User unlock

User unlock enables you to unlock doors on behalf of specific users by using their login credentials as the API key. When you authenticate with a user's login secret instead of an admin API key, all unlock actions are automatically attributed to that specific user in audit logs, maintaining detailed audit trails and user-specific tracking.

This approach is ideal for building custom mobile apps, kiosks, or web interfaces where users need to unlock doors they have permission to access. Each unlock action is attributed to the specific user who triggered it, providing complete visibility into who accessed which doors and when.

Your application handles the user experience and unlock triggers, while Kisi enforces the access control policies configured in your organization. Users interact with doors through your app without needing the Kisi app installed. Implementation requires you to obtain user login credentials, fetch their accessible locks, and trigger unlocks using those credentials.

What you can do

• Implement in-app unlocks - Build custom unlock interfaces that authenticate with user credentials
• Log in on behalf of users - Obtain user login credentials to use as the API key for user-attributed actions
• Count or limit unlocks - Track and restrict the number of times users can unlock doors

How it works

User unlock follows this pattern:

1. Create a login on behalf of the user to obtain their API credentials
2. Use the user's credentials to fetch the list of doors they can access
3. Implement proximity checks (optional)
4. Trigger unlocks using the user's credentials, not admin credentials

This approach ensures that users can only unlock doors they have permission to access, all unlock events are attributed to the correct user in audit logs, and access control policies are enforced at the user level.

note

User unlock via API provides in-app unlock functionality only (button-based unlocks within your application). If you need physical unlock methods at the reader like tap to unlock (NFC/BLE) or MotionSense, you must use the SDK integration.

Getting started

Before implementing user unlock, make sure you've completed the quick start guide to understand API authentication and basic request patterns. Then follow the guides above to implement credential management, the unlock flow, and optional unlock limits.