Skip to main content

New Guide on Netskope SCIM API Available

  • February 28, 2023
  • 12 replies
  • 1441 views
myee
Netskope Employee
Forum|alt.badge.img+12
  • myee
  • Netskope Employee

Some of you may know that Netskope has a SCIM API which can be integrated with IDP's such as Okta, Azure AD, etc., to provision User's and Group's into a Netskope tenant.  This is a critical part of deploying Netskope since the User provisioning is a pre-requisite to deploying the Netskope client.

 

There are certain times that you may not want to integrate with the IDP or maybe you are transitioning from an on-prem Identity Store to a cloud based one and aren't quite ready, but you still want to test Netskope functionality.

 

The SCIM API can also be used to manually create users and groups and add the users into groups so that they can both be leveraged in Netskope real-time protection policies.  The guide provides a walk through on how to accomplish this task.

 

If you have some ideas on how to improve the guide or on any additions, please reach out to me to discuss.

1 Attachments
J
Zulkifal
qyost
This topic has been closed for replies.

12 replies

qyost
Forum|alt.badge.img+16
  • qyost
  • Explorer III
  • March 1, 2023

Love the documentation and effort here.   Any chance that it could be added into the Swagger within the tenant APIdocs?

https://<tenant_name>.goskope.com/apidocs/

---Q.
Rohit_Bhaskar
Zulkifal
Forum|alt.badge.img+12
  • Zulkifal
  • Explorer III
  • March 1, 2023

@myee  Thanks for this documentation 

Zulkifal
Rohit_Bhaskar
myee
Netskope Employee
Forum|alt.badge.img+12
  • myee
  • Author
  • Netskope Employee
  • March 7, 2023

Yes, we plan to get SCIM documented in swagger.  It will be after we've moved it into a v2 model.

Rohit_Bhaskar
F
Forum|alt.badge.img+6
  • freestlz
  • Explorer
  • March 10, 2023

is there any way to query a user and their group memberships or the reversal, a certain group and it's members?

Rohit_Bhaskar
P
N
Forum|alt.badge.img+12
  • nduda
  • Explorer
  • March 20, 2023

This guide is good but it's missing a key component on how to find a users SCIM ID. Their is a postman query to "List all Users" but it paginates the results so it's hard to search for a user. Is there a way to filter on a specific user in the URI being called?

Rohit_Bhaskar
myee
Netskope Employee
Forum|alt.badge.img+12
  • myee
  • Author
  • Netskope Employee
  • March 21, 2023

This may be an enhancement request, let me look into it and get back to you.

myee
Netskope Employee
Forum|alt.badge.img+12
  • myee
  • Author
  • Netskope Employee
  • March 21, 2023

Let me review this and get back to you on my findings.

N
Forum|alt.badge.img+12
  • nduda
  • Explorer
  • March 21, 2023

We are solving this an ugly way with postman by appending this to the scim url to pull back each page

/Users?startIndex=1000&count=1000
/Users?startIndex=2000&count=1000
/Users?startIndex=3000&count=1000
...

Rohit_Bhaskar
myee
Netskope Employee
Forum|alt.badge.img+12
  • myee
  • Author
  • Netskope Employee
  • March 22, 2023

I found out you can add a query to the users or group endpoint url.  To help find the user scim ID add the query in the parameters tab and you'll see just the results for the user you want.  Let me know if this helps you.

 

Rohit_Bhaskar
F
F
Forum|alt.badge.img+6
  • freestlz
  • Explorer
  • March 22, 2023

Thanks I will definitely look into this.

Rohit_Bhaskar
jetdividior
Netskope Partner
  • jetdividior
  • Netskope Partner
  • February 25, 2024

By any chance can you help me with the error that I encountered

{

    "status": "401",

    "description": "Supplied token not valid"

}

I was able to provide bearer, scimurl, rest api v1 and 2 and tenant url but still getting this error.

Rohit_Bhaskar
thiagofc
Netskope Partner
  • thiagofc
  • Netskope Partner
  • May 4, 2024

Hello everybody,

We need to create over 200 new users and 4 new groups using Postman. However, the manual process is time-consuming and the customer needs the migration as soon as possible. Therefore, I am wondering if there is a way to automate this process. One option I thought of fisrtly is to send the e-mail invitations through Tenant UI and then use Postman to add these users to the 4 groups required. However, both methods will take time and require effort.

What would be good advice for a quick deployment?

The customer has a hybrid environment. Each office/branch has its own on-premises AD, and the small offices not belonging to any AD don't have integration with AD.

Rohit_Bhaskar
MetgatzNK

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settingsAccessibility statement