Access Controller

Access Controller v5_1.11

Release date: 10-June-2024

Access control is now possible with minimal hardware on-premises, even with the Access Controller running on the cloud. It can publish notifications via MQTT, allowing for easier integration with IoT devices. For more information please read here.

For more technical information click on Read more below.

Technical Changelog
  • Access notifications are sent to the MQTT broker, topic can be specified in the configuration
    • Functionality is by default disabled, to enable it set MQTT__Enabled to true
    • For topic generation can be used also template with placeholders, supported placeholders are:
      • {streamId} - stream id (streamId = cameraId)
      • {clientId} - client id of edge stream, if specified and notifications are not from edge stream this placeholder will be replaced with none
      • {sourceId} - client id if present in incoming SF notification, otherwise stream id
      • {notificationType} - notification type - GRANTED, DENIED, BLOCKED

Access Controller v5_1.10

Release date: 06-March-2024


Intentional access improvement

  • This version brings an improved Intentional Access Filter functionality to predict individuals' future positions based on their approach speed. The access points now open more smoothly and at the right time.
  • Improved Inetntional Access configuration allows the system to differentiate between real intentional access attempts and individuals lingering without any intention to go through.
  • For more information, click “Read more” to see Technical changelog below or see the chaper Intentional Access.
Technical Changelog


  • Minimal supported SmartFace Platform version is now 4.20.1
  • Updated intentional access filter functionality by making predictions about users' future positions based on their approach speed
    • New configuration field AlwaysOpenForFaceSizeLargerThan represents a threshold face size, detection with at least this face size will pass this filter
    • New configuration field PredictionMilliseconds represents prediction time, if users' face is predicted to be larger than threshold face size in this time, this filter approves the attempt to access
  • Utilizing FaceProcessed notification instead of Match and NoMatch notifications


  • Added MemberLabels to AccessGrantedNotification
  • Added CropProperties to ExpressionFilter

Access Controller v5_1.9.1

Release date: 07-July-2023


  • Possibility to configure face angles, age, gender and other attributes in your access strategy via new ExpressionFilter.
  • Enhanced logging.
Technical Changelog


  • Added possibility to filter notification with expression based filter.


  • Default value for IntentionalAccessConfiguration set to false.

Access Controller v5_1.8

Release date: 06-December-2022


  • Added Log_RollingFile_Enabled property in AppSettings where you can disable file logging (suitable for docker deployments)

  • Added Log_JsonConsole_Enabled property to change format of console logging to JSON


  • Migrated to .NET 6

  • Authentication support

  • UseSsl bool property added to RabbitMQ configuration section

  • AppSettings configuration section changed from array to object (previous array configuration is still supported)

Access Controller v5_1.7

Release date: 27-May-2022

Release notes


  • Anti-hammering system has been added to prevent brute force attacks. When a spoof is detected, the system blocks the user for a defined period of time. The user is blocked for a longer period of time when more spoofs are detected.
Technical Changelog


  • Spoof filter now supports smarter evaluation of spoofs. This behavior is always evaluated per unique watchlist member and stream. New SpoofRateLimitingConfiguration property was added under existing SpoofCheckConfiguration object. Names and meaning of these properties :

    • Enabled - Defines whether spoof rate limiting filter is enabled. When enabled default SpoofCheck filter evaluation is overridden.

    • SpoofAttemptsCount - number of spoof attempts which must appear to consider spoofing as attack and start blocking period

    • SpoofAttemptsWindowMs - maximum time difference between two spoofs that need to pass to start/prolong blocking

    • BlockingTimeIncrementCooldownMs - if a user is blocked after a spoof attack, all further spoof attempts will be ignored for this defined cooldown period. This should prevent a user from incurring a long block time in a short time span.

    • BlockingTimeIncrementMs - time what will be added to the overall blocking time after spoof attack.

    • MaxBlockingTimeMs - upper limit for blocking time.


  • AccessNotificationBlocked now contains blocked_until property which contains timestamp until user will no longer beeing blocked

  • New type of BlockReason was added OPENING_TEMPORARILY_BLOCKED. This type of AccessNotificationBlocked will be send when user passed through other evaluation filters but there is ongoing blocking period triggered by RateLimitingConfiguration.

  • GRPC configuration service now also supports updating/reading of new RateLimitingConfiguration.

  • One enum name of AccessNotificationType (in access_notification_service) was renamed from BLACKLIST to BLOCKED.

Access Controller 1.6

Release date: 23-November-2021

Release notes


  • full_version field added to Version GRPC endpoint.


  • access_controller_current_version field (in version_information_service.proto) was renamed to assembly_version.

  • supported_server_version field no longer includes SmartFace max version boundary.

Access Controller 1.5

Release date: 26-March-2021

Release notes


  • Spoof check filter

  • Frame timestamp is now propagated in access notifications.

  • Eye coordinates are now propagated in access notifications.

  • New GRPC service for runtime filters configuration update was created

  • fitlers configuration is now validate by AC on startup

Access Controller 1.4

Release date: 09-November-2020

Release notes


  • StreamGroups filter used for grouping camera streams. See “StreamGroupsConfiguration” section in appsettings file.

  • New Access notification type PING = 0x08 without any additional data that is sent every 5 seconds, used for keeping the gRPC stream alive.

Access Controller 1.3

Release date: 16-October-2020

Release notes


  • FilterConfigurations can now be defined for each individual camera. See “StreamFilterConfigurations” section in appsettings file.

  • New separate error log file AccessController_Errors.log is now used to log only error/fatal messages.


  • proto messages for connected gRPC clients are now deep cloned which could solve issue when gRPC stream could be terminated unexpectedly by server.

Access Controller 1.2.1

Release date: 01-October-2020

Release notes


  • Supported server version is now correctly “>=4.2.0 <4.4.0”

  • AC service will now retry connection for 30 seconds when RabbitMQ connection cannot be established

Access Controller 1.2

Release date: 07-September-2020

Release notes


  • Face mask filter (turned off by default)

  • Intentional access filter

Access Controller 1.1.1

Release date: 11-August-2020

Release notes


  • New type of notification Blocked access

  • Watchlists that are blocklists can now be specified in json config

  • New endpoint: Version Information, shows current version and supported SmartFace server versions for given Access Controller

  • Block notification are now debounced

  • Filters can be turned on/off in json config

  • Block notification is now sent for any face order

  • Added support for service registration using SC

Access Controller 1.1

Release date: 20-April-2020

Release notes


  • AccessNotificationRequest now supports subscription by notification type (AccessNotificationType enum is flags enabled, so subsciption to multiple types is possible) There are 2 types of notifications: GRANTED and DENIED; AccessNotification cannot be both types at once.

  • New strategy for DENIED notification

Access Controller 1.0

Release date: 12-March-2020

Release notes


  • Strategies are now available. Multiple can be chained together. Currently supported strategies are: FaceOrderOpeningStrategy, CameraDebounceOpeningStrategy, ExclusiveCameraOpenignStrategy

  • Multiple fields were added to access notification