Customization and Integration


Single Sign-On (SSO) and OperationsCommander - What do you need to Consider?

Single Sign-On (SSO) offers a streamlined and secure way for your organization's users to access OPS-COM. Instead of managing separate usernames and passwords for OPS-COM, users can log in once using their existing company or institutional credentials, gaining seamless access to various services, including OPS-COM. This simplifies the login experience and enhances overall security.

What is Single Sign-On (SSO)?

At its core, SSO is about simplifying access. Imagine having one key that opens multiple doors. With SSO, that key is your single set of login credentials (username and password) that grants you access to various online applications and websites. Many organizations use SSO to provide their employees or members easy and consistent access to all their digital tools. When OPS-COM is integrated into your SSO system, your users can access our services without needing to create or remember another distinct account.

How SSO Works in a Simple Way

SSO acts like a central gatekeeper for your online services:

  1. You Request Access: When you try to log into an online tool or website (like your work email or a school portal), the system recognizes it's an SSO-enabled service.
  2. Redirection to SSO: Instead of asking for your username and password directly, the website sends you to a dedicated SSO service – a trusted system specifically designed to handle logins for all your integrated applications.
  3. Your Single Login: On this SSO service page, you'll enter your username and password. This is the only time you'll need to enter these details to access multiple integrated services.
  4. Verification: The SSO service checks your login information. Once it confirms your identity, it creates a secure, temporary "digital pass" or token.
  5. Return to OPS-COM: This "digital pass" is securely sent back to OPS-COM (or the original application you wanted to access).
  6. Access Granted: OPS-COM recognizes and trusts this "digital pass," allowing you to immediately access your account and start using the system without any further login prompts.
Why Organizations Use SSO

Key Considerations Before Setting Up SSO with OPS-COM

Implementing SSO requires planning and coordination to ensure it aligns with your organization's specific needs and security protocols.

Our Client Success team is ready to guide you through these important considerations and help tailor the SSO setup for your organization's success and seamless operation.


Custom Development Expectations

Planning & Scope

For clients wishing to pay for custom development, it is critical that a well thought out scope is developed with your Account Executive (AE). If you are designing the scope with the AE we consider you the project lead for your organization. It is important to provide us with workflow documentation, explanations of the problem you are trying to solve with your custom development and your ideal end result. There are 2 areas you need to consider:

Goals - What are You trying to do?

What is the end goal or specific outcome you want. For example, you may wish to simplify the user experience or issue violations more efficiently.  Provide us with as much detail as possible.

Requirements

Clearly, define all the processes you want in a step by step description. The following is a brief example:

Our development team needs to understand the objectives to design you the best solution. It is not necessary to dictate the solution just to define the end result. Try to assume that you are explaining this to a person that doesn't understand any of the processes and are reading about this for the first time. Your scope documents will be supplied to Development through the Project Manager. You may get questions back that need to be answered before we can proceed. You may also get redirection in the plan so that the solution flows better than originally scoped. 

Shared Development

If the custom development requested is deemed to be of enough benefit to other clients, the OPS-COM team may propose a reduced development rate or a shared development plan. In some cases, your account executive will be aware of other clients that may be interested in crowd-sourcing this development.

Testing

Your completed project will be deployed to your preview (testing) environment after internal testing is complete. We expect you to review the project to ensure you are happy with the way it is functioning and give us the OK to deploy it to Production.  We expect that you will do the testing within 2 weeks of the deployment to Preview. If your testing takes longer than that, additional charges can be incurred and you may lose your spot in the schedule.  

Out of Scope Items

Despite best efforts, sometimes something gets overlooked when scoping the project. These items will be considered Out of Scope and may cost additional time and money. Your Account Executive will work with you to develop new scope around these items and a new quote will be issued for the additional work.

Supported Browsers, Handhelds and Printers

Supported Browsers

OperationsCommander recognizes that our users may use various Internet Browsers when working with our system. We aim for all visitors to have the best possible experience while using OPS-COM, however, we do recognize that it is impossible to develop applications that work identically, efficiently and effectively on all web browsers. We make best efforts to support support the latest versions of Internet Explorer, Firefox, Chrome and Safari browsers. 

Mobile Devices and Tablets

This site supports browsing from most Mobile or Tablet devices. Content is sized and displayed based on the screen resolution and other display attributes of your device. 


