Gallagher Command Centre REST API to KNX: Event Bridge with Node-RED
Gallagher Command Centre 8.x exposes a documented REST API that allows external systems to receive door and access events in near real time. Bridging these events to KNX group addresses via Node-RED enables automatic lighting, HVAC, and security responses to card reader activity — without proprietary integration modules or third-party middleware licences.
Gallagher Command Centre REST API overview
Gallagher Command Centre 8.x includes a built-in REST API server. The API uses OAuth2 client credentials flow for authentication. In the Command Centre server settings, create a REST API client with access to the Events and Doors resources. Note the client ID and client secret — these are only shown once at creation time.
To obtain a bearer token, send a POST request to the token endpoint. The token has a 3600-second (one-hour) expiry. Node-RED handles automatic token refresh by storing the expiry timestamp and re-requesting a token before it expires.
OAuth2 token request
POST /api/access_control/rest/v1/oauth2/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
&client_id=<your_client_id>
&client_secret=<your_client_secret>
Response:
{
"access_token": "eyJhbGciOi...",
"token_type": "Bearer",
"expires_in": 3600
}
Node-RED: store token in flow context variable
msg.token = msg.payload.access_token
flow.set('gallagher_token', msg.token)
flow.set('token_expiry', Date.now() + 3500000)Polling access events from the REST API
The events endpoint returns access events since a given ISO8601 timestamp. Poll this endpoint every 2-5 seconds for near-real-time event processing. Store the timestamp of the last processed event in Node-RED flow context to use as the next polling start point.
Event polling request
GET /api/access_control/rest/v1/events
?after=2024-01-15T09:30:00Z
&pageSize=50
Authorization: Bearer <access_token>
Response array — each event object contains:
{
"eventType": "cardReadValid",
"door": { "name": "Main Entrance", "id": "door-uuid-1" },
"cardholder": { "name": "John Smith", "id": "ch-uuid-1" },
"timestamp": "2024-01-15T09:31:45Z"
}
eventType values:
cardReadValid — card accepted, door unlocked
cardReadInvalid — card rejected (wrong zone, expired)
doorForced — door opened without valid access
doorHeldOpen — door held open beyond timer threshold
antiPassbackViol — anti-passback rule violation detectedInstall the node-red-contrib-gallagher package via npm in the Node-RED data directory. This package provides pre-built Gallagher input nodes that handle authentication and polling automatically — configure the Command Centre IP address, client ID, and secret in the node configuration panel.
Node-RED flow: door event to KNX group address
The core Node-RED flow processes Gallagher events and writes to KNX group addresses via the KNX write node. Configure the KNX write node with your KNX IP Interface IP address. The switch node filters events by type and door name before triggering KNX actions.
Node-RED flow — card read to KNX actions
Flow: Gallagher event input node
→ switch node
Rule 1: msg.payload.eventType == "cardReadValid"
AND msg.payload.door.name == "Main Entrance"
Rule 2: msg.payload.eventType == "doorForced"
→ Rule 1 output → function node (set KNX payloads)
msg.knxGA = "3/0/1" // lobby lights full on
msg.knxDPT = "1.001"
msg.knxValue = true
→ KNX write node (IP Interface: 192.168.1.100)
→ function also sends second message:
msg.knxGA = "4/0/1" // HVAC occupied mode
msg.knxValue = true
→ KNX write node
→ Rule 2 output → KNX write node
GA "8/0/1" DPT 1.001 value true // alarm siren relay
→ second KNX write node
GA "3/0/2" DPT 5.001 value 255 // security lights 100%| Gallagher Event | KNX Group Address | DPT | Action |
|---|---|---|---|
| cardReadValid — Main Entrance | 3/0/1 | 1.001 | Lobby lights full on |
| cardReadValid — Main Entrance | 4/0/1 | 1.001 | HVAC occupied mode |
| doorForced — any door | 8/0/1 | 1.001 | Alarm siren relay ON |
| doorForced — any door | 3/0/2 | 5.001 (255) | Security lights 100% |
| doorHeldOpen — any door | 8/0/2 | 1.001 | Held-open warning relay |
Remote door release from KNX binary input
The reverse direction — triggering a Gallagher door release from a KNX binary input — is equally important. Reception staff with a KNX touchpanel can release the main entrance door remotely without a dedicated access control terminal.
