You configure the Passport service, adding HID Global Origo setting and C•CURE setting details in the Hub Services console. After the Passport service is configured, you enable Passport in Hub Services.

Configure Passport Service with HID Origo Management Portal Integration Settings

You can configure Passport as a production or non-production instance. Select Non-production when you are setting up a Passport service in a preview environment or for other non-production purposes. Select Production to deploy the Passport service in the Workspace ONE Intelligent Hub app to all users.


Make sure that you have the required HID Origo SaaS Tenant configuration settings.

  • Client ID and Client Secret. OAuth credentials generated in the Origo portal. These settings are used to authorize the connection from the Hub Passport service.
  • Application ID. The unique Origo tenant ID.
  • Part Number. The active part number with the subscription type reference. The part number is used to confirm that there are available mobile user licenses.


  1. Navigate to the Hub Services console Home page.
  2. Click Passport and select Yes for Configure Passport?
  3. Enter the HID Origo Client ID, Client Secret, App ID, and Part Numbers.
  4. Test the connection.

Configure C•CURE Settings


Make sure that you have the required C•CURE system configuration settings.

  • Server URL of the C•CURE system
  • C•CURE Operator profile administrator user name and password to authenticate API access
  • Client name to identify the Passport service integrating with C•CURE
  • Mapped custom values in the C•CURE system to Passport service to set up access to doors and enable or disable both physical and digital badges.
    • Employee email address database field name. This is the custom field used to look up users by email address. For example, Text4.
    • Smart ID. Smart ID is used by the BLE (Bluetooth low energy) reader,
    • CHUID. Enter the cardholder unique identifier card format for CHUID. This is the system-generated cardholder unique ID sent to the panel.
    • Facility Code. Used to specify the facility code for user badges. The Standard Credential field is optional for Facility Code.
    • Card Authentication Key (CAK) Issuer.
    • Product Authorization Key (PAK) Issuer.


  1. Click C•CURE Configuration on the Passport page and enter the C•CURE system configuration details.
  2. In the form, enter the following.
    Option Description
    Client Name Default is Passport. You do not need to change this unless there is a different internal naming convention preferred.
    Server URL If using a reverse proxy, enter the public URL. For example, If no reverse proxy, enter the URL of the C•CURE system.
    Username Enter the operator profile administrator user name that can authenticate to the C•CURE service. This name follows the Windows domain/username format.
    Password Enter the password associated with the operator profile administrator user name.
    Employee Email Address Database Field Name Enter the custom field in C•CURE used to look up users by email address. For example, Text4.
    Smart ID Enter the desired identifier for the Smart ID used for the Bluetooth handshake, for instance AA.
    CHUID Enter the desired format for CHUID. For instance, 0.
    Facility Code Enter the desired identifier for Facility Code. For instance, 5878.
    CAK issuer Enter the desired value for CAK Issuer. If none is known, provide a default value of null.
    PAK issuer Enter the desired value for PAK Issuer. If none is known provide a default value of null.
  3. Enable Hub Passport.
  4. Click Save.

    One version of the Passport services can be configured in Hub Services and you can enable Passport at the global level. You can also enable the Passport service in templates. You can disable Passport as a global feature and assign Passport to specific templates. Assigning Passport to templates, lets you manage the groups who can access the Passport service. See Using Hub Templates to Set Up Different Workspace ONE Intelligent Hub Experiences for Users (Cloud Only).