P-73 Kasba Industrial Estates, Phase-II, Kolkata-700107

+91-7550670 670

Biometric Device API for Software Integration

One REST API across every Fortuna biometric device — built by the manufacturer, no SDK.

Fortuna’s biometric device API lets software companies read attendance and access data — and enroll users — across every Fortuna face, fingerprint, and card terminal through one REST API. Integrate biometric devices with your HRMS, ERP, payroll, or SaaS platform using standard GET and POST calls. No device SDK, no third-party middleware. Run it in our cloud, your cloud, or fully on-premise.

REST API, all devices
1
SDKs required
0
Deployment modes
3
Manufacturer since
1996

200,000+ devices deployed · trusted by BARC, BrahMos, Tata Steel, and IIT Bombay · no third-party middleware

At a glance

One REST API across all Fortuna biometric devices — face, fingerprint, card, and IoT access control

Pull attendance and access events; create, update, and enroll users via API

No device SDK — standard HTTP GET and POST calls

Cloud, private cloud, or on-premise, and multi-tenant for many customers

Manufacturer-built (Fortuna, since 1996) — no third-party middleware in the path

Fortuna devices deployed across

Biometric device integration for HRMS, ERP, gym, and SaaS platforms

HRMS and payroll software providers

Your customers want biometric attendance without leaving your platform. Fortuna terminals capture every clock-in and clock-out; your software pulls those events through the API and runs its own shift, overtime, and payroll logic. The device is the data source — your software stays the system of record.

Gym and fitness management platforms

Your platform handles memberships, bookings, and billing. Put a Fortuna face-recognition terminal at the entrance, enroll each member's face through the API when they sign up in your app, and pull check-in events to validate membership and log visits. Members never touch a separate admin screen.

School and college ERP vendors

Your ERP manages students, fees, timetables, and parent communication. Install Fortuna terminals at entry points, enroll students through the API, and pull attendance into your existing reporting and parent-notification workflows.

Visitor management SaaS providers

Your platform runs pre-registration, check-in, and host notification. Use Fortuna terminals as the lobby hardware layer — enroll returning visitors via API, pull check-in events into your cloud, and keep the entire experience inside your product.

Access control software companies

Your software manages door permissions, zones, and event logging. Fortuna terminals and panels support Wiegand and OSDP output for direct door control, and the REST API delivers access events to your platform for logging and reporting.

Workforce and field-attendance platforms

Your platform schedules shifts and deploys field teams. Fortuna's 4G and Wi-Fi handheld terminals — including iCON, the world's smallest biometric terminal — capture attendance on site, cache it offline, and sync to your platform through the API when connectivity returns.

How biometric device API integration works

What is a biometric device API?

A biometric device API is a web interface (REST over HTTP) that lets your software read events from — and manage users on — biometric hardware, without a device-specific SDK or low-level commands. Fortuna’s biometric device API exposes every networked terminal through four resources: users, templates, terminals, and transactions, using standard GET and POST calls.

Four resources, one API

Employee master

Create, read, update, and delete the people enrolled on your devices. Map each user to your own system's ID so events come back tagged the way your software expects.

Biometric enrollment

Enroll a user's face or fingerprint and push the template to any terminal through the API — no one walks up to the device. Update or remove templates remotely as people join or leave.

Device management

Read device status, enrolled-user count, and last-sync time across your whole fleet. Manage terminals from your own admin panel instead of sending a technician to each site.

Attendance & access events

Pull events on demand or on a schedule. Each record carries the employee ID, the punch time, the recognition status (for example, authorized or unrecognized), and the device name.

What the platform does

Pull, on your schedule

Your software requests new transactions through a GET call — every minute, every few minutes, or on demand — and the API returns events since your last sync. A punch typically becomes available to pull within about two minutes. Predictable even on intermittent connections.

Remote enrollment, no device visit

Add a person in your software, send a photo through the API, and the platform trains the face model and pushes it to the assigned terminals. A single bulk call creates, updates, or deactivates many users at once — nobody touches the device's admin screen.

Our cloud, your cloud, or on-premise

The platform runs three ways: hosted on Fortuna's cloud, hosted on your own cloud, or deployed on-premise so attendance and biometric data never leave your network. On-premise is what makes Fortuna viable for banks, government, defence, and hospitals.

One instance, many tenants

A single hosted instance manages multiple customer accounts, each isolated from the others. If your product serves many end customers — or you're a distributor or system integrator — you onboard each as a tenant without standing up separate infrastructure.

Offline by design

Fortuna terminals store every punch locally and keep working when the internet doesn't. When the connection returns, cached events sync in order with their original timestamps. Your software pulls them the same way it pulls live events. No data is lost during an outage.

Language-agnostic REST

Any language that sends and receives HTTP requests works — Python, Java, Node.js, PHP, C#, Go, Ruby. No device SDK, no low-level commands. Integration partners receive documentation and a Postman collection to accelerate the build.

Authentication and access: API credentials and the authentication model are provided to integration partners on approval — request access below.

Biometric devices with API support — face recognition, fingerprint, and card

Every networked Fortuna terminal connects to the same API — one face recognition device API and fingerprint device API in a single integration. Pick hardware by environment and biometric mode; the integration stays identical across all of them.