OPS-COM for Android

The ViolationAdmin component provides in-field remote data access from mobile devices and smartphones.  Using an Android handheld and a Bluetooth printer creating tickets for parking infractions is quick and easy. Site patrols sync enforcement and parking data to the system through cellular or Wi-Fi networks. With this remote technology, the system can apply validation rules moments after a user makes a permit purchase on the cloud-based user portal or connected remote devices.

Minimum Handheld Requirements

Not all Tablets or Mobile devices are supported for use with OPS-COM for Android as processing power and camera functions may vary.  They must have at least the requirements listed below. Before committing to a device for use with OPS-COM for Android you are encouraged to perform your own testing to ensure you are happy with the perform on your preferred device. 

OPS-COM no longer supports versions of the Android operating system lower than 7.  Clients with devices that do not support at least version 7 will continue to function, however, you will not be able to download this or future versions of OPS-COM for Android. This means you cannot take advantage of new functionality in future releases.  


LTE/4G or better required if connecting with cellular providers and WIFI is not available (required for data sync)

Supported Bluetooth Printers 

The following Bluetooth printer models are supported. Other models and makes may require custom development to support them. Please provide the models you are interested in purchasing prior to proceeding.  The printer must use 3" printer rolls in order to be compatible with our layout design. 
Printer Model
  • Star Micronics SM-T300-DB50 3" Portable Printer or equivalent
  • Star Micronics SM-T301-DB50 Portable Printer with Magnetic Stripe Reader or equivalent
  • Zebra ZQ320+ Series Bluetooth Printer No label sensor
    • Outdoor edition
    • Charger sold separately
  • Zebra ZQ620+ Series Bluetooth Printer No label sensor
    • Outdoor edition
    • Charger sold separately
  • Zebra Charging Accessory Kit sold separately
  • Zebra In Vehicle Charging Accessory Kit sold separately

Integrating with OPS-COM

Integrating with OPS-COM

Integrating with OPS-COM

Considerations for Scoping an Integration 

Regardless of the integration we are scoping we need the following questions answered.

  1. What are the endpoints; where will we connect and send data? 
    1. What system or URL are we querying?
    2. Test system logins and a test endpoint address to which we can send queries to.
      1. we will need the same for production systems  
  2. Are there additional (special) API endpoints and/or API tokens to access the system? 
  3. What API/SDK is recommended?
    1. at the core the OPS-COM platform is built on PHP; we also work with Java and many other languages
  4. Supporting documentation for the API/SDKs that we are integrating with
    1. technical contact(s); either on location and/or for the vendor.
  5. How will the data (or user) flow through the system?  ie. business logic/flow

For Network Administrators

Our development servers are behind:  

Our production servers are behind:  

Information Flow through OPS-COM

This example shows the flow of information through the integrated system of record and OPS-COM.

image.png

Sample: SSO Integration

This example shows the flow of a user through the system, and at what points the client wanted us to apply business logic.  

Notice that in their implementation they also described the flag that would be used to designate special users in the system.

image.png

Sample: LDAP/Active Directory Integration

This represents a standard flow of information to support LDAP/AD user validation.

image.png

Current APIs Available

OperationsCommander (OPS-COM) has made APIs (Application Programming Interface) available that allow for third-parties with proper authentication to interact and manipulate data in OPS-COM as needed to accomplish specific functions, for example adding valid permits from pay and display machines.

Other Integrations Available

OPS-COM has integrations with third-parties. Your Sales Rep can discuss how you can make use of these integrations. 

Integrating with OPS-COM

MacKay Meters - Permit Push/Export Integration

OPS-COM supports exporting temp, standard, and validation permits purchased in OPS-COM to MacKay Meters.

There are a few system and lot configurations to setup before this works with you Mackay Meters system. The article assumes you already have a MacKay Meters environment and logins details (username & password), if you don't please contact your MacKay Meters representative to obtain them and let us (OPS-COM) know if you have any questions or concerns  about this integration.

Tools → View System Task Logs:

image.png

image.png

You may not see this system task and currently only OPS-COM staff can enable it. Please contact us if you require this setup. This system task is used to check OPS-COM permits for any that need to be pushed/exported to MacKay Meters.

System Configuration/Settings:

System Configuration → System Settings → Third Party:

As mentioned above you should have some sort of MacKay meters login details. This is where you set them:

*Note: There are test and none-test (production/live) fields. Depending on the domain you're using to run your tests OPS-COM will either use the username and password fields for production, and test username and test password for preview/testing.

