When Someone Leaves the Company, Their Badge Should Die With Their Login

Rhombus + Claude Series — Tying Into the Enterprise

When an employee is terminated, your IT team deactivates their account in Okta within minutes. It’s a well-practiced workflow — it has to be, because a live login is a live security risk.

But their badge? That usually keeps working for hours. Sometimes days. Physical access control lives in a different system, owned by a different team, updated on a different schedule. There’s a window — small, but real — where a former employee can still walk into your building even though every piece of software they used is already locked down.

Most organizations treat this as an unavoidable cost of running separate systems. It isn’t. The gap only exists because the two systems don’t talk to each other. Close the loop between identity and physical access, and the badge dies the same minute the login does.

For the developers: Rhombus access control is fully API-driven, and rhombus-cli gives you a scriptable entry point. A nightly sync cron job is a few lines of Python. A real-time sync driven by an Okta webhook is about the same.

But the more interesting option is skipping the script entirely. With the Rhombus plugin for Claude Code, this becomes one prompt:

> "Find every Okta account deactivated today and revoke their Rhombus badge credentials."

Claude queries Okta, matches identities against Rhombus, and revokes access — then reports back with a log of exactly who lost what. Write it once as a scheduled prompt, and the workflow runs itself.

The payoff: Identity lifecycle stops at the login screen in most organizations. When it extends all the way to the front door, your security posture improves and your IT and facilities teams stop duplicating work. Digital and physical access become the same system, governed by the same policy.

No new middleware. No custom integration platform. Just an API-first camera system and an AI agent that can use it.