Home > Product & Features

Full Digital Governance Over Physical Access

Key2XS bridges the gap between identity management and physical key infrastructure — delivering compliance, audit readiness, and operational control.

Scherm_afbeelding 2025-12-30 om 14.35.52-1

Identity-Linked Access

Every physical key tied to a verified digital identity through your IAM system.

Automatic provisioning on joiner events
Instant revocation on leaver events
11 IAM providers supported

Policy Enforcement

Access policies defined once, enforced everywhere — across all connected key systems.

Role-based approval workflows
No unreviewed changes reach key systems
Segregation of duties enforced

Complete Audit Trail

Every key issuance, return, and access event logged with full user attribution.

Full transaction log for every change
NIS2 and CER compliance reports
Custom report builder with filters

Approval Workflows

Role-based or user-based approvers, scoped per operation type and key plan.

Pending Change Tracking

Rules stay pending until approved — nothing syncs unreviewed to key systems.

NIS2/CER Reporting

Built-in report generator for EU regulatory compliance evidence.

Transaction Audit Log

Every insert, update, and delete tracked with full user attribution.

Audit Report Builder

Custom filters by user, key, cylinder, event type, and date range with export.

Notification Rule Engine

Configurable email alerts triggered by platform events.

Multi IAM-Support

Okta, Entra ID, SailPoint, One Identity, OpenText, and more out of the box.

Real-Time JML Automation

Joiner/Mover/Leaver events trigger automatic access changes via webhooks, polling, or SCIM.

SCIM 2.0 Provisioning

Standards-compliant inbound provisioning from any SCIM-capable IAM system.

Field Mapping

Automatic and manual attribute mapping between IAM and access profiles.

SSO Support

Single sign-on with IAM of choice and callback handling for seamless authentication.

Key Lifecycle

Create, assign, return, and archive keys with full status tracking.

Cylinder & Lock Management

Organize cylinders into groups and link them to locations.

Location Management with Maps

Geographic visualization of cylinder locations on interactive maps.

Key Plan Management

Define access rules by role, department, or job function.

Sync Rules

Configure which rules sync to which physical key systems with status monitoring.

iLOQ S50 Phone Keys

Provision Bluetooth mobile keys directly from the platform.

AI Key Plan Generator

5-stage pipeline from CSV discovery to access profile generation with human review.

Org Context Questionnaire

AI adapts to your industry, governance model, language, and cultural context.

Smart Suggestions

AI recommends cylinder assignments based on organizational patterns.

Key Plan Analytics

User counts, access stats, and active rule trends over configurable time periods.

Access Relationship Graph

Interactive visualization of role-to-cylinder access mappings.

JWT Authentication

Automatic token expiration and refresh for secure session management.

Role-Based Access Control

Super-admin, sub-admin, and user roles with fine-grained route guards.

Access Event Logging

Every granted and denied event tracked per user, key, and cylinder.

Credential Expiry Warnings

Proactive alerts for expiring integration credentials before they cause failures.

Sync Failure Reporting

Detailed failure reasons: network errors, missing keys, configuration issues.

Unified Connection Manager

Manage all IAM, key system, and external connections from one interface.

Wizard-Based Onboarding

Step-by-step setup flows for every integration type.

ArcGIS Integration

GIS and mapping data for location-based asset management.

CSV/Excel Import

Bulk import organizational data for AI key plan processing.

P3XS Built-In User Management

Manage external employees and contractors without an IAM system.

app.key2xs.com/dashboard

1 Policy enforcement rules

2 AI generated access plans

3 Approval workflows

4 Create CER audit reports

5 Real-time key status monitoring

1 Policy enforcement rules
2 AI generated access plans
3 Approval workflows
4 Create CER audit reports
5 Real-time key status monitoring

Dashboard

Key Plans

Audit Trail

Connection Manager

Works With Your Stack

Connects to your existing IAM providers and physical key systems

See all integrations

Getting Started

From first conversation to full deployment — a structured path to securing your physical access infrastructure

Discovery Call

1 hour

Understand your key infrastructure, IAM environment, and compliance requirements

Technical Assessment

1–2 weeks

Map your current key systems, cylinders, and identity sources. Define integration scope for your IAM platform and key system.

Pilot Deployment

2–4 weeks

Deploy Key2XS on a subset of your infrastructure. Connect to your IAM system and key management platform. Validate audit trail and compliance reporting.

Full Rollout

Timeline varies

Expand to all sites, keys, and cylinders. Train security and facilities teams. Go-live with full governance and compliance monitoring.

Ongoing Support

Dedicated account management, platform updates and new integrations, compliance support for CER/NIS2 audits.

See Key2XS in Action

Discover how Key2XS extends IAM governance to physical access.

Request a Demo