Door access control reader installed in commercial lobby

Blog

Door Schedule and Credential Policy Template for UniFi Access

Build dependable door schedules, credential tiers, and audit routines so UniFi Access stays secure and easy to manage.

Updated Feb 4, 20267 min read

Share this guide

Send it to a teammate or save it for later.

Share

Quick summary

Effective policies prevent lockouts and security gaps. Use this template to define schedules, credential tiers, and audit routines that stay consistent across teams.

Capture stakeholders, schedule blocks, hardware choices, and change control so access stays predictable during audits or staff turnover.

Map doors by risk tier

Start by listing every door and assigning a risk tier. Public entry doors need convenient access and clean visitor workflows. Staff-only doors need tighter hours and change control. High-value areas (IT rooms, cash storage, private offices) need strict approvals and longer audit retention.

Document each door with location, use case, default schedule, and any life-safety constraints. This prevents accidental lockouts and keeps the policy defensible when leadership or compliance teams review it.

For restricted and critical zones, plan the hardware upfront. The Enterprise Access Hub (EAH-8) is the best fit for server rooms and high-density closets where you need multiple doors managed from one secure location.

  • Public: lobby, main entrance, delivery vestibule
  • Staff: office suites, break rooms, internal corridors
  • Restricted: IT closets, records rooms, finance areas
  • Critical: server rooms, pharmacy, sensitive storage

Visitor and vendor workflows

Define how temporary access is issued, who approves it, and how badges or mobile credentials are revoked. Store a playbook for deliveries, service calls and after-hours access.

Use short, time-bound schedules for vendors and document the sponsor responsible for each badge. For regular visitors, keep a standing template so front-desk staff can assign access in under a minute.

Promote mobile credentials in the UniFi Identity/Endpoint app, especially Mobile Tap and Touch Pass, so staff can unlock by tapping a phone instead of opening the app.

  • Create a visitor credential type with automatic expiration
  • Require a sponsor name and reason for access
  • Log vendor entry/exit in the same ticketing system used for facilities

Emergency overrides

Document how to safely unlock or lock down doors during emergencies and who has authority. Practice the steps annually and store instructions where staff can reach them quickly.

Confirm which doors are fail-secure vs fail-safe and align the policy with fire code requirements. If a door must unlock during a power failure, document alternative controls for after-hours security.

  • Define who can trigger global unlock/lockdown
  • Keep a printed override procedure near the control station
  • Ensure the PoE++ switch is on a UPS with at least a 1-hour runtime; the standard UA-Hub relies on PoE power only
  • Test UPS-backed power and release hardware twice per year

FAQs

How do we handle lost badges?

Disable the credential immediately, document the incident, and audit recent entries for anomalies. Keep spare badges and a quick-issue SOP ready.

What belongs in our access policy?

Roles, schedules, credential tiers, change control, and an exportable audit trail. Review quarterly and after staff changes.

Checklist

Checklist
  • Map roles and default schedules
  • Define credential tiers and approval process
  • Write change-control and audit procedures
  • Practice emergency overrides annually
  • Verify First Person In rules for doors that must stay locked until a manager arrives
  • Store a one-page SOP near the console

Define roles and credential tiers

List every stakeholder—full-time staff, contractors, cleaning crews, residents—and assign default access windows. Note escalation paths for temporary overrides, after-hours emergencies, and lost credentials.

Clarify who approves new credentials, who handles terminations, and how long inactive badges stay valid. These decisions keep policy consistent even when staffing changes.

UniFi Access Policy Template

Copy this policy template into your IT handbook and rename schedules to match each door group.

UniFi Access Policy Template
Door groupDefault scheduleAfter-hours ruleNotes
Lobby / Main entryMon-Fri 7am-7pmSecurity team approvalVisitor badge template
Staff office doorsMon-Fri 7am-9pmManager approvalAuto-expire at 90 days
IT / server roomsMon-Fri 8am-6pmIT lead approvalTwo-person approval for vendors
Delivery / loadingMon-Fri 8am-5pmFacilities approvalCamera bookmark on entry
Tip

Keep schedule names consistent so reporting and audits are easy to understand.

Credential lifecycle checklist

Credential lifecycle checklist
  • Issue: verify role, assign default schedule, record sponsor
  • Modify: log schedule changes with reason and ticket number
  • Suspend: disable immediately for lost badges
  • Terminate: revoke on last day and archive access logs

Stakeholder worksheet

Capture the names and responsibilities for everyone who touches access control. This prevents confusion during staffing changes and avoids the classic problem of “nobody knows the password.”

