How to Guide

Using Kisi's API to Unlock Doors With Your App

By Mike Tong
October 25, 2018

How much time and money do you spend issuing and programming new ID cards and keys every year? For a fraction of the cost and time, you could replace nearly all your physical access credentials with secure digital ones that require a smartphone to use. This helps solve the problem of onboarding and offboarding staff, members and visitors as well as lost keys and security concerns.

Access-Control-as-a-Service (ACaaS) gives you more control over building management. As well as handling access control it gives you real-time information on who is your buildings, and you can integrate ACaaS platforms with other external sources of information in your organization such as CRM and calendars.

This article explains how Kisi fits into this ecosystem and highlight why it is better than alternatives such as HID, August, Nuki or the Amazon door lock API. It outlines basic architectural decisions of how a custom application, the Kisi API, Kisi backend and external data sources connect and work together. To illustrate this the article creates an example JavaScript application that authenticates with the API and highlights how areas of the web application (authentication, users, places, gateways, locks, etc.) relate to the code in an application.

How smart lock platforms compare

Most smartphone-based ACaaS platforms share a few key attributes. Users typically download an app through which you assign permissions to them and then gain access through readers or sensors posted at entrances, similar to how a badge or contactless card works.

Most smart lock solutions on the market are not designed for multiple access points with different permissions for different locations depending on the role of a staff member or visitor. With Kisi, you can handle this process with an administration or front desk member of staff.

Just as people don’t carry keys all the time, they may not always carry (or even own) a smartphone. Kisi offers the ability to supply alternative credentials, including integration with swipe cards.

Let’s take a look at the available options:

August smart lock

Replace entire lock: No (replaces only the inside) Means of entry: Smartphone app, key, key code (with optional keypad) Integrations: Apple HomeKit, Amazon Alexa, IFTTT, Google Assistant and more. API access: Only with partner program or IFTTT.

HID

Replace entire lock: Unsure Means of entry: Smartphone, tablet or wearable. Limitations: Aimed at enterprise and hard to understand what they offer Integrations: Unsure API access: Several APIs

Brivo API

Replace entire lock: Yes Means of entry: Keycard and remote access Integrations: Specialized hardware, find out more API access: Yes, comprehensive

Nuki

Replace entire lock: No. Place over lock requires a drill. Means of entry: Smartphone, tablet, wearable and key fob. Integrations: Amazon Alexa, Google Assistant, IFTTT API access: Yes

Amazon Lock API

Replace entire lock: Depends on lock Means of entry: Amazon Alexa Integrations: Amazon Alexa API access: Yes, but only with Amazon Alexa skills

The Kisi Platform

The main area of your Kisi dashboard shows the locations you’ve defined, click on the location to see the access points, users, groups and settings for that location. The place in the screenshot below has two access points and 366 users in one group.

dashboard
The Kisi Dashboard

The Settings pane of the dashboard provides access to analytics information and any integrations you’ve added.

To integrate Kisi’s services into your application, you need to use our API. You can find all of the functions of the web interface in the API, plus many more. We use our JavaScript SDK to demonstrate, for other languages you need to use standard HTTP libraries to communicate with the API.

To start, create an instance of the client, authenticate with the API and list your places, use the following:

Kisi API

This code results in a JSON response of your places, with all the metadata associated with each place. To get the details of a particular lock use the following with the ID of the place:

Kisi API

Which is equivalent to this screen in the web dashboard.

locks
Locks in a place

To unlock a lock, pass the lock ID:

Kisi API

External data sources

If you don’t want to build a custom integration, Kisi includes integrations with a dozen services that provide your places, locks and members with data from external sources. These include Active Directory and Google Apps for user lists, door management linked to calendar entries, member access levels from six different membership services and connectivity to security video systems. You can add these integrations from the web app, and from the API with the integrations resources.

data
Add a calendar connection to Kisi

Combining these integrations with your custom applications gives tremendous potential. A new client can sign up with their Google account; your custom application checks that the user has a valid membership and if so, grants them access to your doors.

Advanced use cases

The power of the Kisi platform comes from its extensibility. An open API allows limitless possibilities for getting data in and out of the platform to trigger actions and create applications beyond pure access control.

Take for example intrusion detection. You could use sensors connected to your Kisi controller and attached to external doors or windows. Then with a custom application, use the integrations endpoint to add a new webhook listener:

Kisi API

When a sensor triggers that webhook, you can use the body set above to then trigger further Kisi or 3rd party API endpoints that match your use case, such as preventing the intruder from opening the door from the inside or trigger an alarm system.

Alternatively, take another example of using proximity sensors to introduce even more convenience to your building. By using a proximity sensor triggered by an authorized keycard or mobile device, you can use the unlock endpoint to open a lock as the person nears it and simultaneously record exit events for individuals and your building.

