Best way to assign keycodes for lock and log this?

Hi everybody,

I have a Nuki 4 Pro lock that is connected to Home Assistant via mqtt. Then there is an ESPHome device connected to an Wiegand reader in front of our main door.

Now I wrote an automation that will unlock and open this door when either particular keycodes are entered, or when particular tags are scanned (both handled by ESPHome and the Wiegand device).

This automation has a trigger_id for each entered code or scanned tag; so if tag 177462 is scanned, open the door; if tag 7492874 is scanned, open the door; if code 7777 is entered, open the door; if code 4442 is entered, open the door; etc. etc. etc.

But is there a way, preferably via yaml or json, to

1.) ease this procedure by assigning these keycodes and/or tags to people? Example below
2.) to log this by date, time, person who unlocked, and what they’ve unlocked with? I know there’s logfiles, but it’d be nice to display this on a dashboard instead… Example below as well

If it’d be possible to assign a tag and/or code to a person via file, it would make things really easy. Add a person? Edit the file (instead of messing with an otherwise perfectly working automation). Somebody loses their tag? Edit the file. etc.

Example 1 json could be something like this

  {"aaron a. aaronson": {
    {"tag": 283746},
    {"code": 4242}
  {"aaron b. aaronson": {
    {"tag": 322345}
  {"ze other guy":
    {"code": 1234}

I hope this is valid json, but I’m sure you’ll get the point either way.

Example 1 yaml

  - name: aaron a. aaronson
    tag: 283746
    code: 4242
  - name: aaron b. aaronson
    tag: 322345
  - name: ze other guy
    code: 1234

Example 2 log

date time person method
2024-05-19 13:19:23 aaron a. aronson code
2024-05-19 14:12:31 aaron b. aronson tag
2024-05-19 15:14:11 aaron a. aronson tag
2024-05-19 16:22:45 ze other guy code

Why log the method? Let’s say somebody’s tag or code got compromised, then I would be able to disable it; if I could only see the person, but not the method, I’d have to dig through logs to find this information, so let’s just log it right away.

That being said, it is more than unlikely that this would happen (compromised data); but I’d like to log this anyway, and perhaps adding method might make sense in the future, so why not implement it right away rather than having to change working things later on.

Thanks in advance for your ideas :slight_smile:

This is a really good post to help you.