Admin

Users

Add user / Edit user 

Enroll user

The overview table displays saved users and information about them. In the top-left corner, you can use the icon or to add new users. Another icon allows you to select users for bulk actions, and a forth icon lets you delete users based on selected criteria.

In the left column of the table, you will find icons for each user to edit, load, delete, or view their daily schedule . The other columns provide the following information:

  • Enabled authentication methods (e.g., password, QR code, fingerprint, etc.)

  • User name = login

  • First name

  • Last name

  • Role (administrator, user, visitor)

  • Module (attendance, access)

  • Supervision (reader supervision, user supervision)

  • PIN

  • Work position

  • Work group

  • Work shift

  • Branch

Each column header contains a dropdown menu that allows you to filter users. A search filter, marked by a small magnifying glass icon located below the last user in the list, can be used to quickly find users—especially useful when managing a large number of users or when reactivating users who return for seasonal work after previously being deactivated.

Users can be filtered by Status, Authentication, Work end, Monitoring, Anonymization, or Readers.

By clicking the icon in the top right corner, you will access a table showing the GDPR settings overview, including the following information:

  • User name, first name, last name

  • Contacting – informs administrators about scheduled GDPR-related changes

  • Anonymization – removes all personal and contact data, GPS locations, access photos, card numbers, fingerprints, facial data, and passwords

  • Deleting data

  • Deleting user

The data in the table is shown only for users who have a departure date set (e.g., users with fixed-term contracts). The retention periods for anonymization, data deletion, and user deletion are configured at the company level in AdministrationCompanyApplicationsGDPR, and they are calculated from the user’s departure date.

Add user / Edit user

General

In the General tab, first choose which module you want to use. The Attendance system is used for tracking and managing user attendance, while the Access system is designed solely for managing users’ access credentials. More detailed information can be found in your company settings.

In advanced mode, you can assign the user an EID (an external identification number used in third-party systems such as Pamica, Helios, etc.). After entering the user’s first and last name, the system will automatically generate a login in the format lastnamefirstname. You can edit this to any login name the user prefers. If the system notifies you that the chosen login already exists, simply add a number or other character to create a unique combination.

If the user will not be using a login name, you can disable this option by clicking the “No” icon next to the respective field.

The correct start date is important for assigning shifts. If the departure date is not fixed, leave the field blank. You can find more information about work groups, user groups, work positions and branches on the corresponding pages.

The API key serves as a unique identifier for the company when interacting with external systems and web services. The default time zone and holiday calendar are set based on the user’s workplace address.

If the user is active, select “Yes.” This means they can log in and a license is charged for them. If the user should not log in to the SYSDO system, select “No” on the next row. The Balance date is set according to the company’s settings (or custom settings) for the period when attendance data is ready for generating reports.

Contacts will appear in the attendance overview. The email is used for sending information regarding attendance errors or changes in the status of requests. It is recommended to primarily fill in the work email, and if necessary, you can also add a personal email—this field is optional.

The Note field can be used, for example, to add information such as the worker borrowing work equipment, details about the monthly fund for part-time workers, etc.

Authentication

In the Authentication tab, you can enter passwords, PIN codes, or cards for identity verification in the attendance or access system.

The PIN code is used for verification on the BioPad-A, ZPad, Virtual, and Application readers. The password (Attendance) is used for verification via password on the Face readers (SYSF203, SYSFX9).

Verification process on the Face (SYSF203) reader:

  1. On the reader’s screen, select the lock icon (top right corner).

  2. The reader will prompt you to enter the user ID – enter the user’s PIN.

  3. The reader will prompt you to enter the password (Attendance) – enter the user’s password.

Verification process on the SYSFX9 reader:

  1. Enter the PIN.

  2. Press the OK button.

  3. The reader will prompt you to enter the password (Attendance) – enter the user’s password.

  4. Press the OK button.

The password (Access) is used for verification via password on the SYS-WB85, SYS-A2PRO, SYS-A21, and SYS-A22 readers.

In this tab, you can also enable user verification via QR code from the mobile app.

