Update all information for a user

Replaces an existing user's information.

You must provide all the information for the existing user, as if you're provisioning the user for the first time. This removes any existing information for the user that isn't provided.

If you only want to update a few of the user's attributes, you can use the PATCH operation.

HTTP method and URL path

PUT https://www.canva.com/_scim/v2/Users/{canva_scim_id}

Header parameters

Authorizationstring
REQUIRED

Provides credentials to authenticate the request, in the form of a Bearer token.

For example: Authorization: Bearer {token}

Content-Typestring
REQUIRED

Indicates the media type of the information sent in the request. This must be set to application/scim+json.

For example: Content-Type: application/scim+json

Path parameters

canva_scim_idstring
REQUIRED

The Canva-generated SCIM ID for the user.

Body parameters

schemasstring[]
REQUIRED

The URIs of the SCIM schemas. The value for this can only be urn:ietf:params:scim:schemas:core:2.0:User.

userNamestring
REQUIRED

A unique identifier for the user.

emailsobject[]
REQUIRED

The email address for the user.

The Canva SCIM API only supports one email address for each user.

Properties of emails
primaryboolean
REQUIRED

Whether the email is the primary address. Only one email address for a user can be the primary one.

valuestring
REQUIRED

The email address.

typestring
REQUIRED

The type of email address for the user. The Canva SCIM API only supports work as the type of the email address.

externalIdstring
OPTIONAL

A string that is an identifier for the resource as defined by the provisioning client.

displayNamestring
OPTIONAL

The name of the user, suitable for display to end-users.

namename
OPTIONAL

The components of the user's name.

Properties of name
givenNamestring
OPTIONAL

The first or 'given' name for the user.

familyNamestring
OPTIONAL

The last or 'family' name for the user.

localestring
OPTIONAL

The user's default location, for example en_AU.

rolestring
OPTIONAL

The role of the user. This can be one of the following:

  • Member
  • Teacher
  • Staff
  • Admin
  • Template-designer
  • Aide
  • Administrator
  • School administrator
  • School
  • Tenant
  • Faculty

If an invalid value is provided, the role defaults to Member.

Except for Member, all other role values map to the Canva "Brand Designer" role. For more information on Canva roles, see Team roles and permissions(opens in a new tab or window).

activeboolean
OPTIONAL

Whether the user account is active. Setting this to false deprovisions the user in Canva.

Example request

Examples for using the /_scim/v2/Users/{canva_scim_id} endpoint:

curl --request PUT 'https://www.canva.com/_scim/v2/Users/{canva_scim_id}' \
--header 'Authorization: Bearer {token}' \
--header 'Content-Type: application/scim+json' \
--data '{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId": "{idp_provided_external_id}",
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": true,
"value": "[email protected]",
"type": "work"
}
],
"locale": "en_US",
"role": "Member"
}'
SH
const fetch = require("node-fetch");
fetch("https://www.canva.com/_scim/v2/Users/{canva_scim_id}", {
method: "PUT",
headers: {
"Authorization": "Bearer {token}",
"Content-Type": "application/scim+json",
},
body: JSON.stringify({
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId": "{idp_provided_external_id}",
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": true,
"value": "[email protected]",
"type": "work"
}
],
"locale": "en_US",
"role": "Member"
}),
})
.then(async (response) => {
const data = await response.json();
console.log(data);
})
.catch(err => console.error(err));
JS
import java.io.IOException;
import java.net.URI;
import java.net.http.*;
public class ApiExample {
public static void main(String[] args) throws IOException, InterruptedException {
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://www.canva.com/_scim/v2/Users/{canva_scim_id}"))
.header("Authorization", "Bearer {token}")
.header("Content-Type", "application/scim+json")
.method("PUT", HttpRequest.BodyPublishers.ofString("{\"schemas\": [\"urn:ietf:params:scim:schemas:core:2.0:User\"], \"externalId\": \"{idp_provided_external_id}\", \"userName\": \"aliddell\", \"displayName\": \"Alice Liddell\", \"name\": {\"givenName\": \"Alice\", \"familyName\": \"Liddell\"}, \"emails\": [{\"primary\": true, \"value\": \"[email protected]\", \"type\": \"work\"}], \"locale\": \"en_US\", \"role\": \"Member\"}"))
.build();
HttpResponse<String> response = HttpClient.newHttpClient().send(
request,
HttpResponse.BodyHandlers.ofString()
);
System.out.println(response.body());
}
}
JAVA
import requests
headers = {
"Authorization": "Bearer {token}",
"Content-Type": "application/scim+json"
}
data = {
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId": "{idp_provided_external_id}",
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": True,
"value": "[email protected]",
"type": "work"
}
],
"locale": "en_US",
"role": "Member"
}
response = requests.put("https://www.canva.com/_scim/v2/Users/{canva_scim_id}",
headers=headers,
json=data
)
print(response.json())
PY
using System.Net.Http;
var client = new HttpClient();
var request = new HttpRequestMessage
{
Method = HttpMethod.Put,
RequestUri = new Uri("https://www.canva.com/_scim/v2/Users/{canva_scim_id}"),
Headers =
{
{ "Authorization", "Bearer {token}" },
},
Content = new StringContent(
"{\"schemas\": [\"urn:ietf:params:scim:schemas:core:2.0:User\"], \"externalId\": \"{idp_provided_external_id}\", \"userName\": \"aliddell\", \"displayName\": \"Alice Liddell\", \"name\": {\"givenName\": \"Alice\", \"familyName\": \"Liddell\"}, \"emails\": [{\"primary\": true, \"value\": \"[email protected]\", \"type\": \"work\"}], \"locale\": \"en_US\", \"role\": \"Member\"}",
Encoding.UTF8,
"application/scim+json"
),
};
using (var response = await client.SendAsync(request))
{
response.EnsureSuccessStatusCode();
var body = await response.Content.ReadAsStringAsync();
Console.WriteLine(body);
};
CSHARP
package main
import (
"fmt"
"io"
"net/http"
"strings"
)
func main() {
payload := strings.NewReader(`{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId": "{idp_provided_external_id}",
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": true,
"value": "[email protected]",
"type": "work"
}
],
"locale": "en_US",
"role": "Member"
}`)
url := "https://www.canva.com/_scim/v2/Users/{canva_scim_id}"
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("Authorization", "Bearer {token}")
req.Header.Add("Content-Type", "application/scim+json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}
GO
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://www.canva.com/_scim/v2/Users/{canva_scim_id}",
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer {token}',
'Content-Type: application/scim+json',
),
CURLOPT_POSTFIELDS => json_encode([
"schemas" => [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId" => "{idp_provided_external_id}",
"userName" => "aliddell",
"displayName" => "Alice Liddell",
"name" => [
"givenName" => "Alice",
"familyName" => "Liddell"
],
"emails" => [
[
"primary" => true,
"value" => "[email protected]",
"type" => "work"
]
],
"locale" => "en_US",
"role" => "Member"
])
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if (empty($err)) {
echo $response;
} else {
echo "Error: " . $err;
}
PHP
require 'net/http'
require 'uri'
url = URI('https://www.canva.com/_scim/v2/Users/{canva_scim_id}')
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request['Authorization'] = 'Bearer {token}'
request['Content-Type'] = 'application/scim+json'
request.body = <<REQUEST_BODY
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"externalId": "{idp_provided_external_id}",
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": true,
"value": "[email protected]",
"type": "work"
}
],
"locale": "en_US",
"role": "Member"
}
REQUEST_BODY
response = http.request(request)
puts response.read_body
RUBY