Preview/test domains look like this:
something.preview.ops-com.com
something-test.preview.ops-com.com

Production domains look like this:
something.ops-com.com


image.png

System Configuration → Parking → Manage Lot Zones:

Zone names needs to be exactly what is set in MacKay Meters, if you don't know what the zone name should be please ask MacKay Meters or OPS-COM.

image.png

Parking Management → Lot Administration → Pricing & Lot Admin:

Click into the lot you wish to add to the MacKay Meters zone (s), which in this example is "MacKay-Meters" in this example, then go under the "Zone & Location" tab and set the zone:

image.png

Integrating with OPS-COM

Parking Logix - Parking Sensor Integration

Enable Parking Logix Integration

Before you can use the Parking Logix integration on your system you will need to navigate to your Third Party settings under System Settings.

From there you should see the option to enable Parking Logix Integration

image.png

Adding the Lot Group

Next, add a new lot group to your system making sure you include the API code. It is possible but unlikely that there will be multiple API keys if lot access is split over several keys. 

Create a specific group for each lot you will be collecting data from.

It's important to note that you will also need to enter the Parking Logix specific name for the lot and it must match exactly.

For example, in the image below, the Parking Logix name is Mountaineer Garage


image.png

Once the Lot Group has been configured you would need to assign it to the lot on the LPR Settings Tab of the Lot Administration tool.

image.png

Enable the System Task

A system task must be enabled for the Parking Logix sensors to communicate with our system.

This must be enabled by OPS-COM integration staff and you can contact us through support to set this up. Please email support@ops-com.com for assistance.

Once the system task has been run you should see updated on the lot counts under Manage Parking Lot Groups

image.png


Displaying the Map on the User Side

Finally, enter the short code on the user side to any of your pages using System Messaging.

For more information on how system messaging works please see: https://wiki.ops-com.com/x/M4QCAw followed by Editing Pages

The short code is [parking_logix] and you can pass addition parameters such as: only, show, filter, or name.  This will restrict the list to show only specific lots.

image.png

By design, it will only show lots that have a group assigned to it that have an API key stored in it.

image.png


Integrating with OPS-COM

Mistall - Setup & Functionality

Overview

Mistall is a service that is used to count cars in a physical lot, using cameras to track vehicles as they enter and exit the lot.

Within the OPS-COM system, each Mistall lot is associated to a Lot Group.

Mistall Credentials

Mistall credentials need to be entered in system settings under third-party settings to be able to use the API.

Credentials are provided to the the client by Mistall itself.

1_a2b75cde-54a7-40cb-bb96-6017e67b8f27.png

Lot Groups

The Lot Groups page was updated to accommodate the use of Mistall.

In addition, Lot Groups have replaced the use of Lots on the Real-Time map on both the admin and user sides.

To have data populate the Mistall Lot ID dropdown, the Update Mistall System Job Task must be run at least once to import the data into the system.

Columns have been added for setup with the Real-Time Map and Mistall data.



2_b9bfb86f-8e4e-4e2b-b22c-4af7f95ddb47.png 3_e390bd38-8778-40de-83da-82d93e374d99.png
Lot Group page updates. The updated lot group edit pop-up.

Lot Edit

On the lot edit page, the selection to set the lot group of the lot has been moved from the LPR section to the general section.

This is to allow clients who are not using the LPR system to still use the real-time map features.

4_321d60f9-4185-41c2-bdc7-210377903852.png
Lot edit page.

Dashboard Widget

The imported Mistall data can be displayed on the dashboard in a widget.

The widget is named mistall-lot-stats.

If the system setting for Enable Mistall Usage is not enabled, this widget will not appear in the edit dashboard page.

The widget shows the raw Mistall data. The names of the lot groups associated to the data will be shown beside the bar chart.

If the Mistall data is not yet associated to a lot group, it will show the Mistall lot name instead. This is the name given to the lot by Mistall.


5_8c58357e-0936-4dcf-aa81-d5f454957d0d.png
Mistall dashboard widget.

Real-Time Maps

The admin and user-side real-time maps have been updated to use lot groups in additional to the individual lots as pins on the map.

The functionality of the maps is not dependant on the use of Mistall in a system.

If your system doesn’t have the Mistall integration enabled, the lot groups will use the data of the associated lots in place of Mistall data for the real-time maps.

Admin-Side Map

The admin map has been updated to use lot groups.

When a lot group is clicked on, it will show the new popup.

The donut menu at the top shows the Mistall lot data, and the lot info shows the individual lot data. The bar charts below show the same lot info as above.