User verification via QR code

In the Codes sectionQR Code (Attendance), click the Generate QR Code icon , which will create an eight-digit number in the empty field. Then click to view the QR code, or choose to send it to the specified email, print it, or save it as a PDF file.

The user will see the QR code in the SYSDO mobile app, displayed via an icon in the top-right corner, up to one minute after saving the edit. Tapping the icon will display the QR code, which the user can use for verification via the SYSDO terminal mobile app or an external SYSAQR6 reader.

Displaying the QR code in the SYSDO mobile app

 

The Attendance Card is compatible with the following readers: TSG550, TSG750, Face, BioPad-A, ZPad, SYSFX9. The Access Card is compatible with the following readers: SYS-A21, SYS-A22, SYS-A2PRO, SYS-F91E, SYS-WB85. The NFC Card is compatible with the following readers: Hikvision DS-K1T671M, Hikvision DS-K1T671MF, SYSFX9 (with an external NFC reader), and the SYSDO Terminal app if the phone or tablet has an NFC reader. You can find the procedure for adding a terminal to SYSDO, installing the apps, pairing them with SYSDO, and finally using NFC cards for verification here.

Permissions

Example configuration for the Admin role
Admin
User
Visitor

The Permissions tab helps you assign roles – Visitor, User, or Admin.

If you select the Admin role, a default configuration for administrators will be displayed. You can adjust the settings as needed:

  • Cars(monitoring)

  • Cams(monitoring)

  • Edit request – selecting “Yes” allows the administrator to manage requests across the entire company

  • Alcohol testing

  • Card info

  • Personal identification number

  • Health insurance

  • Imports

  • Shift assignment

HW Reader administration – A hardware (HW) reader manager is registered in the reader with administrator permissions and can change its configuration. Each manager will receive an email notification if the reader is not communicating.

Monitoring – “Yes” option – Enabling user-based supervision allows you to grant one user access to the attendance records (scheduled shifts and individual access logs) of another user, making them a supervisor of that attendance without giving them full administrator rights.
Enabling supervision based on readers grants access to the attendance data of users assigned to specific readers or terminals. These supervision permissions allow the supervisor to modify work shifts, add vacation time, approve requests, and generate reports.

If you select the User role, the default settings for this role will be displayed.
Unlike the Administrator, the User role includes several optional system management features that can be assigned as needed. These permissions are automatically granted to Administrators.

  • User administration – allows the user to create, edit, or delete user accounts
    Options: Yes / No

  • User group administration – available only if User administration is set to Yes

  • Zone administration

  • Sections administration

  • Reader administration

  • Edit cars

  • Activity administration – activities will appear in the Reports section

The Visitor role includes only two permissions:

  • HW Reader administration

  • Monitoring

Types of permissions

Administrator without supervision

  • Can manage users, workgroups and positions, activities and lists (if enabled), readers, areas, access types, branches, and the company.

  • Can view only their own attendance and access types in the schedule.

Administrator with supervision

  • Can manage users, workgroups and positions, activities and lists (if enabled), readers, areas, access types, branches, and the company — plus vacation and sick days.

  • Can view and edit their own attendance as well as the attendance of users under their supervision.

  • Can view the access logs of all supervised users.

Regular User

  • Can view only their own attendance and access logs.

  • Cannot manage any system elements.

  • Can submit requests and log activities.

User with Supervision

  • Can manage work shifts, vacation, and sick days

  • Can view attendance and access logs of users under their supervision

  • Can edit attendance records of supervised users – including adding or invalidating access entries, and creating or deleting both absence and work schedules

  • Can generate reports – limited to users under their supervision

  • Can view user requests (vacation, sick leave, etc.) for supervised users – and approve or reject them

User with User Management

User management set to “Yes”

  • Can manage all users in the company, except those with higher permissions (Administrators)

  • Can view only their own attendance and access logs

User management set to “Based on supervision”

  • Has all the permissions of a User with Supervision

  • Additionally, can manage users under their supervision, except those with higher permissions (Administrators)

User with Area, Workgroup, and Reader Management

If set to “Yes”

  • Can manage all areas, workgroups, and readers in the system

If set to “Selected only”

  • Can manage only the areas, workgroups, and readers that have been explicitly assigned to them

Readers

In the Readers tab, you can assign specific readers to each user.