  • System owner (approves policy changes)
  • Daily operator (issues badges and guest access)
  • IT or facilities contact (hardware and firmware)
  • Security lead (audits and incident response)

Build schedule blocks in UniFi Access

Translate business hours, holiday closures, and delivery windows into schedule objects. Use descriptive names and group doors logically—Lobby, Warehouse, Roof Access—so anyone reviewing the system understands coverage at a glance.

Use the First Person In requirement for sensitive doors so they stay locked until an authorized manager enters, even if the schedule is set to unlock.

Create exception schedules for weather events or maintenance windows. Storing these templates now means you can adjust quickly later without rebuilding from scratch.

Deploy reliable hardware

The standard Door Hub (UA-Hub-Door) is a single-door controller with a lock relay plus an aux relay for door operators or sirens. Use the Gate Hub for a gate plus side door, and the Enterprise Access Hub (EAH-8) when you need to manage up to eight doors from one secure closet.

The Door Hub runs on PoE++ only, so place the switch on a UPS for backup power. The Enterprise Access Hub adds battery backup support for higher-resilience deployments.

For legacy Wiegand retrofits, use the UniFi Retrofit Hub; the Reader G2 is a native PoE reader.

Label conduit, door hardware, and reader cables at both ends so technicians know exactly which components belong to each opening.

Use clean power, protected pathways, and clear labeling for relay outputs (lock, aux) plus input wiring (door position, request-to-exit). This reduces troubleshooting time during emergencies.

Ubiquiti UniFi Access Hub (UA-Hub)

  • Single-door controller with lock relay plus an auxiliary output
  • Powered by PoE++ (use a UPS-backed switch for backup)
  • Starting at $199 MSRP (check current pricing)
View on Amazon

Ubiquiti UniFi Access Reader G2

  • NFC and mobile unlock reader with handwave request-to-exit
  • PoE-powered and IP55-rated for outdoor installations
  • Starting at $139 MSRP (check current pricing)
View on Amazon

Document change control and audits

Create a simple change log capturing who altered schedules, when, and why. Include ticket numbers, approving managers, and any associated compliance notes.

Schedule quarterly reviews to verify logs, camera bookmarks, and visitor badges align with policy. Pair the review with exportable reports so you can respond quickly to audits or legal requests.

Archive monthly exports in a shared security folder with a clear naming convention (site, month, and door group).

Policy approval and change requests

Define who signs off on policy changes and how requests are submitted. A simple form or ticket keeps approvals visible and prevents ad-hoc edits. When staff changes roles or departments, update both the access policy and the access request workflow so the system stays aligned with organizational changes.

Keep a short list of approved changes so front-line staff are not forced to improvise under pressure.

Audit trail and data retention

Decide how long you keep access logs and how you store them. Many offices keep 90 days on hand and archive for one year, while regulated environments may keep longer. Align log retention with your camera retention so investigations are consistent.

Store exports in a shared folder with read-only permissions, and document who can request a report. A clear process reduces delays when incidents happen.

Common pitfalls to avoid

  • Overlapping schedules that accidentally grant 24/7 access
  • Vendor badges without auto-expiration
  • No documented handoff when a manager leaves
  • Unlabeled hardware that slows down emergency service

First 30 days rollout plan

Treat the first month as a stabilization period. Log every schedule change, review badge activity weekly, and verify that visitor workflows match real-life behavior. Adjust schedules early so staff builds trust in the system.

After the first month, lock in the policy and only make changes through the documented request process so the system stays consistent.

  • Week 1: verify door schedules against actual hours
  • Week 2: review visitor access logs and approvals
  • Week 3: test emergency overrides and failover
  • Week 4: export reports and archive in shared folder

Train staff and plan response

Provide a one-page quick-start for front desk or facilities teams, covering how to issue credentials, revoke access, and contact support. Store the sheet near the primary workstation and in a shared drive.

Rehearse lockout and emergency scenarios annually so staff know exactly how to respond when badges fail or alarms trigger.

Need help with Door Schedule and Credential Policy Template for UniFi Access?

Get a fast quote and see how we design and install this service in Westchester County, NY.

Disclosure: Some links may be affiliate. As an Amazon Associate, we earn from qualifying purchases.

Ready to upgrade your home or business?

Get a free quote from a local expert with 20+ years of experience.