If the lot group has no Mistall data associated to it, it will use the collated counts of the lot info below instead.

If Mistall data is being used for the lot, it is likely it will not match the counts shown in the lot info window below. It is intentional that the information will not match.

The intention is that the client will be able to see the difference between what is physically present in the physical lot (lot group Mistall stats) and what the permits purchased within the system look like in comparison.

For example, if the lot is physically empty but is maxed out on purchased permits, the number of available permits can be increased for that lot.


6_3df4add1-3520-4dd6-89b2-5e4b200b2121.png
Admin-Side map.

User-Side Map

The user-side map has also been updated to use lot groups.

As before, the user map is made to appear by placing the shortcode on a client-created page.

The shortcode for the map is: [real-time-map]

The user-side map will now appear like this:

7_237b667b-3f62-4b59-a5c5-b71611899abd.png
User-side real time map.

The donut at the top shows the Mistall data if it is present. If the lot group does not have an associated Mistall lot, it will show the collated counts of the lot info below.

The lot info shown below the donut graph is from the permit counts in the system.

Unlike the admin-side map, the information here is presented as a percentage instead of the actual numbers. This is to allow for some leeway for any inaccuracy.

The icons to the right display if the lot allows standard or temporary permits.

The map should be accessible for users who are not logged in. If the user is logged in, they will be able to see standard permits and temp permits, but if they are not logged in, they will only be able to see temp permits.

The book permit button now takes the user to a new page used for selecting a permit from within the selected lot group.

User-Side Lot Group Page

The lot group page shows much the same data as the regular permit page, just with the data specific to the selected lot group.


8_9a0ff1dd-6a83-4887-ab97-fa26c005c6e8.png
Lot group page.

At the top of the page, the same donut menu from the pop-up window on the map is shown, displaying a percentage of availability. It is calculated from the Mistall data or the lots below if there is no Mistall data for the lot group.

The lots are shown below. If the user is a guest (not logged in), they will only be able to see temporary permits on the page.

The standard permit booking button will take the user to the regular standard permit booking page, but the temporary permit booking button will take the user to the quick checkout.

This is the checkout used for QR codes and the old version of the map. It allows the user to purchase the permit and checkout immediately without adding it to their cart.

Integrating with OPS-COM

Hotspot - Permits Integration

To configure a lot to work with the HotSpot app, you must configure a zone for any lot where you want this service to be available. Once a zone is associated with a lot or multiple lots, any user purchasing a permit through HotSpot would be valid in all lots associated with the that zone which is configured in Lot Administration. This article will illustrate how to create the zone and apply it to a lot.

Setting up a HotSpot zone

To begin you must set up the zone under Admin Options. Hover over the Parking menu item and select Lot Zones from the drop down list.

image.png

In the Manage Lot Zones screen click on Add to access the add zone form

image.png

Enter the name of the lot zone you wish to add. In our example the lot zone is 1001

image.png

Once you have the zone name entered, click on Add Zone to save your selection. It will now show up in the drop down list of zones.

image.png

Applying a Zone to a Lot

To apply this zone to a lot, you first need to go into Lot Administration to add the zone to your selected lots.
To access the lots, go to the Parking Management menu and hover over Lot Administration. Select Pricing and Admin from the resulting drop down menu.

image.png

In our example we will add this zone to the lot called Green Staff Lot East. Click on the lot name to access the configuration tool.

image.png

Once in Lot Administration for the specific lot, click on the Zones & Location tab to access the zone configuration section.

image.png

In the Zones & Location tab click on Add Zone by Days to select the 1001 zone we created.

image.png

Select 1001 from the resulting drop down list.

image.png

For our example we can leave the defaults as is which includes:

The day range - leave it with all days of the week selected. (Highlighted in green)
The Start and End Time. (00:00 to 23:59 - in other words all day)

To save your settings click on the floppy disk (save) icon.

image.png

Click on Update this Lot to save your changes. 

 

Integrating with OPS-COM

ParkMobile - Permits API Integration

Introduction

ParkMobile is a service that offers on-demand parking payments, similar to HotSpot.

A system task is run at regular intervals to retrieve permits from the ParkMobile API, which are then stored in the local site as temporary permits.

Authorization Credentials

ParkMobile has a set of credentials that must be entered before data can be retrieved from their API.

These can be entered on the system settings page, which can be found under the menu tree:

image.png

image.png 

Required Credentials

There are three values that must be provided for the system to be allowed access to the ParkMobile endpoint.

