticated account.
name
nullable string
All
Display name for the credential profile
app_name
nullable string
All
Application name enum. Must be "KEY-ID-main", "KEY-ID-alt", or "ag_main". Determines the app_id (KEY-ID variants use F56401, ag_main uses ACCE55). Defaults to "KEY-ID-main" if not provided
keys
array
All
Array of key objects, each containing a 32-character hex string value. KEY-ID-main and KEY-ID-alt require exactly 2 keys (Master, Generic / Read). ag_main requires exactly 3 keys (Master, Generic / Read, Privacy).
value
string
All
32-character hexadecimal key value (e.g. "6621fec0ffee15decafbab1ecd6abb11")
keys_diversified
nullable boolean
All
Whether this key uses key diversification. Defaults to nil if not provided
source_key_index
nullable integer
All
Index of the source key used for diversification (e.g. 0 for Master key). Only relevant when keys_diversified is true
file_id
nullable string
All
File identifier for the DESFire file configuration. Defaults to "00" if not provided
Request
# Build the JSON payload
JSON=$(cat <<EOF
{
"name": "Main Office Profile",
"app_name": "KEY-ID-main",
"keys": [
{"value": "your_32_char_hex_master_key_here"},
{"value": "your_32_char_hex__read_key__here"}
]
}
EOF)
# Sign the payload
SIG=$(printf '%s' "$(echo -n "$JSON" | base64)" | openssl dgst -sha256 -hmac "$SHARED_SECRET" -hex | awk '{print $NF}')
# Send curl request
curl -X POST \
-H "X-ACCT-ID: $ACCOUNT_ID" \
-H "X-PAYLOAD-SIG: $SIG" \
-H "Content-Type: application/json" \
-d "$JSON" \
https://api.accessgrid.com/v1/console/credential-profiles
require 'accessgrid'
account_id = ENV['ACCOUNT_ID']
secret_key = ENV['SECRET_KEY']
client = AccessGrid::Client.new(account_id, secret_key)
profile = client.console.credential_profiles.create(
name: 'Main Office Profile',
app_name: 'KEY-ID-main',
keys: [
{ value: 'your_32_char_hex_master_key_here' },
{ value: 'your_32_char_hex__read_key__here' }
]
)
puts "Profile created: #{profile.id}"
puts "AID: #{profile.aid}"
import AccessGrid from 'accessgrid';
const accountId = process.env.ACCOUNT_ID;
const secretKey = process.env.SECRET_KEY;
const client = new AccessGrid(accountId, secretKey);
const createProfile = async () => {
try {
const profile = await client.console.credentialProfiles.create({
name: 'Main Office Profile',
appName: 'KEY-ID-main',
keys: [
{ value: 'your_32_char_hex_master_key_here' },
{ value: 'your_32_char_hex__read_key__here' }
]
});
console.log(`Profile created: ${profile.id}`);
console.log(`AID: ${profile.aid}`);
} catch (error) {
console.error('Error creating credential profile:', error);
}
};
createProfile();
from accessgrid import AccessGrid
import os
account_id = os.getenv('ACCOUNT_ID')
secret_key = os.getenv('SECRET_KEY')
client = AccessGrid(account_id, secret_key)
profile = client.console.credential_profiles.create(
name='Main Office Profile',
app_name='KEY-ID-main',
keys=[
{'value': 'your_32_char_hex_master_key_here'},
{'value': 'your_32_char_hex__read_key__here'}
]
)
print(f"Profile created: {profile.id}")
print(f"AID: {profile.aid}")
package main
import (
"context"
"fmt"
"os"
"github.com/Access-Grid/accessgrid-go"
)
func main() {
accountID := os.Getenv("ACCOUNT_ID")
secretKey := os.Getenv("SECRET_KEY")
client, err := accessgrid.NewClient(accountID, secretKey)
if err != nil {
fmt.Printf("Error creating client: %v\n", err)
return
}
params := accessgrid.CreateCredentialProfileParams{
Name: "Main Office Profile",
AppName: "KEY-ID-main",
Keys: []accessgrid.KeyParam{
{Value: "your_32_char_hex_master_key_here"},
{Value: "your_32_char_hex__read_key__here"},
},
}
ctx := context.Background()
profile, err := client.Console.CredentialProfiles.Create(ctx, params)
if err != nil {
fmt.Printf("Error creating credential profile: %v\n", err)
return
}
fmt.Printf("Profile created: %s\n", profile.ID)
fmt.Printf("AID: %s\n", profile.AID)
}
using AccessGrid;
using System;
using System.Threading.Tasks;
public async Task CreateProfileAsync()
{
var accountId = Environment.GetEnvironmentVariable("ACCOUNT_ID");
var secretKey = Environment.GetEnvironmentVariable("SECRET_KEY");
var client = new AccessGridClient(accountId, secretKey);
var profile = await client.Console.CredentialProfiles.CreateAsync(new CreateCredentialProfileRequest
{
Name = "Main Office Profile",
AppName = "KEY-ID-main",
Keys = new[]
{
new KeyParam { Value = "your_32_char_hex_master_key_here" },
new KeyParam { Value = "your_32_char_hex__read_key__here" }
}
});
Console.WriteLine($"Profile created: {profile.Id}");
Console.WriteLine($"AID: {profile.Aid}");
}
import com.organization.accessgrid.AccessGridClient;
import com.organization.accessgrid.model.CredentialProfile;
import com.organization.accessgrid.model.CreateCredentialProfileRequest;
import com.organization.accessgrid.model.KeyParam;
import java.util.List;
public class CredentialProfileService {
private final AccessGridClient client;
public CredentialProfileService() {
String accountId = System.getenv("ACCOUNT_ID");
String secretKey = System.getenv("SECRET_KEY");
this.client = new AccessGridClient(accountId, secretKey);
}
public CredentialProfile createProfile() throws AccessGridException {
CreateCredentialProfileRequest request = CreateCredentialProfileRequest.builder()
.name("Main Office Profile")
.appName("KEY-ID-main")
.keys(List.of(
new KeyParam("your_32_char_hex_master_key_here"),
new KeyParam("your_32_char_hex__read_key__here")
))
.build();
CredentialProfile profile = client.console().credentialProfiles().create(request);
System.out.printf("Profile created: %s%n", profile.getId());
System.out.printf("AID: %s%n", profile.getAid());
return profile;
}
}
<?php
require 'vendor/autoload.php';
use AccessGridClient;
$accountId = $_ENV['ACCOUNT_ID'];
$secretKey = $_ENV['SECRET_KEY'];
$client = new Client($accountId, $secretKey);
$profile = $client->console->credentialProfiles->create([
'name' => 'Main Office Profile',
'app_name' => 'KEY-ID-main',
'keys' => [
['value' => 'your_32_char_hex_master_key_here'],
['value' => 'your_32_char_hex__read_key__here']
]
]);
echo "Profile created: {$profile->id}\n";
echo "AID: {$profile->aid}\n";
Response
{
"id": "a1b2c3d4e5f",
"aid": "F56401",
"name": "Main Office Profile",
"apple_id": "desfire_accessgrid_v1",
"created_at": "2025-01-15T12:00:00Z",
"card_storage": "4K EV1",
"keys": [
{ "ex_id": "00", "label": "Master", "keys_diversified": null, "source_key_index": null },
{ "ex_id": "01", "label": "Generic / Read", "keys_diversified": null, "source_key_index": null }
],
"files": [
{ "ex_id": "00", "file_type": "standard", "file_size": null, "communication_settings": "encrypted_with_mac", "read_rights": "read", "write_rights": "master", "read_write_rights": "master", "change_rights": "no-keys" }
]
}