Biometric API integration use cases — HRMS, payroll, ERP, and access control

HRMS attendance sync

Install terminals at each client office, enroll employees through the API, and pull clock-in/clock-out events on a schedule. Your HRMS runs its own shift and overtime rules and generates payroll-ready timesheets. Employees never meet Fortuna's software.

Gym member check-in

Enroll a member's face through the API the moment they sign up, then pull entrance events to validate membership and log visits. When a membership lapses, the platform stops honoring the check-in. De-enrollment is one API call.

School ERP student attendance

Enroll students through the API and pull attendance from classroom terminals into your own reporting and parent-notification flow.

Visitor management check-in

Use Fortuna terminals as lobby hardware — enroll returning visitors via API and pull check-in events into your cloud for host notification and audit.

Field-workforce attendance

Deploy iCON or other 4G handhelds to field teams. Devices capture attendance on site, cache it offline, and sync to your platform through the API when back online — feeding your own scheduling and timesheet logic.

Access control event logging

Run Fortuna readers at doors and turnstiles using Wiegand or OSDP for direct control, and pull access-granted and access-denied events through the API for logging, compliance reporting, and alerts.

Why choose Fortuna's biometric device API

One API, every device

Face, fingerprint, card, handheld, IoT access control — one REST API covers the whole range. Write the integration once and deploy any Fortuna terminal a client needs, from an entry-level reader to an IP65 industrial unit. No per-device protocol, no separate SDK per model.

First-party platform, no third-party middleware

Fortuna designs and builds its own hardware, firmware, and the integration platform in-house. No separate gateway company sits between your software and the devices — and no device SDK or low-level commands to wrestle with. Support comes from the team that built the hardware.

No software lock-in

Fortuna devices don't require you to run Fortuna's attendance software. The API is the product. Use the terminals purely as biometric capture hardware feeding your platform. You own the user experience, the data, and the workflow.

Cloud or on-premise

Run the platform in Fortuna's cloud, or inside your own network when a client won't let identity data leave their walls. That single option opens banks, government, defence, and hospitals — the buyers most middleware services can't serve.

Built and proven since 1996

Fortuna has manufactured biometric hardware in India for nearly three decades — 200,000+ devices deployed, trusted by BARC, BrahMos, Tata Steel, and IIT Bombay. Field-tested for dust, humidity, and 24/7 operation.

Build your biometric integration on hardware you can trust

Get API documentation, a Postman collection, and a test device — validate the integration in your own environment, cloud or on-premise, before you commit to volume.

FAQ

Biometric device API — frequently asked questions

Do I need Fortuna's software to use Fortuna devices?

No. The devices work as standalone biometric capture terminals with an open REST API. You connect them to your own software. Fortuna’s own attendance products (including timely.bio) are separate and are not required for API integration.

Each transaction record includes the employee ID, the punch time, the recognition status (for example, authorized or unrecognized), and the device name — enough to route and process events across any number of sites. Data is returned as JSON over HTTPS.

You pull. Your software requests new transactions through a GET call on whatever schedule you choose — on demand or at a fixed interval — and the API returns events since your last sync. A punch typically becomes available to pull within about two minutes. This keeps the integration predictable even on intermittent connections.

Yes. Add a person and send a photo through the API; the platform trains the face model and pushes it to the assigned terminals — no on-device enrollment. A single bulk call can create, update, or deactivate many users at once. Your software controls the full user lifecycle without touching the device’s admin interface.

The terminal stores every punch locally and keeps working offline. When connectivity returns, cached events sync in order with their original timestamps, and your software pulls them like any other event. No data is lost.

The REST API is language-agnostic — any language that sends and receives HTTP requests works, including Python, Java, Node.js, PHP, C#, Go, and Ruby. Integration partners receive documentation to accelerate the build.

Yes. The platform deploys in Fortuna’s cloud or inside your own network, so biometric and attendance data can stay on your infrastructure. On-premise deployment is available for banks, government, defence, healthcare, and other environments with strict data-residency requirements.

Every networked Fortuna terminal — face, fingerprint, card, handheld, and IoT access control — uses the same API. You write one integration and deploy whichever device a client’s environment calls for. See the device table above.

Fortuna terminals support Wiegand output, and Checkmate NxT and NxT+ panels add OSDP and multi-door control for direct door, turnstile, and gate operation. The REST API delivers the corresponding access events to your software for logging and reporting.

No. Replacing SDK and device-level integration with standard REST is the point of the platform. If your software can make HTTP calls, it can run Fortuna devices — typically through a handful of endpoints from registering a device to pulling its first punch.

Yes. A single hosted instance is multi-tenant — it manages many customer accounts in isolation from one another. This suits SaaS products with many end customers, as well as distributors and system integrators rolling out across multiple clients.

Fill in the form below with your product and use case. Fortuna’s integration team will share API documentation and credentials and can ship a test device so you can validate the integration in your own environment before committing to volume

Get API access and a test device

Tell us what you’re building. We’ll send API documentation and credentials, and we can ship a test device so you can validate the integration in your own environment — cloud or on-premise — before you commit to volume.

One REST API across every device — no SDK

Cloud, private cloud, or on-premise

Manufacturer-direct — no middleware, no lock-in

Biometric hardware made in India since 1996







    Manufacturing biometric hardware in India since 1996 · direct API integration · no third-party middleware, no software lock-in.