Skip to main content

Log in on behalf of users

Since managed users can't log in to Kisi themselves, an organization owner or an admin has to log in on their behalf.

Send a POST request to the Create login endpoint, following the example below.


curl --request POST \
--url \
--header 'Authorization: KISI-LOGIN <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
"login": {
"type": "device",
"device_brand": "string",
"device_model": "string",
"os_name": "string",
"email": "",
"expire": "false"
  • type - all logins created by the Kisi web and mobile apps are device logins. They are logins connected to a device such as your laptop, phone etc. When logging in managed users, only device logins can be created.
  • device_brand - the brand of the device this login will be associated to
  • device_model- the model of the device this login will be associated to
  • os_name - the name of the OS of the device this login is created from
  • expire - by default, logins expire after 14 days of inactivity. You can override this by setting the expire flag to false when creating a new login.


If your request was successful, you'll receive a 200 OK response with the login object, the user, and the authentication token associated with this login.

"user": {
"id": 0,
"email": "",
"name": "",
"expire": "false"
"secret": "0"
  • secret - the authentication token used for this login

The login can then be used subsequently to make requests to the Kisi API on behalf of the user.