Skip to content
English
Create Ticket
  • There are no suggestions because the search field is empty.

How to Use Remote Open

 Remote Authorize Open (Emergency Access) Overview

Remote Authorize Open (sometimes called Emergency Access) lets an authorized administrator open a MedixSafe safe without using a normal user card, PIN, or fingerprint. Instead, the Link console generates a short-lived, one-time code that is entered at the safe’s keypad.

This is intended for emergencies and other situations where standard credentials are unavailable—for example, a responder at the safe while the credential holder is not on scene, or when normal access methods cannot be used.

The code is generated in the web dashboard and used at the physical safe. It works whether the safe is online or offline at that moment, because unlocking happens locally once the correct code is entered.

Every use is logged in Link access history, including which administrator generated the code.

Who Can Use Remote Authorize Open?

Only administrators can generate emergency codes:

  • Global Administrator (Account Administrator) — any safe on the account
  • Group Administrator — safes that belong to Groups they are a member of

Regular Users cannot generate or use this feature from the dashboard.

If you use Groups, confirm the administrator is assigned to the Group that contains the target safe. See [Administrator Roles: Global vs. Group Administrator] (link to your roles article when published).

When to Use It

Remote Authorize Open is appropriate when:

  • Someone authorized needs into the safe now, and normal credentials are not available
  • The safe is offline but still powered and operational at the keypad
  • You need a controlled, auditable emergency path instead of bypassing policy informally

It is not a replacement for day-to-day access. Continue to use enrolled cards, PINs, or biometrics for routine openings.

How to Generate and Use a Code

Step 1: Open Remote Authorize Open in the console

  1. Sign in to the MedixSafe Link console as a Global or Group Administrator.
  2. Go to Device Management.
  3. Find the target safe.
  4. Click the (three dots) menu for that device.
  5. Select Remote Authorize Open.

A guide opens with the six-digit code and instructions for your safe type.

Step 2: Display the code

  1. Click Display Code (or follow the on-screen prompt) to show the current six-digit one-time key.
  2. Note the time remaining—the code is only valid for a limited period (typically a few minutes). If it expires, generate a fresh code from the console.

Step 3: Enter the code at the safe

At the safe keypad, follow the instructions shown in the console. For the most common HID keypads:

  1. Press * (star).
  2. Enter the six-digit code exactly as shown in the dashboard (no spaces, no transposed digits).
  3. Complete any additional steps your console shows for your hardware type.

When the code is accepted, the safe should unlock. The door can then be opened manually.

Important: Enter the digits exactly as displayed. A single wrong digit will prevent access until you try again with a valid code (or generate a new one if the previous code expired).

For non-HID hardware, use the device-specific steps shown in the Remote Authorize Open window.

What Happens Behind the Scenes

Although you only see a simple code in the console, the system:

  1. Creates a time-based one-time password (TOTP) tied to that safe.
  2. Records an audit entry noting which administrator generated the code and for which device.
  3. Logs the access when the safe accepts the code—visible in Link Access Logs / transaction history with the administrator associated to the event.
  4. May send notifications to other administrators (see below), depending on account settings.

This supports compliance and post-incident review: you can see who authorized emergency access and when the safe was opened.

Important Things to Keep in Mind

Treat the code like a temporary key

  • Do not share the six-digit code over unsecured channels if your policy restricts it.
  • Anyone who has the code before it expires may be able to open the safe at the keypad.
  • Generate a new code if the current one expires or if you are unsure whether the previous code was used.

Online vs. offline safes

  • The safe does not need cloud connectivity at the moment of entry for the code to work at the keypad.
  • You do need access to the Link console (with internet) to generate the code. Plan accordingly in dead-zone or outage scenarios.

Administrator scope (Groups)

  • A Group Administrator can only use Remote Authorize Open for safes in their Groups.
  • If a safe does not appear or the action is blocked, a Global Administrator should verify Group membership and device assignment.

This is not “Forced Open”

MedixSafe also tracks forced open events (for example, when the safe detects the door was opened without a normal access sequence). That is a security alert, not the same as a deliberate Remote Authorize Open. Do not confuse an emergency code opening with tampering or forced-entry alarms.

Notifications

Administrators can control whether they receive alerts for remote/emergency openings via user notification settings (remote open / device warning notifications). Defaults are often on; adjust in your profile or user settings if your organization routes alerts to a shared mailbox or on-call team.