HID Origo MCP. Manage physical and digital access from conversation.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
HID Origo MCP Server gives your AI agent full control over your physical and digital access management. You can list mobile identities, check user details, monitor readers, and automate enrollment invites—all from a simple chat command.
Manage credentials, audit logs, and user accounts without opening a complex portal.
What your AI agents can do
Create enrollment invitation
Sends a new invitation to a user so they can enroll for a mobile identity.
Get audit log events
Retrieves a history of administrative and access events for security monitoring.
Get mobile identity
Gets detailed information for a specific digital mobile identity.
Retrieves specific user data by ID, allowing you to check credentials and group assignments.
Pulls system logs detailing administrative actions and access attempts for compliance review.
Lists and checks the operational status of all connected IoT readers and door controllers.
Retrieves the status and details for all issued mobile identities (digital cards).
Sends official enrollment invitations for mobile identities directly from the chat interface.
Retrieves metadata and configuration settings for the entire HID Origo tenant.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
HID Origo MCP Server: 11 Tools for Identity & Access Management
Use these 11 tools to query user details, check reader status, manage credentials, and audit access events in a structured way.
019d75b1create enrollment invitation
Sends a new invitation to a user so they can enroll for a mobile identity.
019d75b1get audit log events
Retrieves a history of administrative and access events for security monitoring.
019d75b1get mobile identity
Gets detailed information for a specific digital mobile identity.
019d75b1get organization info
Retrieves metadata and configuration details for your HID Origo organization.
019d75b1get user details
Gets detailed information for a specific user ID managed in the system.
019d75b1list access readers
Lists all IoT readers and door controllers connected to the HID Origo system.
019d75b1list identity groups
Lists identity groups used to define access control policies.
019d75b1list identity invitations
Lists all enrollment invitations that have been sent out for mobile identities.
019d75b1list identity users
Lists all users managed in the HID Origo tenant to find their user ID.
019d75b1list mobile identities
Lists all issued mobile identities (digital cards) and their current activation status.
019d75b1list physical credentials
Lists all physical access credentials, like cards and fobs, managed in the system.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with HID Origo, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Your AI agent gives you full control over your physical and digital access management with HID Origo. You can check everything from user details to reader status just by talking to your agent.
Check organization configuration: You can run get_organization_info to pull metadata and configuration details for your entire HID Origo tenant. Get detailed user profiles: Use get_user_details to pull specific data for any user ID, letting you check their credentials and group assignments. Audit security events: Running get_audit_log_events pulls system logs detailing administrative actions and access attempts, perfect for compliance checks. Monitor physical readers and hardware: list_access_readers lists every IoT reader and door controller connected to the HID Origo system. Manage digital credentials: You can run list_mobile_identities to see the status and details for all issued mobile identities. Monitor physical credentials: list_physical_credentials lists every physical access credential, like cards or fobs, managed in the system. List users and groups: You can use list_identity_users to list all users in your HID Origo tenant, and list_identity_groups to see the groups that define your access control policies. Automate user onboarding: Sending an invitation for a mobile identity is simple with create_enrollment_invitation. Check identity metadata: Use get_mobile_identity to get detailed information for a specific digital mobile identity. List identity invitations: list_identity_invitations lets you see all enrollment invitations that have been sent out for mobile identities. List all mobile identities: list_mobile_identities lists all issued mobile identities (digital cards) and their current activation status.
How HID Origo MCP Works
- 1 Subscribe to the HID Origo MCP Server and enter your Client ID, Client Secret, and Organization ID.
- 2 Tell your AI agent what you need (e.g., 'Show me all pending mobile identities').
- 3 The agent executes the necessary tools (like
list_mobile_identities) and returns the structured data directly.
The bottom line is you use natural conversation to run complex access control queries that usually require jumping between multiple management screens.
Who Is HID Origo MCP For?
This is for the Facility Manager who needs to check reader status across multiple sites without logging into five different dashboards. It's for the Security Engineer who needs to audit access logs across thousands of events instantly. And it's for the IT Admin who has to onboard users and manage credentials daily.
