SCIM API

System for Cross-domain Identity Management (SCIM) is an API specification created to facilitate the management of people and groups in cloud-based applications and services.
Netsparker SCIM API is built on top of the SCIM 2.0 specification and can be integrated with all Identity Providers. With the Netsparker SCIM API, you can create and manage users and teams programmatically.

By using the Netsparker SCIM API, you can perform the following operations:
  • Create users or groups
  • Search for users or groups
  • Retrieve and update a user’s or group's profile
  • Change a user’s password A good password should contain 8 - 256 characters. As you mix lowercase/uppercase letters, digits and special characters it will become stronger. You are also encouraged to use a pass phrase.
HTTP Basic Authentication
When you make calls to the API, you need to provide your User ID and API Token in the HTTP Basic authentication header; in the form: Authorization: Basic {XXX} where {XXX} is your Base64-encoded USERID:API-TOKEN.


You can get your API credentials by following the steps of "How to Access Your API Credentials".
Bearer Authentication
You can use Base64-encoded (USERID:API-TOKEN) as a bearer authentication token.
You can access the API securely via HTTPS. All API requests must specify a Content-Type header of application/scim+json.

Resource URL

You can make the requests to the endpoints below with the specified permissions.

End Point Permission
scim/v2/users -- /Post/Patch/Put EditMember
scim/v2/users/Get ViewMemberList
scim/v2/users/Delete DeleteMember
scim/v2/groups -- /Post/Patch/Put AddTeam / EditTeam
scim/v2/groups/Get ViewTeamList
scim/v2/groups/Delete DeleteTeam
SCIM (Users) lets you create users in Netsparker, gives them the proper level of access, and revokes the access for users when they leave your organization or no longer need access to Netsparker.

It is possible to filter by the userName eq filter, or providing a valid user email address as the value. See the Filtering section in the SCIM 2.0 specification for details.


You can perform operations such as creating and updating groups in SCIM (group) and Netsparker, and adding users to groups or removing users from groups.

You can use filters to specify subsets of groups. For example, you can apply the sw (starts with) filter parameter to displayName to retrieve a specific group or set of groups.


To simplify interoperability, SCIM provides three endpoints to discover supported features and specific attribute details: