/
Buypass Access Manager - SCIM API

Buypass Access Manager - SCIM API

SCIM API (System for Cross-domain Identity Management) er en åpen standard som forenkler og automatiserer utvekslingen av brukeridentitetsinformasjon mellom systemer.

Den tilbyr et standardisert REST API med JSON for vanlige identitetsoperasjoner som:

  • Opprettelse: lage nye brukerkontoer

  • Deaktivering/sletting: fjerne kontoer når brukere slutter

  • Oppdatering: endre brukerattributter

Buypass tilbyr SCIM for provisjonering av brukere til Buypass Access Manager.

Kontakt Buypass for å få opprettet klient med tilhørende påloggingsinformasjon.

image-20250911-134836.png
Tilgang til OIDC og SCIM API

 

Base URLs

Production

https://api.buypass.no/access-scim-api 

test4/qa04

https://api.test4.buypass.no/access-scim-api (swagger)

https://qa04-ics-gvk.k8s.bpqa.buypass.no/access-scim-api

API Endpoints

/Tenants/{tenant_id}/Users

Retrieve, add and modify users.

/Schemas

Retrieve one or more supported schemas.

/ResourceTypes

Retrieve supported resource types.

/ServiceProviderConfig

An HTTP GET to this endpoint will return a JSON structure that describes the SCIM specification features available on a service provider.

API Schemas

  • urn:ietf:params:scim:schemas:core:2.0:User

  • urn:ietf:params:scim:schemas:extension:buypass:2.0:upn:User 

Core

Field

Description

Example

Required

Mutability

Field

Description

Example

Required

Mutability

userName

Unique identifier for the user, used by the user to directly authenticate with the service provider. Must be the Norwegian National Person Identifier.

"userName" : "01026201590"

Required

Immutable

externalId

An identifier for the User as defined by the customer

"externalId": "701984"

Required

ReadWrite

name

The user's real name

"name": { "familyName": "Jensen", "givenName": "Barbara", "middleName": "Jane" }

Required

ReadOnly

phoneNumbers

The user's phone number in E.164 format. Only one phone number is supported

"phoneNumbers":[ { "value":"+4755555555" } ]

Optional

ReadWrite

emails

The user's email address. Only one email address is supported.

"emails":[ { "value":"bjensen@example.com", } ]

Optional

ReadWrite

entitlements

Array of one or more entitlement values that this user has. Supported entitlement values are:

  • allow_smartcard

  • allow_mobile_id

If no entitlements are provided the default settings for the Tenant takes effect.

"entitlements":[ { "value":"allow_smartcard", "value":"allow_mobile_id" } ]

Optional

ReadWrite

active

A Boolean value indicating whether a user is active. Only active users is supported.

"active": true

Optional

ReadOnly

 

Upn

Field

Description

Example

Required

Mutability

Field

Description

Example

Required

Mutability

upn

The name of the user in email address format

"upn" : "user@example.com"

Optional

ReadWrite