Skip to main content

SCIM Users API

The SCIM Users API is based on the open standard System for Cross-domain Identity Management (SCIM): Protocol 1.1. SCIM is an open standard used for automating the exchange of user identity information between identity domains or IT systems. Its purpose is to facilitate and ease the management of user identities in cloud based applications. BigPanda uses JSON-based formats for SCIM.

SCIM Users

Authentication

All BigPanda APIs require Bearer Token Authorization in the call headers.

This API uses the User API Key type of Authorization token.

BigPanda recommends adding Authentication headers only in the secure tool you use to make API calls.

Parameters

The Service Provider Configuration object schema includes the following attributes.

Attribute

Description

Type

schemas

Array of the ids of the schemas available through the Service Provider Configuration

Array

id

Unique identifier of the schema

String

patch

Determines whether users are able to send patch calls

Boolean

bulk

Bulk and return operations settings

Attributes:

supported - Determines whether bulk returns are available during SCIM API calls

maxOperations - The maximum number of users that can be returned per bulk API calls

maxPayloadSize - The character limit for bulk API call returns

Object

filter

Bulk and return operations settings

Attributes:

supported - Determines whether users are able to use a filter on GET calls

maxResults - The maximum number of users that can be returned per API call

Object

changePassword

Password change settings

Attributes:

supported - Determines whether a patch call can be sent to update a user’s password field.

Object

sort

Sort settings

Attributes:

supported - Determines whether users are able to change the order results are listed in

Object

etag

Etag support settings

Attributes:

supported - Determines whether users are able to use the etag feature.

Object

authenticationSchemas

Array of the authentication schemas that will be accepted by SCIM API calls

Attributes:

type - What type of authentication token the authentication uses

name - The name of the authentication schema as set by IETF standard

description - The description of the authentication schema as set by IETF standard

specUrl - The URL link to specifications for the authentication

primary - Determines whether this is the default authentication type for SCIM calls

Array of Objects

xmlDataFormat

xml format support options

Attributes:

supported - Determines whether SCIM user data can be sent in an xml file

Object

Sample Service Provider Config Object

{
  "schemas": [
    "urn:scim:schemas:core:1.0"
  ],
  "id": "urn:scim:schemas:core:1.0",
  "patch": {
    "supported": true
  },
  "bulk": {
    "supported": false,
    "maxOperations": 10000,
    "maxPayloadSize": 10000000
  },
  "filter": {
    "supported": true,
    "maxResults": 1000
  },
  "changePassword": {
    "supported": false
  },
  "sort": {
    "supported": true
  },
  "etag": {
    "supported": false
  },
  "authenticationSchemes": [
    {
      "type": "oauthbearertoken",
      "name": "OAuth Bearer Token",
      "description": "Authentication Scheme using the OAuth Bearer Token Standard",
      "specUrl": "http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-01",
      "primary": true
    }
  ],
  "xmlDataFormat": {
    "supported": false
  }
}

Parameters

The Users object schema includes the following attributes.

Attribute

Description

Type

id

Unique identifier for the SCIM Resource as defined by the Service Provider

String

userName

Unique identifier for the User, typically used by the user to directly authenticate to BigPanda

String

displayName

The name of the user as displayed in the BigPanda UI

String

meta

Tags containing metadata about the user account.

Attributes:

created - The DateTime ( ISO 8601) the resource was added to the Service Provider

location - The URI of the resource being returned

Object

active

Indicates if the user's administrative status is active and can authenticate to BigPanda.

Boolean

password

The user's initial clear text password.

This attribute is used to specify an initial password when creating a new User.

This value will never be returned by a Service Provider in any form

String

phoneNumbers

The user’s phone number. BigPanda supports only 1 phone number per user

Attributes:

value - the string with the phone number

type - what type of number. Options are: work, home, other

Object

roles

A list of BigPanda roles assigned to the user

Array of Strings

Sample SCIM User Object

{
  "id": "5f82d3495558352a180e51cb",
  "userName": "[email protected]",
  "displayName": "Stella R",
  "active": true,
  "meta": {
    "created": "2020-10-11T09:41:29.372Z",
    "location": "https://api.bigpanda.io/resources/v2.0/scim/Users/5f82d3495558352a180e51cb"
  },
  "schemas": [
    "urn:scim:schemas:core:1.0"
  ],
  "roles": [
    "admin",
    "user"
  ],
  "phoneNumbers": [
    {
      "value": "+555-634-5375",
      "type": "other"
    }
  ]
}
In this section: