The Users APIs allow you to provision and manage your users. These APIs are also built in accordance with the SCIM 2.0 Core Schema so that you can automatically provision and deprovision users within the OneTrust application using your organization’s identity provider.
For a sample postman collection of the Users APIs, click the link below:
Creating a new user
The POST /Users endpoint can be used to create a new user. The newly created user will be assigned the default role and organization, as configured on the User Provisioning screen within Global Settings within the application.
You can also add the newly created user to multiple SCIM Groups by using the PATCH /Groups/{groupId} endpoint. For more information, see Updating a User's Role & Organizations.
Example Request:
POST https://trial.onetrust.com/api/scim/v2/Users
Request Body:
{
"name": {
"familyName": "Test",
"givenName": "User4"
},
"userType": "Internal",
"emails": [
{
"value": "[email protected]",
"type": "work"
}
],
"schemas": [
"User"
]
}
Response Body:
{
"id": "e8b74a66-83c1-4276-afac-2fce6b81d78c",
"externalId": null,
"meta": {
"created": "2020-10-07T01:38:45.740+00:00",
"lastModified": "2020-10-07T01:38:45.887+00:00",
"location": "https://trial.onetrust.com/api/scim/e8b74a66-83c1-4276-afac-2fce6b81d78c",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "[email protected]",
"name": {
"familyName": "Test",
"givenName": "User4"
},
"userType": "Internal",
"active": false,
"groups": [
{
"value": "331aeef9-887f-4851-9242-b7a008d061be:a2bdc525-72f0-41a6-8537-171113a7cfbe",
"display": "Auditor - TestUser"
}
],
"emails": [
{
"value": "[email protected]",
"display": "[email protected]",
"primary": true,
"type": "work"
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"businessUnit": null,
"division": null,
"employeeId": null,
"officeLocation": null,
"department": null,
"manager": {
"value": null,
"displayName": null,
"$ref": "https://trial.onetrust.com/api/scim/e8b74a66-83c1-4276-afac-2fce6b81d78c"
},
"jobTitle": null
}
}
Retrieving the list of users from your OneTrust account
The GET /Users endpoint can be used to retrieve the list of all Active and Inactive users in the account.
Note: The Response will not include Invited users.
Example Request:
GET https://trial.onetrust.com/api/scim/v2/Users?startIndex=1&count=1000
Response Body:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 7,
"startIndex": 1,
"itemsPerPage": 2,
"Resources": [
{
"id": "dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"externalId": null,
"meta": {
"created": "2020-09-22T13:57:14.813+00:00",
"lastModified": "2020-09-28T21:02:08.003+00:00",
"location": "https://trial.onetrust.com/api/scim/v2/Users/dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "[email protected]",
"name": {
"familyName": "User",
"givenName": "Google"
},
"userType": "Internal",
"active": true,
"groups": [
{
"value": "331aeef9-887f-4851-9242-b7a008d061be:9c41e0f1-d596-4c5e-a620-1221533581bf",
"display": "Auditor - TestUser"
}
],
"emails": [
{
"value": "[email protected]",
"display": "[email protected]",
"primary": true,
"type": "work"
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"businessUnit": null,
"division": null,
"employeeId": null,
"officeLocation": null,
"department": null,
"manager": {
"value": null,
"displayName": null,
"$ref": "https://trial.onetrust.com/api/scim/v2/Users/dd525596-f8bb-45d8-83e5-02bbb3c501a1"
},
"jobTitle": null
}
},
{
"id": "54f98b9f-9521-49f7-98bf-f69e2f85a4b1",
"externalId": null,
"meta": {
"created": "2020-09-25T22:58:39.253+00:00",
"lastModified": "2020-09-30T13:28:22.790+00:00",
"location": "https://trial.onetrust.com/api/scim/v2/Users/54f98b9f-9521-49f7-98bf-f69e2f85a4b1",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "[email protected]",
"name": {
"familyName": "User3",
"givenName": "Google"
},
"userType": "Internal",
"active": true,
"groups": [
{
"value": "331aeef9-887f-4851-9242-b7a008d061be:9c41e0f1-d596-4c5e-a620-1221533581bf",
"display": "Auditor - TestUser"
}
],
"emails": [
{
"value": "[email protected]",
"display": "[email protected]",
"primary": true,
"type": "work"
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"businessUnit": null,
"division": null,
"employeeId": null,
"officeLocation": null,
"department": null,
"manager": {
"value": null,
"displayName": null,
"$ref": "https://trial.onetrust.com/api/scim/v2/Users/54f98b9f-9521-49f7-98bf-f69e2f85a4b1"
},
"jobTitle": null
}
}
]
}
Retrieving a specific user from your OneTrust account
The GET /Users/{id} endpoint can be used to retrieve a specific user from the account using their unique User ID.