Success response

If successful, the endpoint returns a 200 response with a JSON body with the following parameters:

schemasstring[]

The URIs of the SCIM schemas. The value for this can only be urn:ietf:params:scim:schemas:core:2.0:User.

idstring

The Canva-generated SCIM ID for the user.

metaobject

Meta properties for the user.

Properties of meta
resourceTypestring

The SCIM resource type of the object. The value for this can only be User.

createdstring

The timestamp when the object was created.

userNamestring

A unique identifier for the user.

displayNamestring

The name of the user, suitable for display to end-users.

emailsobject[]

The email address for the user.

The Canva SCIM API only supports one email address for each user.

Properties of emails
primaryboolean

Whether the email is the primary address. Only one email address for a user can be the primary one.

valuestring

The email address.

typestring

The type of email address for the user. The Canva SCIM API only supports work as the type of the email address.

activeboolean

Whether the user account is active. Setting this to false deprovisions the user in Canva.

rolestring

The role of the user. This can be one of the following:

  • Member
  • Teacher
  • Staff
  • Admin
  • Template-designer
  • Aide
  • Administrator
  • School administrator
  • School
  • Tenant
  • Faculty

If an invalid value is provided, the role defaults to Member.

Except for Member, all other role values map to the Canva "Brand Designer" role. For more information on Canva roles, see Team roles and permissions(opens in a new tab or window).

externalIdstring
OPTIONAL

A string that is an identifier for the resource as defined by the provisioning client.

namename
OPTIONAL

The components of the user's name.

Properties of name
givenNamestring
OPTIONAL

The first or 'given' name for the user.

familyNamestring
OPTIONAL

The last or 'family' name for the user.

localestring
OPTIONAL

The user's default location, for example en_AU.

Example response

{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "UAFdxab1abC",
"externalId": "abcd1234",
"meta": {
"resourceType": "User",
"created": "2023-09-18T06:08:35Z"
},
"userName": "aliddell",
"displayName": "Alice Liddell",
"name": {
"givenName": "Alice",
"familyName": "Liddell"
},
"emails": [
{
"primary": true,
"value": "[email protected]",
"type": "work"
}
],
"active": true,
"locale": "en_US",
"role": "Member"
}
JSON

Error responses

400 Bad request

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be No SSO configurations found, please check the settings page.

statusstring

The HTTP status code of the error.

Example error response

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "No SSO configurations found, please check the settings page",
"status": "400"
}
JSON

403 Forbidden

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be Email domain not authorized for SCIM..

statusstring

The HTTP status code of the error.

Example error response

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "Email domain not authorized for SCIM.",
"status": "403"
}
JSON

404 Not found

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be No user found for id {canva_scim_id}.

statusstring

The HTTP status code of the error.

Example error response

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "No user found for id {canva_scim_id}",
"status": "404"
}
JSON

409 Conflict

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

This can be one of the following:

  • userName not available
  • Account with email can not be updated. User needs to accept SSO linking
  • Account with email already exists. User must first log in with SAML to confirm account ownership
  • Account with email is soft deleted. The user must first log in to reactivate their account
statusstring

The HTTP status code of the error.

Example error response

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "userName not available",
"status": "409"
}
JSON