KNX binary input to Gallagher door release
Hardware: MDT SCN-BTL1 binary input at reception touchpanel
KNX telegram on button press → GA 3/1/0 DPT 1.001 value 1
Node-RED KNX input node listens on GA 3/1/0:
→ filter: value == true (rising edge only)
→ HTTP request node:
Method: POST
URL: http://<cc-server>/api/access_control/rest/v1/doors/<door_id>/access
Headers: Authorization: Bearer {flow.gallagher_token}
Body: { "type": "release" }
Gallagher releases the door for 5 seconds (configured in CC)
Response 200: door release confirmed
door_id: obtain from GET /api/access_control/rest/v1/doors
Returns array of door objects with id and name fields
Store Main Entrance door_id in Node-RED environment variableGallagher webhooks for real-time event push (CC 8.10+)
Command Centre 8.10 and later supports webhooks — Gallagher pushes events to a configured HTTP endpoint as they occur, eliminating the 2-5 second polling delay. For security-critical applications such as alarm siren activation, webhooks are strongly preferred over polling.
Webhook configuration in Command Centre
In CC server settings → REST API → Webhooks:
Add webhook URL: http://<node-red-ip>:1880/gallagher-events
Events to push: AccessGranted, DoorForced, DoorHeldOpen
Authentication: HMAC-SHA256 shared secret (recommended)
Node-RED: HTTP input node on /gallagher-events
→ verify HMAC signature (function node)
→ identical switch/KNX write flow as polling approach
→ no inject timer needed — events arrive within 200ms
Webhook payload format matches polling event object:
{ "eventType": "...", "door": {...}, "timestamp": "..." }
Advantage: sub-second latency vs 2-5s polling
Use case: door forced alarm must trigger siren immediately
— polling delay is unacceptable for security eventsMulti-tenant office floor occupancy automation
In multi-tenant office buildings, Gallagher zones map to physical floors. Each floor has its own card reader zone, and Gallagher tracks which cardholders are currently on each floor. This zone presence data bridges directly to KNX HVAC zone occupancy for per-floor heating and ventilation control.
Floor-level occupancy to KNX HVAC zones
Gallagher zone configuration:
Zone A: Floor 1 readers (doors A01, A02, A03)
Zone B: Floor 2 readers (doors B01, B02, B03)
Node-RED logic:
On cardReadValid to Floor 1 door:
→ write GA 4/1/1 = true (HVAC zone 1 occupied)
On cardReadValid to Floor 2 door:
→ write GA 4/2/1 = true (HVAC zone 2 occupied)
Last-person-out event (Gallagher CC 8.x):
When last cardholder exits zone (zone count = 0):
Event: "lastPersonOut" for zone A
→ write GA 4/1/1 = false (HVAC zone 1 setback)
→ write GA 3/1/0 = false (floor 1 lights off)
→ wait 300s delay in Node-RED (residual occupancy buffer)
→ write GA 5/1/1 = true (HVAC night setback active)
End-of-day sequence fires automatically when last
cardholder badges out of each floor — no time-based
schedule needed, responds to actual occupancyAnti-passback integration with KNX alarm
Anti-passback (APB) prevents a cardholder from using their card to enter a zone twice without first exiting — a key tailgating deterrent. When Gallagher detects an APB violation, the event can trigger a KNX alarm state for visual and audible alert at the security desk, combined with CCTV cross-reference.
Anti-passback to KNX alarm sequence
Gallagher event: antiPassbackViol
→ door name, cardholder name, timestamp in event payload
Node-RED:
→ write GA 8/1/0 = true (APB alarm flag KNX)
→ write GA 8/1/1 = cardholder ID (DPT 5.010 mapped ID)
→ security desk touchpanel (MDT or Gira) shows APB alert
CCTV cross-reference (Bosch BVMS plugin):
Bosch BVMS has optional Gallagher plugin:
CC alarm event → BVMS pops up camera view for that door
For KNX-only installations without BVMS:
APB KNX alarm GA → triggers ONVIF camera snapshot
via Node-RED http-request to camera snapshot URL
snapshot stored locally for security review
Reset APB alarm:
Security desk KNX button → GA 8/1/0 = false
Node-RED: POST /api/access_control/rest/v1/cardholders/
{cardholder_id}/antipassback/reset
CC resets cardholder APB zone statusCommissioning note: test the full event-to-KNX chain by using a test cardholder card and intentionally triggering each event type in sequence — cardReadValid, doorForced, and antiPassbackViol. Verify the correct KNX GAs update in ETS6 Group Monitor within the expected latency (under 1s for webhooks, under 5s for polling).
Need a KNX panel with Gallagher access control integration built to spec?
We design and build low-voltage panels with Node-RED Gallagher REST API bridges, KNX IP Interface configuration, floor-level occupancy logic, and full commissioning documentation delivered tested to your site.
Request a quote →