[WORKING] Attendance with Biometric Integration through API

Dear Community,

I am Posting as how I done this.There is not much in ERPNext SIde as well

  • First I written a whitelisted method with guest access enabled that can be access by
    http://yourhostname.com/api/method/dotted.path.to.method

  • in that method I am getting params returned from API by the Vendor

  • it has following params:
    userid
    att_type
    att_time

  • Based on the user I am marking attendance in ERPNext with in and out time.

3 Likes

@hereabdulla @revant_one
I am buying essl x990 as its supported device and also it has webhook.
Also it support ClockIt Time https://clockit.io which we can integrate further.

Any other device suggestion are welcome, as my first step is to get right device with api support.

@kolate_sambhaji @revant_one @hereabdulla we desire the best

@kolate_sambhaji

just explain your proposal and I found clockit costly what is benefit ??

1 Like

@hereabdulla my proposal is to use device which has web api feature and some open source app to integrate it, so everyone can use ERPNext attendance and HR module.

clock is client specific, so if there is any open source app, we will try open source first.

Hello Olamide,

Are you in Nigeria? If yes, can we communicate on fone? Am in lagos Nigeria

Also, whats the update of the volunteer sheet we filled as regards review and dev of modules? Has it been cancelled?

Thanks @hereabdulla for bringing the CAMS support here.

I am Rana, part of CAMS. I can help you folks for integrating your biometric machines with ERPNext. We offer various plug and play biometric devices that can be integrated with the ERPNext. The devices needs just LAN with internet support or WIFI/GPRS with internet support.

As per the specification, You need to just expose an POST URL handling parameters to handle the machine id, user id, attendance time and check in/out status. The URL will be associated with the machine. Then, every time a attendance gets registered in the machine, the associated URL will be called instantly. You can find the more details about how to integrate the biometric machine?, at http://camsunit.com/application/biometric-web-api.html

You can also use existing biometric machines to connect with ERPNext directly. Very limited models from eSSL, ZKTeco, BioMax, Identix, and etc, are supported other than CAMS products, So, please write to sales@camsunit.com with your existing biometric machine details and check if they can be supported

@ranadheeran Happy that you are part of the CAMS and part of the community.Can i use CAMS for other purpose than for attendance marking.Assuming i want a customer/student that has been created in the erpnext to be displaced on the computer screen with his account details including his balance and picture when he finger print.Or can scanner or other device achieves this
I just have a project with a school.They want at the entrance to the school or at Library or at the time of entry to the exam hall,they want to verify student payment status.They want student financial status/picture display on the large computer screen (erpnext open on it) on scanning or fingerprinting or swiping on a device that is connected to the School Application(ERPnext).
Thanks
@revant_one Sir your opinion will be highly valued.Thanks

1 Like

It’s possible. You can use frappe.publish_realtime() to show pop-up or page when the endpoint gets called.

refer:

Concerns :

@frappe.whitelist(allow_guest=True) will allow you to bypass Authorization but it’s a little bit insecure as anyone could send data to this method You cannot configure anything about headers?

https://discuss.frappe.io/t/doubt-in-rest-api/44/10?u=revant

what it means is, if your employee or student knows to make a post request with right parameters to the whitlisted endpoint, they can bypass bio-metric device and make a post request directly.

Workaround:
restrict request from specific IP(s)
https://discuss.frappe.io/t/doubt-in-rest-api/44/15?u=revant
Not as secure if someone manages to spoof IP

Hello @Fred1, thanks for the welcome note.

You can achieve what you have described with our machines+WebAPI support. The tricky part is, while a student gives the thumb impression, your server will be called. Once you received the data, you need to display the details on the screen which is client area.

Thanks @revant_one, you have covered this tricky part as stated below:

Also, you (@revant_one) have pointed out the important security issue in the RESTful method calls, as below:

As a solution, We, as CAMS, supports the APIKEY. While availing the API support from CAMS, you need to share us the some random Alpha-Numeric word (max len: 64), which would be sent back along with other parameters (refer: API Documentation) to the API call back. You can change the APIKEY any time, if you feel the key is not secured enough. Now every time your end point is called, you can validate the key and make sure that the call is not from bot or anonymous.

PS: Since you are controlling the client page from the server, you will have a limitation that, if the same client page is opened in the multiple screens, then all the client page will display the same student details. So you need to make sure that, the particular client page has been displayed at only one screen. To avoid this, you need to handle it better with logged in user id, machine id and other possible parameters…

Hope this helps.
Thanks.
Rana

@ranadheeran

kindly list supported model most of the customers they already installed the same so if their model supports we can directly go for implementation and is there any possible to directly work through Local LAN instead of connecting through your server because if internet is down either in your server or in my server,user dont know whether their attendance is marked or not

Thanks @hereabdulla.

All the products listed at http://camsunit.com/product are supported by the Web API. The products are covering RFID support, fingerprint support, and face recognition support. All of our machines are running through internet. So running through local network is not available with us.

Machine will have capacity of maintaining the attendance logs if it cannot communicate with the server. Also if your server is down, our data server will try to connect you for every 30 secs. once your server is up, then every attendance will be posted to your server. At any cost, data loss will not be there.

If you are already using biometric machines that you are looking for integrating with your server, please refer How to integrate 3rd party biometric machines such eSSL/ZKTeco/Identix/BioMax/etc with your website directly. Few non-CAMS brand models are supported. Write to sales@camsunit.com sharing your machine details, and check if they can be supported.

Thanks
Rana

why my data and api calls needs to go through your server? do you guys provide on premise software so the machine can talk directly to my server?

Probably slightly off-topic (as this device doesn’t have any API), but still can be interesting: RaspiReader: build your own fingerprint reader - Raspberry Pi
Cost-effective open source fingerprint reader, based on Raspberry Pi (total cost is claimed as $160).
3D models for housing and Python code for operation: GitHub - engelsjo/RaspiReader: 3D models and code for building your own fingerprint reader

@ganas, current version of machines are working in the mentioned way. There are various products are in R&D. Hopefully, in upcoming years we may get more exciting products…

Hi guys! This is some interesting stuff.

I am looking for something pretty much like that, but without data going through an external server.

Does anybody have recommendations for a face scanning device that could be used with ERPNext that does not rely on an external server?

Thanks!

Hi Ranadheeran,

You have mentioned your device supports facial recognition. With what accuracy does it recognise a person based on face/pictures alone? What I mean is that is your device accurately identifying a person based on this facial recognition alone or does the facial recognition work in tandem with some other feature say fingerprint etc. to correctly identify someone?

The reason I am asking is we are looking to integrate this kind of a device (that uses face recognition alone) to the attendance module on ERPNext

Thanks,
Pragnya

Hello @Pragnya, Your question is well appreciated. All of our machines are built with detecting the fake inputs. Machines will calculate the angles between eyes and ears. This means that machine will be able to differentiate and photo of the face and the real face. So you can use our machines safely. The face machines are listed at Buy Biometric Time Attendance and Access Control System With Web API or Online SDK | Cams Biometrics

Machine guarantees 99.99% accuracy of identifying the same face and rejecting the difference face but looks same.

Thank you Ranadheeran for your response. How do we procure your device and the SDK?