Example Request:
GET https://trial.onetrust.com/api/scim/v2/Users/dd525596-f8bb-45d8-83e5-02bbb3c501a1
Response Body:
{
"id": "dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"externalId": null,
"meta": {
"created": "2020-09-22T13:57:14.813+00:00",
"lastModified": "2020-09-28T21:02:08.003+00:00",
"location": "https://trial.onetrust.com/api/scim/dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "[email protected]",
"name": {
"familyName": "User",
"givenName": "Google"
},
"userType": "Internal",
"active": true,
"groups": [
{
"value": "331aeef9-887f-4851-9242-b7a008d061be:9c41e0f1-d596-4c5e-a620-1221533581bf",
"display": "Auditor - TestUser"
}
],
"emails": [
{
"value": "[email protected]",
"display": "[email protected]",
"primary": true,
"type": "work"
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"businessUnit": null,
"division": null,
"employeeId": null,
"officeLocation": null,
"department": null,
"manager": {
"value": null,
"displayName": null,
"$ref": "https://trial.onetrust.com/api/scim/dd525596-f8bb-45d8-83e5-02bbb3c501a1"
},
"jobTitle": null
}
}
Modifying a user's attributes
The PUT /Users/{id} endpoint can be used to modify basic user attributes, such as given name, family name, external ID, user type, and whether the user is active.
Example Request:
PUT https://trial.onetrust.com/api/scim/v2/Users/dd525596-f8bb-45d8-83e5-02bbb3c501a1
Request Body:
{
"id": "dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"externalId": "externalid",
"userName": "[email protected]",
"name": {
"familyName": "1",
"givenName": "2"
},
"userType": "Internal",
"active": false,
"emails": [
{
"value": "[email protected]",
"type": "work",
"primary": true
}
],
"schemas": [
"User"
]
}
Response Body:
{
"id": "dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"externalId": "externalid",
"meta": {
"created": "2020-09-22T13:57:14.813+00:00",
"lastModified": "2020-09-28T21:02:08.003+00:00",
"location": "https://trial.onetrust.com/api/scim/dd525596-f8bb-45d8-83e5-02bbb3c501a1",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "[email protected]",
"name": {
"familyName": "1",
"givenName": "2"
},
"userType": "Internal",
"active": false,
"groups": [
{
"value": "331aeef9-887f-4851-9242-b7a008d061be:9c41e0f1-d596-4c5e-a620-1221533581bf",
"display": "Auditor - TestUser"
},
{
"value": "444fd8af-e1ee-4742-b1af-94165a8c28c6:9c41e0f1-d596-4c5e-a620-1221533581bf",
"display": "Assessments Manager - TestUser"
}
],
"emails": [
{
"value": "[email protected]",
"display": "[email protected]",
"primary": true,
"type": "work"
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"businessUnit": null,
"division": null,
"employeeId": null,
"officeLocation": null,
"department": null,
"manager": {
"value": null,
"displayName": null,
"$ref": "https://trial.onetrust.com/api/scim/dd525596-f8bb-45d8-83e5-02bbb3c501a1"
},
"jobTitle": null
}
}