These values should be provided to the client by ParkMobile itself.

Lot Zone Setup

Permits will only be imported into the OPS-COM system if the ParkMobile lot zone has a corresponding lot zone with the same name in the OPS-COM system.

If the local lot zone does not already exist for the ParkMobile lot zone, one will need to be created.

The lot zone management page can be found under the menu tree:

Lot Zone Management

To create a new lot zone, click on the Add Lot Zone button to open the add new modal.

image.png

This will open the modal used to add new lot zones.

Add the ParkMobile lot zone name as the Name of the lot zone, and then click save changes.

This will add the new lot zone to the system, which can now be used to match to ParkMobile permits coming into the system.

image.png

System Task

The ParkMobile system task is used to fetch permits from the ParkMobile endpoint and add them to the OPS-COM system as temporary permits.

System tasks can be be found under the menu tree:

System Tasks Page

The system task is named Fetch ParkMobile Stats.

image.png

The task must be enabled before it will run.

By default, it is set to run every 3 minutes.

The task can also be run manually by pressing the RUN button next to the task name.

Imported Permits

ParkMobile permits are imported as paystation (Cale) records, and will appear anywhere these records are used.

They can be viewed using the Pay Station Status page, which can be found under the menu tree:

  • Parking Management → Temporary Permits → Pay Station Statusimage.png

Pay Station Status

On the pay station status page, enter the search information and press the search button.

image.png

Any imported ParkMobile permits will be visible in the output results, marked by ParkMobile as the value listed in the Source column.

image.png




Security Whitepaper

As do many, we take security very seriously!  We understand that the data we have been entrusted with is data which our clients have also been entrusted with.  We always ensure that we go well above and beyond the requirements and standards for safe secure storage and handling of all data.  This white paper outlines in details some of the lengths which we go to ensure business continuity and respect for entrusted data.

Executive Summary

OperationsCommander (OPS-COM) is a cloud-based parking and security management platform. This platform has been developed in-house for over 15 years.

Tomahawk Technologies Inc. is committed to maintaining a high level of information security, and its key priority is protecting customer information, and carefully maintaining the information security of OPS-COM. This Security Whitepaper gives an overview of the OPS-COM security features.

OPS-COM is PCI SAQ D-SP 3.2.1 certified military medal and is audited quarterly by a third-party to maintain this certification. We are also TX-RAMP Level 2 certified military medal by the Texas Risk and Authorization Management Program (certificate ID TX1332619). The Texas Risk and Authorization Management Program provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies. Risk analysis forms the foundation of our security program.

Risk assessments are periodically performed and security is regularly discussed in weekly team meetings. Our security processes, roles, and responsibilities are clear and well defined. Everyone is aware of our responsibilities and obligations when protecting our clients data.

We review our policies annually and ensure that all employees sign-off on them. OPS-COM is developed and maintained by inspired, skilled personnel who are committed to maintaining a high level of online security. OPS-COM has been designed to meet customers' strict security requirements and industry best practices.

OPS-COM has a solid and secure foundation that is based on widely used security methods and protocols. It has been designed to protect data both in transit and at rest to ensure its confidentiality, integrity, and availability. Strict access control allows only authorized users to access the data.

Operation and maintenance of OPS-COM follows documented processes. Continuous monitoring of information security and system performance ensures that all deviations and incidents can be responded to in a timely manner by trained and competent personnel in accordance with the incident response process.

This document is designed to answer all your questions regarding the security and design of both OPS-COM and our supporting systems. 

This information is now available by request from your Sales representative or from

support@ops-com.com

Temporary Documentation for the Mistall Pilot

Overview

Mistall is a service that is used to count cars in a physical lot, using cameras to track vehicles as they enter and exit the lot. Within the OPS-COM system, each Mistall lot is associated to a Lot Group.

Mistall Credentials

See Support/Development for credentials.

Mistall System Job Task

Lot Groups

The Lot Groups page was updated to accommodate the use of Mistall.

In addition, Lot Groups have replaced the use of Lots on the Real-Time map on both the admin and user sides.

To have data populate the Mistall Lot ID dropdown, the Update Mistall System Job Task must be run at least once to import the data into the system.

Columns have been added for setup with the Real-Time Map and Mistall data.

image.pngimage.png

                                      Lot Group page updates.                                                                            The updated lot group edit model.

Lot Edit

On the lot edit page, the selection to set the lot group of the lot has been moved from the LPR section to the general section.

