Pult Presence Docs
WiFi PresenceUniFi

Setup Guide

Step-by-step instructions for connecting UniFi to Pult Presence.

You need to create a local user on your UniFi controller, expose the API to the internet securely, and enter the credentials into the Pult Dashboard.

Credentials you'll collect along the way:

CredentialSource
Controller URLYour public IP + port (e.g., https://203.0.113.5:8443)
Root Certificate(Optional) Self-signed TLS certificate from the UniFi controller
UsernameLocal read-only user created on the UniFi controller
PasswordPassword for the local user

Step 1: Create a Local Read-Only User

  1. Log in to your UniFi Controller through the local network (e.g., https://10.0.0.1). Prefer local access over the UniFi Cloud portal.
  2. Navigate to Settings → Admin & Users.
  3. Click Create New Admin.
  4. Enable Restrict to Local Access Only.
  5. Set a custom username and a secure password.
  6. Assign read-only role permissions.
  7. Click Create.

Click Create New Admin in UniFi Settings → Admin & Users

Enable Restrict to Local Access Only and assign read-only permissions

Using a local account avoids potential issues with multi-factor authentication (MFA) requirements on cloud accounts.

Step 2: Expose the UniFi API

Pult needs to reach the UniFi controller API over the internet. Set up port forwarding and firewall rules to allow this securely.

Port Forwarding

  1. In your UniFi Controller, navigate to Settings → Routing → Port Forwarding (or Policy Engine → Port Forwarding).
  2. Create a new port forwarding rule:
SettingValue
NamePult
WAN InterfaceYour internet-facing interface with the static public IP
WAN Port8443
FromLimited to 3.73.170.193 (Pult's IP address)
Forward IPYour UniFi controller's internal IP (e.g., 10.0.0.1)
Forward Port443
ProtocolTCP

UniFi port forwarding rule configured for Pult

Firewall Rule

  1. Navigate to Policy Engine → Traffic & Firewall Rules.
  2. Create a new firewall rule:
SettingValue
Rule TypeAdvanced
TypeInternet Local
NamePult
ActionAccept
ProtocolTCP
Source TypeIP Address
Source Address3.73.170.193
Destination TypeIP Address
Destination AddressYour UniFi controller's internal IP (e.g., 10.0.0.1)
Destination Port443

UniFi firewall rule restricting the exposed port to Pult's IP

If your UniFi Gateway is behind another router (double NAT), ensure port forwarding is configured on both devices, or set the upstream router to bridge mode.

Verify (Optional)

You can verify the configuration by accessing https://<your-public-ip>:8443 from outside your network. You should see the UniFi login page (with a self-signed certificate warning).

Step 3: Export the TLS Certificate (Optional)

Most UniFi controllers use a self-signed TLS certificate. While optional, providing this certificate to Pult improves connection security.

To export the certificate in Chrome:

  1. Navigate to your controller URL in Chrome.
  2. Click the lock/warning icon in the address bar.
  3. Export the certificate in PEM format.

Open the security details from the Chrome address bar

Export the certificate in PEM format

Step 4: Configure in Pult

  1. In the Pult Dashboard, go to Settings → Presence → WiFi Settings.
  2. Click Add Integration and select UniFi.
  3. Fill in the fields:
    • Controller URL -- https://<your-public-ip>:8443
    • Root Certificate -- (Optional) Paste the exported certificate contents
    • Username and Password -- from Step 1
  4. Click Save.

Pult validates the connection on save. Once connected, the integration status will show as Connected.

Fill in the UniFi integration fields in the Pult Dashboard

Last updated on Apr 20, 2026, 10:32 PM

Overview

What data Pult pulls from UniFi, what it enables, and what you need.

Location Mapping Rules

Configure rules that map WiFi client activity to presence locations based on IP subnets and access point labels.

On this page

Step 1: Create a Local Read-Only UserStep 2: Expose the UniFi APIPort ForwardingFirewall RuleVerify (Optional)Step 3: Export the TLS Certificate (Optional)Step 4: Configure in Pult