Checks the status of readers and mobile credentials across multiple sites to ensure site readiness.
Automates the auditing of access events and identifies bottlenecks in the enrollment process.
Manages user accounts and sends enrollment invitations for new employees during the onboarding process.
What Changes When You Connect
- Check the status of all access hardware. Instead of logging into the hardware management portal, use
list_access_readersto see if all door controllers are online and reporting normal activity. - Streamline user onboarding. Instead of emailing and manually tracking invitations,
create_enrollment_invitationsends the invite and confirms it's logged immediately. - Audit security events instantly. Need to know who accessed a door and when? Running
get_audit_log_eventspulls the history of admin actions and access events into your chat window for review. - Track every credential type. Use
list_mobile_identitiesandlist_physical_credentialstogether to get a single, unified view of every card—digital or physical—linked to a user. - Verify user context. Need to know if a user is part of the right group? Run
list_identity_groupsandget_user_detailsto check group membership and user status in two steps. - Identify missing data. If you don't know a user's ID, start with
list_identity_users. This lets you find the exact ID needed before you can runget_user_details.
Real-World Use Cases
Emergency access check
A Facility Manager notices a reader keeps going offline. Instead of calling maintenance and checking a web dashboard, they ask their agent: 'Show me the status of readers at the main campus.' The agent runs list_access_readers, immediately confirming that all 5 readers are online and reporting normal activity, and suggesting they check recent access events via get_audit_log_events.
New hire provisioning
An IT Admin needs to onboard a new user. They first run list_identity_users to find the correct ID, then use create_enrollment_invitation with that ID. The agent confirms the invite was sent and logs it via list_identity_invitations, keeping the entire process visible and trackable in one chat thread.
Security incident investigation
A Security Engineer suspects unauthorized access. They ask the agent to pull all records from the last 24 hours. The agent runs get_audit_log_events, providing a timeline of access attempts and administrative actions, allowing the engineer to pinpoint exactly when and how a credential was misused.
Compliance audit prep
A compliance officer needs to verify that all department heads have the correct credentials. They use list_identity_groups to verify the group structure, then use list_physical_credentials to check all linked physical cards, cross-referencing the data with get_organization_info to confirm the tenant's setup.
The Tradeoffs
Manual portal switching
Opening the HID web portal, navigating to 'Users,' exporting the CSV, opening the 'Readers' section, and then cross-referencing the IDs in a spreadsheet.
→
Use the agent. Start by running list_identity_users to get the user list. Then, run list_access_readers to check hardware status. Finally, run list_physical_credentials to see which cards belong to those users. It's all in chat.
Ignoring the credential lifecycle
Assuming that because a user is in the correct group (list_identity_groups), they automatically have the correct digital card (get_mobile_identity) or physical card (list_physical_credentials).
→
You must check the status. Use get_mobile_identity to confirm the digital card status, and use get_user_details to confirm the user's assigned roles. Don't assume; check the data.
Starting with the hardware
Calling list_access_readers and getting a list of hardware IDs, but then having no way to link that hardware back to which user or department it serves.
→
Always tie the hardware to the user. After listing readers, use get_organization_info to understand the site metadata, then use list_identity_groups to see what policies apply to that location.
When It Fits, When It Doesn't
Use this MCP Server if your workflow requires linking user identity (who they are) to physical hardware (where they go) and digital access (what they use). It's necessary when you need to audit logs, check credential status, or automate onboarding. Don't use it if you just need to know the status of a single credential—just check the direct API. Don't use it if your primary goal is managing the identity provider itself; this server manages the access layer built on top of identity."
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by HID Origo. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 11 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Checking credentials and reader status shouldn't require opening three different dashboards.
Right now, checking a user's access status is a nightmare. You have to log into the user management portal, check the group membership, then switch to the credential management dashboard, and finally, check the physical reader's status on a separate site map. It's copy-paste hell, and you're always missing a step.
