Skip to content

API integration

This page contains an overview of the details required to communicate with Digidentity's SCIM API.

Endpoints

  • Pre-production: https://gate.digidentity-preproduction.eu/api/v2/scim/
  • Production: https://gate.digidentity.eu/api/v2/scim/

Exception in case of MS Entra ID

In case you use MS Entra ID, the endpoints will need to be:

  • Pre-production: https://gate.digidentity-preproduction.eu/api/v1/scim/?aadOptscim062020
  • Production: https://gate.digidentity.eu/api/v1/scim/?aadOptscim062020

Authentication

Where possible, Digidentity uses OAuth2 client_credentials authentication for IGA SCIM implementations (with the exception of Microsoft Entra systems which require bearer token authentication).

Credentials for authentication will be provided by Digidentity's Implementation team during onboarding. These will need to be configured in your SCIM application to secure its connection to Digidentity.

Security best practices

Keeping your OAuth client credentials (or bearer token) secret is vital to the security of your application.

  1. Keep your credentials secure:
    • Do not expose your credentials in URLs, public repositories, or logs.
    • Do not share your credentials via email, screen-share, or any other unsecured method.
    • Store your credentials in a trust store or secure environment variable (where applicable).
  2. Use HTTPS to prevent interception of your credentials.
  3. Report compromised credentials by contacting Digidentity.