Articles in this section

See more

SCIM API Access

Nathalie
  • Updated
Follow

If you don't find your HRIS in our list of integrations, you might still be able to automatically synchronize user data from your HRIS to Leapsome using our SCIM API.

Functionalities 

Once set up, you can use the connection to our SCIM API to:

  • Create new users in Leapsome
    All new, active users will be created as users in Leapsome

  • Update users

  • Deactivate and reactivate users
    Leapsome will automatically deactivate users, whose status is not active in your source system or re-activate them if they had been deactivated before

  • Create teams
    Leapsome will create new teams according to your user attribute mapping and for each new 'group' that is being synchronized

  • Assign users to teams
    Leapsome will automatically assign users to teams, based on the user attribute mappings as well as the groups a user belongs to in 

  • Assign user attributes like level, location, and employment dates 
    You can choose to synchronize a variety of user attributes, which will allow for a granular data segmentation, advanced visibility settings and granular access management.

Which attributes can be synchronized?

When setting up the connection,you can choose which attributes should be synchronized with Leapsome. This list gives you an overiew of the available endpoints. For further details and to learn more about how these attributes can be used in Leapsome, please check our API documentation and this attribute overview chart.

User information that can be updated by using the SCIM API include:

  • First Name
  • Last Name
  • Position/Job title
  • Department (reflected as a team in Leapsome)
  • Manager
  • Additional Manager(s) (e.g. a comma-separated string of email addresses)
  • Level
  • Division (reflected as a team in Leapsome)
  • Cost center (reflected as a team in Leapsome)
  • Location
  • Gender
  • Start Date
  • End Date
  • Birthday
  • Photo
  • Custom attributes (reflected as custom attributes in Leapsome)

In addition, Leapsome will create a team for each group, that the user is a member of. 

Setup

Generating an API Token

To use our API, you first need to generate an API token within Leapsome to authenticate. For this, you can just go to Settings > Admin Settings > Integrations > SCIM (Azure AD, Okta, ...).
SCIM Settings.png

There, just click on the field "SCIM Authentication Token" and copy the newly generated token - If you want to create more than one token, this can be done by clicking 'Update & Synchronize'.

SCIM API Token Generation.png

API Documentation

You can access our SCIM API Documentation also from the Integration settings in your account. Just go to Settings > Integrations > SCIM (Azure AD, Okta, ...) and click on 'Consult our API documentation'.

SCIM API Docs.png

Important notes

Please note that for the first synchronisation we recommend to perform two full syncs. The first sync will create users in Leapsome, while the second one will create the reporting lines and assign managers to users. You will be able to trigger additional synchronization runs in Leapsome by clicking 'Update & Synchronize' in the integration settings. 

Please note, that we use separate API Tokens for our Content API. The Content API can be used to extract e.g. Goal or Review data from Leapsome into other systems. You can find all details about our content API here.

Frequently asked questions

I run into an authentication error - how can this be fixed?

Authentication issues typically are caused by an incorrect API token. Please make sure you generated the SCIM API token via Settings > Integrations > HRIS Integrations > SCIM (Azure AD, Okta, ...). To ensure you didn't accidentally add any unwanted characters to the token, copy-paste the token again carefully when trying to authenticate. 

The token that can be found under Settings > Integrations > Content API would only allow you to use our Content API, so please ensure you're not using this token when trying to access our SCIM API. 

Will there be duplicate users in case of an email change?

If a user's email changes, this can be handled without the risk of creating duplicates, if you provide an 'externalID' for your users. In case the email address of a user changes, the 'externalID' will be used as unique identifier, allowing Leapsome to handle the change without problems - you can learn more about automated updates to user email addresses here. The user's employee number or any other unique ID available in your HRIS are suitable to be used as 'externalID'. 

Related articles

Comments

0 comments

Article is closed for comments.