Overview
System for Cross-domain Identity Management, or SCIM, is an API specification created to facilitate the management of people and groups of people in cloud-based applications and services.
Contentful’s SCIM API is built on top of the SCIM 2.0 specification and can be integrated with major Identity Providers like Okta and OneLogin. It is possible to use our SCIM API to programatically create and manage organization memberships and teams within your Contentful organization.
To learn more about our SCIM support and to see the full list of supported Identity Providers, visit our FAQs.
Basic API information
API Base URL https://api.contentful.com/scim/v2/organizations/{org_id}
This is a read/write API
Authentication
To use the SCIM API you’ll need an access token. This token will have the same rights as the owner of the account that generated it.
This account must have an Organization Membership in the Contentful organization where you intend to use the SCIM API. Its organization role should be either admin or owner.
We recommend that the organization role be set to owner.
Contentful recommends using Personal Access Tokens to manage SCIM API access. You can create personal access tokens in the Contentful web app. Go to the API Tokens section in the Account settings. Navigate to the Personal Access Tokens section and create a token.
Using the API
You can access the API securely via HTTPS.
The Authorization header with the type of Bearer must be used passing the access token when calling any of the methods in the API.
All API requests must specify a Content-Type header of application/scim+json.
Managing access to Spaces
It is not possible to manage space memberships directly via the SCIM API, but it is possible to use teams to manage access to spaces.
Contentful teams can be mapped to groups within the Identify Providers. See the Groups section below for details.
SCIM API endpoints
Note: The Contentful SCIM API follows the SCIM 2.0 specification and has many differences from other Contentful APIs.