Skip to main content

Remove access rights

info

The term role assignment in the Kisi API is equivalent with the term access right in the Kisi web UI.

Some use cases (e.g. to delete or update access rights) require that you fetch the role assignment id first.

  1. Follow this guide to fetch the user id
  2. Send a GET request to the Fetch role assignments endpoint and filter by user_id

Example

curl --request GET \
--url 'https://api.kisi.io/role_assignments?user_id=<user_id>' \
--header 'Authorization: KISI-LOGIN <API_KEY>' \
--header 'Content-Type: application/json'

Response

If your request was successful, you should get back a 200 OK response.

  • If the user doesn't have any role assignments, the response will be an empty list.
  • Otherwise, you'll receive a list of the role assignments they have in Kisi:
[
{
"id": 0,
"user_id": 0,
"role_id": "string"
},
{
"id": 0,
"user_id": 0,
"role_id": "string"
}
]

Keep this id safe, since you'll need this role assignment id in the coming steps.

Remove access rights

Depending on a user's status at your organization, you can either:

  • Delete access rights - if for any reason, a user no longer needs a specific access right to the organization, place or group, you will want to remove this specific access right
  • Temporarily disable physical access - e.g. if a user takes an extended period away from work, you will want to temporarily disable physical access for them in the entire organization. In this case, the user won't be able to unlock any Kisi-enabled doors until their rights are enabled again.
  • Delete a user profile - e.g. if a user leaves your organization, you will want to remove their profile entirely.

Delete access rights

  1. Fetch the role assignment id by following this guide
  2. Send a DELETE request to the Delete role assignment endpoint and replace {id} with the role assignment id

Example

curl --request DELETE \
--url https://api.kisi.io/role_assignments/<role_assignment_id> \
--header 'Authorization: KISI-LOGIN <API_KEY>' \
--header 'Content-Type: application/json'

Response

If the request was successful, you'll receive a 204 No Content response.

Temporarily disable physical access

  1. Identify the member id by navigating to the URL of the member's profile page in the web UI. For example, the member id is 32413379 for https://web.kisi.io/organization/3289/members/32413379

  2. Send a PATCH request to the Update member endpoint

Depending on the user's authentication type, you have two options: disable physical access for a user that has email and password authentication, or for a user managed by SCIM. Find the required parameters on the tabs below.

To disable physical access for a user with password flow enabled, set access_enabled to false, as shown below:

curl --request PATCH \
--url https://api.kisi.io/members/<member_id> \
--header 'Authorization: KISI-LOGIN <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
"member": {
"access_enabled": false
}
}'

To re-enable physical access, set the above parameters to true.

Response

In all cases, if the request was successful, you'll receive a 204 No Content response.

Delete a user profile

If a user leaves your organization, you will want to remove their profile entirely.