With this MCP server, you ask your agent for the status. You get a single, structured report showing user details, mobile identity status via `list_mobile_identities`, and hardware status via `list_access_readers`. It's all one conversation.
Using the HID Origo MCP Server: Control access from your agent.
The biggest manual step that vanishes is the multi-step credential lifecycle management. You can't just tell someone to enroll; you have to go into the portal, find the user, hit the 'invite' button, and then confirm the invite was sent in a different log. It's tedious.
Now, you simply ask your agent to invite the user. The agent executes `create_enrollment_invitation`, and you get confirmation and details in the chat. The process is contained, verifiable, and immediate.
Common Questions About HID Origo MCP
How do I use `list_mobile_identities` to check card status? +
list_mobile_identities lists every issued digital card. The results show the status—whether it's 'Activated', 'Pending Enrollment', or 'Suspended'—giving you an instant overview of your mobile credential pool.
What is the difference between `get_user_details` and `list_identity_users`? +
list_identity_users gives you a master list of all user IDs in the tenant. You use get_user_details when you have a specific ID and need to see that user's full profile, including groups and assigned credentials.
Can I use `get_audit_log_events` to find out who logged in? +
Yes. get_audit_log_events retrieves system audit logs. These logs track administrative actions and access events, showing who did what, and when.
Does `list_access_readers` show the readers are online? +
Yes. list_access_readers lists all IoT readers and door controllers. The output includes the operational status, letting you confirm if the hardware is online and reporting normal activity.
How do I automate user enrollment using `create_enrollment_invitation`? +
You pass the required details (user ID and part number) to create_enrollment_invitation. The agent sends the invitation and confirms the process started, generating a traceable record.
How do I check which groups a user belongs to using `list_identity_groups`? +
You first call list_identity_groups to see all available groups. Then, you use the group name or ID to check if the specific user ID is a member of that group.
What should I do if `get_mobile_identity` returns an 'Inactive' status? +
An 'Inactive' status means the card is currently suspended or deactivated. You need to check the associated user's account status or contact the user to reactivate the credential.
How do I see all the physical cards I own using `list_physical_credentials`? +
Running list_physical_credentials returns every card (fob, keycard, etc.) registered in your HID Origo system. This list includes serial numbers and expiration dates.
How do I find my HID Origo Client ID and Secret? +
Log in to the HID Origo Management Portal, navigate to the System Accounts section, and create a new system account. You will be provided with a Client ID and Client Secret for that account.
What is the Organization ID? +
The Organization ID is a unique UUID that identifies your company in the HID Origo cloud. You can find it in the Management Portal under the Organization settings or profile section.
Can I send mobile identity invitations via the AI agent? +
Yes! Use the create_enrollment_invitation tool. You must provide a JSON string containing the userId and the partNumber for the mobile identity you wish to issue.
Is the integration secure for access control data? +
Absolutely. The integration uses industry-standard OAuth 2.0 Client Credentials over HTTPS. Your credentials are encrypted and stored securely within the Vinkius Cloud infrastructure.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
HashiCorp Nomad
Manage workloads and orchestration via Nomad — track jobs, nodes, and deployments directly from your AI agent.
Decodo (Smartproxy)
Manage your Decodo (formerly Smartproxy) network infrastructure — list proxy endpoints, monitor bandwidth, and fetch residential proxy configurations with your AI.
Ably
Manage real-time messaging, presence, and push notifications via Ably — publish messages, track users, and monitor channels from your AI agent.
You might also like
Cal.com
Let anyone book time with you through customizable scheduling pages that sync with your calendar and eliminate back-and-forth.
Sunrise-Sunset
Get precise sunrise, sunset, and twilight times for any location on Earth using latitude and longitude coordinates.
dYdX (Decentralized Perpetual Exchange API)
Trade perpetuals on dYdX v4 — access markets, orderbooks, and manage your decentralized trading account directly from any AI agent.