Conclusion

There are three use cases that we see most frequently for working with the Kisi API and integrating it with your application or infrastructure:

  • Using one of the default integrations.
  • A custom provisioning and de-provisioning of new users, responding to data from external CRM or membership systems.
  • Building a custom app for locking and unlocking doors.

Thanks to the API, the potential use cases go further than these, and we look forward to hearing what you build.

container
Mike Tong

Related Articles

How to troubleshoot your magnetic door lock
August 2, 2018
How to Design and Equip a Best-in-Class Conference Room
October 2, 2018
Any HID Keycard Can Easily Be Hacked Using A $10 device
December 4, 2018

Stay updated with Kisi about news and feature releases

Free access to our best guides, industry insights and more

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Fail Safe vs Fail Secure
Best Resources
Access Control - Sample RFP
Physical Security Assessments
Mobile Access News
Employee Spotlight - Karen
Smart Door Alerts
Digital Employee Badge
Chat with Founders
Device Management
Hacking HID Keycard with $10 Device
Hacking HID with Wiegand Protocol Vulnerability
Copy prox HID ID Card
Workplace Tool Deployment
Access Control API
WiFi Speed Test Apps
Communication Protocols Used by IoT
Top NYC Coworking Spaces
Top San Francisco Coworking Spaces
Kisi for Slack
Building a Slack Doorbell
AC Installation Costs and Price per Door
Name Badge Templates
HIPAA Compliant
Cutting Slack
Solutions for Old Key Fobs
SEO for Coworking Space Websites in 2019
Office Security
IoT in Physical Security
Smart Locks Hacked By Bluetooth
Beacon Security Issues
Running a Successful Coworking Space
Kisi iOS 4.0.0 Release
IT Budget Planning
3 Tips for Coworking Spaces
Choosing Electrical Contractor
NICU Security
Signs to Change Access Control
Top 3 Safety and Security Tips for Airbnb Hosts
What is IoT?
Microchip Tagging Oneself
Office Design Productivity
7 Tips to Prevent Cloud Security Threats
Coworking vs Facility Management
Benefits of Cloud Access Control
Avoiding Locksmith Scams
10 Cloud Tools
Carrying Out Vendor Security Assessments
Ultimate Real Estate Apps Guide
6 Layers of Security Your IoT Setup Needs
Internet Of Things in the Workplace
2018 Most Influential People in Coworking
Top HR Influencers to Watch in 2018
Employee Spotlight - Jorge
Types of Physical Security Threats
HID Card Types
Remote IT Management
Identity Access Management Tools
Access Control System Maintenance
How Do Hotel Key Cards Work
Physical and Cyber Security Convergence
How to Set Up Your Enterprise WiFi
Step-by-Step Tutorial: How to Copy or Clone Access Cards and Key Fobs
GDPR Public Announcement
How to Calculate Facility Code Using Card Bit Calculators
Authentication Protocol Overview: OAuth2, SAML, LDAP, RADIUS, Kerberos
How to Avoid a Demagnetized Key Card or Key Fob
HID iClass SE Reader - Take a look inside the components | Kisi
How to Share Your Company WiFi Password Securely
Equipment Leasing Models
Magnetic door lock troubleshooting
On and Offboarding
Employee Spotlight - Alberto
Door Entry System Options For Gyms
Church Security Policy and Procedures
School Security, Safety and Access Control for Plan Education
Hospital Access Control
Employee Spotlight - Nate
3 Types of Cloud Access Control for Elevators Using Kisi
The 2 Burglar Alarm Options for Offices: Simplified With Kisi’s Access Control
Employee Spotlight - Jamie
How IoT Drives the Convergence of Cyber and Physical Security
Physical Penetration Testing Explained
How Security Can Increase the Revenue at Your Shared Workspace
Kisi Implements Free Access Card Security Test
Converting Corporate Headquarters to Coworking With 24/7 Access Control
Interview With Workspace Strategies
Keyless Access Control for Flexible Workspaces
Using Kisi With Fire Alarms
iWatch Series 4 Release: Did You See That Apple Door Reader?
Internet of Things Technologies in Smart Buildings for Flexible Workspaces
Kisi Named to Inc. 500 List of Fastest Growing Companies
IoT Marks the Convergence of Physical Security and Cybersecurity
The Future of Self-Storage: Q&A With StoreMe
How to Design and Equip a Best-in-Class Conference Room
The IT Experience on Becoming a Certified Google Administrator
Using Modular and Flex Spaces to Foster Collaboration
Security, Scalability and Growth: Toward a Comprehensive IT Strategy
Employee Spotlight: Mateusz
Daycare Security Measures: Door Locks, Unauthorized Access and Security Breaches
How to Guide
Guides
Customisation
Features