This is to allow clients who are not using the LPR system to still use the real-time map features.

image.png

                                                                                                 Lot edit page.

Dashboard Widget

The imported Mistall data can be displayed on the dashboard in a widget.

The widget is named mistall-lot-stats.

If the system setting for Enable Mistall Usage is not enabled, this widget will not appear in the edit dashboard page.

The widget shows the raw Mistall data. The names of the lot groups associated to the data will be shown beside the bar chart.

If the Mistall data is not yet associated to a lot group, it will show the Mistall lot name instead. This is the name given to the lot by Mistall.

image.png

                                                   Mistall dashboard widget.

Real-Time Maps

The admin and user-side real-time maps have been updated to use lot groups instead of individual lots as pins on the map.

The functionality of the maps is not dependant on the use of Mistall in a system.

If the client does not have Mistall integrated with their site, the lot groups will use the data of the associated lots in place of Mistall data for the real-time maps.

Admin-Side Map

The admin map has been updated to use lot groups.

When a lot group is clicked on, it will show the new popup.

The donut menu at the top shows the Mistall lot data, and the lot info shows the individual lot data. The bar charts below show the same lot info as above.

If the lot group has no Mistall data associated to it, it will use the collated counts of the lot info below instead.

If Mistall data is being used for the lot, it is likely it will not match the counts shown in the lot info window below. It is intentional that the information will not match.

The intention is that the client will be able to see the difference between what is physically present in the physical lot (lot group Mistall stats) and what the permits purchased within the system look like in comparison.

For example, if the lot is physically empty but is maxed out on purchased permits, the number of available permits can be increased for that lot.

image.png

                                                                               Admin-Side map.

User-Side Map

The user-side map has also been updated to use lot groups.

As before, the user map is made to appear by placing the shortcode on a client-created page.

The shortcode for the map is: [real-time-map]

The user-side map will now appear like this:

image.png

                                                                     User-side real time map.

The donut at the top shows the Mistall data if it is present. If the lot group does not have an associated Mistall lot, it will show the collated counts of the lot info below.

The lot info shown below the donut graph is from the permit counts in the system.

Unlike the admin-side map, the information here is presented as a percentage instead of the actual numbers. This is to allow for some leeway for any inaccuracy.

The icons to the right display if the lot allows standard or temporary permits.

The map should be accessible for users who are not logged in. If the user is logged in, they will be able to see standard permits and temp permits, but if they are not logged in, they will only be able to see temp permits.

The book permit button now takes the user to a new page used for selecting a permit from within the selected lot group.

User-Side Lot Group Page

The lot group page shows much the same data as the regular permit page, just with the data specific to the selected lot group.

image.png

                                                                                      Lot group page.

At the top of the page, the same donut menu from the pop-up window on the map is shown, displaying a percentage of availability. It is calculated from the Mistall data or the lots below if there is no Mistall data for the lot group.

The lots are shown below. If the user is a guest (not logged in), they will only be able to see temporary permits on the page.

The standard permit booking button will take the user to the regular standard permit booking page, but the temporary permit booking button will take the user to the quick checkout.

This is the checkout used for QR codes and the old version of the map. It allows the user to purchase the permit and checkout immediately without adding it to their cart.

Setup Checklist

New to OPS-COM and you need a little guidance as to what messaging needs your attention? This article explains the items to look at in order of importance.

The Setup Checklist

EhRimage.png

The setup checklist guides new users through the important process of setting up a new site. It breaks down the items that need attention in three categories (Important, Moderate and Minor) The checklist can be expanded to list all configuration and page updates that a new user should consider. 


The Edit Button

Click on the Each Section to Expand the List. Clicking on the edit button...

image.png

...will bring the admin directly to the item that needs attention.

image.png

The same principal exists for system messaging. The edit button will take the admin to the page that needs updating.

image.png

Using Your Own Domain - Vanity URL

OPS-COM supports the use of vanity URLs to keep your branding consistent for all your clients. This is a simple process. Not all service levels include this option and there could be fees associated with the setup.

Please contact your Sales Representative for more information at sales@ops-com.com.

Purchase Your Domain

We can work with any legal and registered domain that you own or have control over. Most clients will already have a domain they wish to use.  Setup is quite simple and involves pointing a subdomain at our server. The resulting subdomain URL will be the final URL you will give to your clients.

Domains and subdomains cannot have spaces, are limited in size and are case-insensitive.

