Skip to main content

Log in on behalf of users

Since managed users can't log in to Kisi themselves, an organization owner or an admin has to log in on their behalf.

Send a POST request to the Create login endpoint, following the example below.

Example

curl --request POST \
  --url https://api.kisi.io/logins \
  --header 'Authorization: KISI-LOGIN <API_KEY>' \
  --header 'Content-Type: application/json' \
  --data '{
  "login": {
    "type": "device",
    "device_brand": "string",
    "device_model": "string",
    "os_name": "string",
    "email": "user@example.com",
    "expire": "false"
  }
}'
  • type - all logins created by the Kisi web and mobile apps are device logins. They are logins connected to a device such as your laptop, phone etc. When logging in managed users, only device logins can be created.
  • device_brand - the brand of the device this login will be associated to
  • device_model- the model of the device this login will be associated to
  • os_name - the name of the OS of the device this login is created from
  • expire - by default, logins expire after 14 days of inactivity. You can override this by setting the expire flag to false when creating a new login.

Response

If your request was successful, you'll receive a 200 OK response with the login object, the user, and the authentication token associated with this login.

{
  "user": {
    "id": 0,
    "email": "user@example.com",
    "name": "user@example.com",
    "expire": "false"
  },
  "secret": "0"
}
  • secret - the authentication token used for this login

The login can then be used subsequently to make requests to the Kisi API on behalf of the user. When you unlock doors using this login's credentials, the unlock events will be attributed to the specific user in audit logs rather than to the admin who created the login.

Last updated on by Timofejs Golubevs