HID Origo API
origo.hidglobal.com · Security
HID Global's cloud credential management platform — issue, manage, and revoke mobile access credentials (digital keys) to iOS and Android devices. Integrates with virtually all HID-enabled access control systems. REST API, partner program required.
Authentication
OAuth2
OAuth2 Client Credentials flow. Partner API credentials required — apply at developer.hidglobal.com.
Sample Requests
POST
Issue a mobile credential
Issue a mobile access credential to a user's device.
https://api.hidglobal.com/v1/endpoints
Hover any highlighted part to learn what it does
Headers — extra info sent with the request
| Content-Type | application/json |
| Authorization | Bearer YOUR_TOKEN |
Request Body — data you're sending
{
"endpointId": "mobile-device-uuid",
"credentialId": "cred-123"
}
curl -X POST "https://api.hidglobal.com/v1/endpoints" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"endpointId":"mobile-device-uuid","credentialId":"cred-123"}'import requests
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_TOKEN"
}
data = {
"endpointId": "mobile-device-uuid",
"credentialId": "cred-123"
}
response = requests.post(
"https://api.hidglobal.com/v1/endpoints",
headers=headers,
json=data,
)
print(response.json())const url = 'https://api.hidglobal.com/v1/endpoints';
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_TOKEN'
},
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
"endpointId": "mobile-device-uuid",
"credentialId": "cred-123"
}),
});
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"bytes"
"encoding/json"
)
func main() {
targetURL := "https://api.hidglobal.com/v1/endpoints"
jsonData, _ := json.Marshal({"endpointId":"mobile-device-uuid","credentialId":"cred-123"})
req, _ := http.NewRequest("POST", targetURL, bytes.NewBuffer(jsonData))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer YOUR_TOKEN")
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.hidglobal.com/v1/endpoints")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Post.new(uri)
req["Content-Type"] = "application/json"
req["Authorization"] = "Bearer YOUR_TOKEN"
req["Content-Type"] = "application/json"
req.body = "{\"endpointId\":\"mobile-device-uuid\",\"credentialId\":\"cred-123\"}"
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.hidglobal.com/v1/endpoints";
$opts = ["http" => [
"method" => "POST",
"header" => implode("\r\n", [
"Content-Type: application/json",
"Authorization: Bearer YOUR_TOKEN",
"Content-Type: application/json"
]),
"content" => json_encode({"endpointId":"mobile-device-uuid","credentialId":"cred-123"}),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- Apply for partner API access at developer.hidglobal.com
- OAuth2 Client Credentials: POST /oauth2/token to get access_token
- Set Authorization: Bearer YOUR_TOKEN
- Works with HID readers, Seos cards, and mobile credentials
- Full API docs and sandbox available after partner onboarding