Access control

Alerts

In the Alerts tab, the Send column allows you to enable or disable the automatic sending of email notifications. For some notifications, you can also choose to send alerts to the SYSDO mobile app.

In the Settings column, you can define how often selected notifications are sent – either daily or only on specific days and times.

Error notifications related to a specific user can also be forwarded to an additional email address – using the Send alerts to another email option.

Notification settings are inherited either from the parent company (distributor) or can be customized individually. However, user-specific settings always take precedence over general ones.

The content of each notification depends on the user’s assigned permissions. A detailed description of all available notifications can be found in the Company Settings section.

Additional notifications include:

  • Loss/Restoration of Reader Communication

  • Checking reader settings – the system compares the actual terminal configuration with the one stored in the system

Work shifts

Application

The Data tab is used to configure how the following types of information are recorded:

  • GPS positions

  • Access photos

  • Biometric data (face, fingerprints)

This section also contains GDPR-related settings and planned changes, such as data anonymization, data, or user deletion. In order for these changes to be scheduled properly, the user must have a departure date set. If no date is specified, the column will display the message “Not set”.

These processes follow the company’s global settings found in Administration > Company > Application > GDPR, and they are based on the departure date provided.

Clicking the icon at the bottom opens a dialog window where you can select the data to be deleted.

General
Salary

transThe Attendance tab includes two sub-tabs – General and Salary.

In the General section, you can configure:

  • Attendance visibility – control the display of planned and worked hours, presence overview, access records, or arrivals.

  • Absence planning – specify whether absence plans (e.g., doctor’s appointments, business trips) can also be saved within the flexible part of working hours.

  • Attendance monitoring – set up alerts for no-shows and define how many minutes before the shift starts the alert should be triggered.

  • Smoking break – determine whether it should be deducted from the lunch break.

  • Fund transfer limits – choose whether unused leave balances are carried over indefinitely or for a limited time (e.g., 1, 2, or 3 months), or based on custom settings.

  • Activities – set whether the system should automatically select the last used activity or prefill its attributes.

All settings are based on company-level configuration but can be individually customized for each user within this tab.

In the Salary section, you can configure:

  • Wage type – monthly or hourly rate.

  • Surcharges – define time ranges (From–To) during which bonuses apply (e.g., afternoon or night shifts), and specify the bonus percentage (e.g., 30%). Default values are inherited from the company settings.

The External Systems tab displays information about user pairing with external systems such as EDA, ABRA, and Eurosat Eshop. If a user is not paired with a specific external system in SYSDO, the status “Unpaired” is shown. To pair a user, click the Pair User icon and enter the corresponding external ID.

The Components tab allows you to configure the following:

  • User display in the Monthly Leave Overview – choose how users are shown (by user group, all users, or based on supervision).

  • User display in the Summary preview of activity – options include displaying users by group, all users, supervised users only, or only the logged-in user.

  • Night shift planning – choose how night work hours are allocated:

    • By date – if a shift spans midnight (e.g., 22:00–06:00), 2 hours are counted for the starting day and 6 hours for the following day.

    • By shift – the entire shift is counted toward the day it started.

    • Custom – define your own rules.

Enroll user

Enroll authentication data   nacist

When creating a new user, after filling out all necessary information, click on Save and enroll. If there is already created user, for assigning authentication data, use the orange button Enroll.

Enroll from web application

faceFollow the instructions on the reader. Look into the camera, face should be in a white frame and surrounded by a green frame. Once the enroll is successful, click on the Next button.

print1Follow the instructions on the reader. The reader will ask for putting the finger on the scanner, fingerprint needs to be scanned three times. After successful enroll, click on the Next button.

cardFollow the instructions on the reader. Put the card near the reader, the reader scans unique card number. Confirm this number and click on Next in the application.

lightbulb-iconMake sure that you have allowed access to the reader for individual users.

Enroll from mobile application