Example of a registered domain:  yourdomain.com

Example of an OPS-COM service subdomain:  parking.yourdomain.com

* subdomain can be any combination of A-Z, 0-9, and hyphen ,   * domains and subdomains are not case-sensitive

Sample DNS Setup
Option Format DNS Entry Notes
1 yourdomain.com @ CNAME <client>.ops-com.com. point entire domain to client OPS-COM installation
2 parking.yourdomain.com parking CNAME <client>.ops-com.com. point subdomain to OPS-COM installation

Resulting URLs

Option #1 - Domain

-point entire domain to OPS-COM

It would look like this for the user portal - https://yourdomain.com

And the admin portal would be - https://yourdomain.com/admin

Option #2 - Subdomain

- point subdomain to OPS-COM

It would look like this for the user portal - https://subdomain.yourdomain.com

And the admin portal would be - https://subdomain.yourdomain.com/admin

How Does it Work

We supply details to you so that you can add a CNAME record to your DNS.
Once DNS is updated and a secure certificate is installed the domain will be active on our servers.

Certificate Registration

We use Let's Encrypt for SSL communication.
Once your subdomain is pointed at our servers, the certificate can be requested.

Contact Support

Email support@ops-com.com to let us know what you would like to use as your registered subdomain. 

 

Sending Email with OPS-COM

Sending email from OPS-COM is a key element of communicating with your clients.  This article offers information related to the setup of a mail sending domain on our preferred mail partner, Mailgun.

Simple SPF Security

Add the following to your SPF record (in DNS) to allow OPS-COM servers to send email on your domains behalf.

ip4:209.217.117.82/32  include:_spf.mailgun.org 

Please note that this is only first line generalized security. For more details click here: https://www.dmarcanalyzer.com/spf/

Communicating with Clients

One of the key features of your OperationsCommander installation is the ease of communicating with your clients.  This communication may be outgoing messages related to purchases, notifications and even as part of the appeals process.

Why Mailgun

We selected Mailgun as our preferred email partner due to the ease of use of their APIs and their long standing success in the email space.  That together with their tools to track and report on sent emails made them an ideal candidate for email management.

What to Expect Without Mailgun

Within the OPS-COM system configuration, reply-to email addresses can be recorded.  One such email might be parking@yourdomain.com such that any email receipts sent will appear to come from this email address.

Due to the email being sent from a non-yourdomain.com system, the email may be marked as spam or carry a "on behalf of" header to let the client know that the email was not sent from a yourdomain.com system.

With a few simple DNS updates, it is possible to recognize the Mailgun server as a valid email sender for yourdomain.com

Using your own API offers an even better level of service so that you can inspect emails sent by OPS-COM, and this is the recommended configuration

Why Do I See On Behalf Of in My Email

Visit https://help.mailgun.com/hc/en-us/articles/360012491394-Why-Do-I-See-On-Behalf-Of-in-My-Email- for more information

Subdomain on the OPS-COM account

This is the preferred method. We will supply the DNS update details.  Your system admin will just need to add the details to DNS.

OPS-COM staff can create a subdomain on our configuration to to allow clients to send email with proper DKIM signatures.

We will create the subdomain and pass the DNS details to the appropriate system administrator.

Your Own Mailgun Account

This method allows clients to manage their own Mailgun account.

You may create a new or use an existing Mailgun account. Please send the associated API key to support@ops-com.com.

API keys can be created and found in the Mailgun site under: Domain settings → Sending API Keys

Note: To aid in technical support related to email, please invite support@ops-com.com as a Developer-level user.

Integrating Mailgun to Your Installation

Within the OPS-COM administrative interface, select System ConfigurationThird Party

Note: In the case of OPS-COM creating a subdomain, OPS-COM Support will update these details.

image.png

Using the General OPS-COM Mailgun Account

This setup will enable OperationsCommander to send email on behalf of your domain.  It will remove the "on behalf of" notation that may be seen in emails that are not setup properly.

Required DNS Records

  1. Please send a copy of your domain DKIM to OPS-COM support. please also include your domain 
  2. Add the following DNS records to your DNS server.
Type
Hostname
Value
Notes
TXT mg.<your domain> v=spf1 include:mailgun.org ~all This adds an SPF record for Mailgun
TXT smtp._domainkey.<your domain> your DKIM key The DKIM key used with your domain

SPF = Sender Policy Framework

DKIM = Domain Key Identified Mail

Optional DNS Records

Mailgun recommends adding these values even if only sending emails.

In our experience they are not needed as they are related to tracking and receiving emails.

