AI agents and automation overview
If you are building an AI agent, integration script, or retrieval pipeline around physical access, OpenApp exposes the same capabilities through several surfaces. Pick the one that matches who runs the code and how much typing you need.
This guide is for developers and agent authors automating doors, gates, guest access, intercom flows, and building operations — not for end users operating the dashboard alone. For sector context (hotel vs apartment vs campus), see Access control model by sector.
Surfaces at a glance
Section titled “Surfaces at a glance”| Surface | Best for | Auth | Notes |
|---|---|---|---|
| HTTP API | Any language, curl proofs, codegen | API key (Authorization: Bearer or X-API-Key) | Canonical contract; see API reference and OpenAPI JSON. |
| Official SDKs | Production services in Python, Rust, Go, TypeScript | API key on client | Shared core for Python/Rust/Node; see SDK overview. |
| OpenApp Scripting | Bulk provisioning, CI, repeatable building setup | Scripting API + org context | Rhai DSL; see Scripting reference. |
| MCP (read-only tools) | Cursor / Claude Desktop discovery | API key via env | MCP server setup |
Decision guide
Section titled “Decision guide”Use the HTTP API directly when you need a minimal dependency, are generating a client from OpenAPI, or are proving connectivity before adding an SDK.
Use an SDK when you want typed models, consistent retries and errors, and maintainable integration code in a supported language.
Use OpenApp Scripting when you are provisioning many integrations, devices, or policies in one shot (campus rollouts, scripted demos, migration jobs).
Plan for MCP when the consumer is an interactive coding agent that should discover orgs, entities, and actions through tools rather than reading raw OpenAPI.
Safety and policy
Section titled “Safety and policy”Physical actions (switchable.open, public portal open, invite execute) have real-world effects. Automations should:
- Require explicit entity or invite identifiers — never guess ids.
- Respect org policies and roles; use
X-Orgwhere the API requires organization context. - Prefer human confirmation for unlock actions in agent UIs unless policy explicitly allows unattended automation.
- Log correlation ids from
ApiErrorResponsefor support and audit follow-up.
See Build an agent that controls physical access for a concrete setup path.
Task guides
Section titled “Task guides”| Goal | Guide |
|---|---|
| Time-bound guest / rental access | Create a time-bound guest invitation via API |
| Virtual intercom at the door | Virtual intercom — directory, call, unlock |
| PMS / SIS / IWMS / VRMS bridge | Integrate OpenApp with your existing software |
| Apartment delegation | Delegate apartment resident management |
| PalGate gate / garage | Open a gate with PalGate Cloud |
| Home Assistant bridge | Bridge Home Assistant entities |
| Audit / compliance signals | Query access and audit activity |
| Locker / parcel release | Release a locker compartment |
| MCP server (Cursor) | MCP server setup |
| First door open | Open the door with the HTTP API |
Machine-readable index
Section titled “Machine-readable index”Crawlers and RAG pipelines can start from llms.txt on the docs site (scoped index) or openapp.house/llms.txt for the full product narrative.