At this time, we do not require the optional DNS records in our setup.

Managed User Import (SFTP)

For clients that cannot take advantage of our User Import APIs, our SFTP Managed User Import allows you to import users into our system through an encrypted SFTP client. Any users that have failed to be imported will be put into a .csv file and sent to you by email. This file will include important user information as well as the reason for failure. 

Required System Settings

Before you can use the Managed User Import you will need to have it set up on your system.

OPS-COM requires settings for the Import to work properly.

The first setting that is required is found under System Config -> Classic System Settings

image.png

From this window make sure that you have supplied a Reply-to Admin Email Address.

This is the system default email address that appears as the sender of system-level and task-automation email messages.  

image.png

The second setting is found under System Config -> System Settings followed by Third Party.

image.png

From there you want to make sure that you have supplied a Failed Import Email under the CSV User Import options.

This is the email that will be receive the failed to import message.

The error message file will include information about the user as well as why the user failed to be imported.

This will allow you to correct any failures and attempt the import again. 

Importing Users

OPS-COM will supply you with credentials.  These credentials will connect your SFTP client to the folder where the import file will be stored on the server.

If you connect with a standard client, you will see an empty directory where you can drag and drop your import files.

SFTP Manual Process

A system task is set to run at 5 minute intervals.  There may be a pause of up to 5 minutes for the import process to complete.

Once completed the file will be automatically moved to the bak folder.  This folder is created as part of the import process if the folder does not exist.

To begin drop a comma separated (CSV) file from your computer to the server. 

Please note that the your CSV file must follow the required format to be processed correctly.

image.png

Once the import has completed the file will be moved to the bak folder.

An email will be generated containing users that failed the import, and it will be sent to the email in System Settings

The email will describe the reasons that users failed the import.

Field Note
unique_id Required. Defines each unique user.
login_source Required. Used in conjunction with Login Sources (SSO) for Single Sign On. See Login Sources for more info
first_name
last_name
user_name
email
street
city
province
postal_code
street2
city2
state2
zip2
phone_cell
user_type_id
employ_no
employee_phone
student_no
student_phone
drivers_license_num
drivers_license_prov
data_of_birth
active

Optional. Possible values "0" (inactive) and "1" (active).

This field can be used in conjunction with a new system setting:

image.png

When the above system setting is enabled and when a user is imported with an active column value of "0" the system will automatically archive said user and release any active permits said user may have. 

If a user is imported with an active value of 1 the user will remain active in the system and no permits they may have will be affected.

Example:

Before:

image.png

After:

image.png

Permit:

image.png

Payment:

image.png

If a user not already existing in the system is imported with an active value of 0 the user will not be imported and an error report email (subject line "CSV Import Failed Records") will be sent to the administrator email address specified under System Settings → Third Party → CSV User Import. Said email will contain an attached CSV file that lists the users who weren't imported and the reason:

image.png


Server IP Addresses

Depending on various client project requirements you or your I.T. department may require server IP addresses.

For example, there may be IP restrictions or traffic routing requirements where an IP address is required.

The IPs listed here are egress traffic.

Development, Testing and Preview

For development and preview sites, traffic will originate from one of these IP addresses.

208.124.170.242

178.128.233.75

134.122.33.16

137.184.172.18

137.184.172.19

Production, Staging and Beta

For production and staging sites, traffic will originate from one of these IP addresses.

209.217.117.82

209.217.117.84

209.217.117.88

159.203.14.67

167.99.176.52

167.99.176.218

SPF Records for Email

Tomahawk mail servers and Mailgun mail service are used for email delivery.

Tomahawk mail services are being phased out and replaced with Mailgun services

The following is a sample TXT record from DNS.

 "v=spf1 include:spf.tomahawk.ca include:mailgun.org ~all"

 

Preparing to Import Your User Data

Many customers wish to port over existing data when they purchase the OperationsCommander system. Data imports can be complicated but they start with a clear understanding of what is needed and clean data. A Data Import may have been included with your system purchase or it may incur additional costs. Contact your Account Executive or email support@ops-com.com to find out.

Preparing your User Data

Your OPS-COM system must be setup and some configuration done before we will import your data. This means the lots and user types in particular must be there. We have attached a sample file that will walk you through what data needs to be provided for a minimal import. If you do not have the information to fill out all columns certain assumptions can be made to enable us to create the profiles. 

File

image2019-11-14_13-28-45.png

OPS-COM Data Import Template