Skip navigation

Skip to main content

Update individual attributes for a user

Updates individual attributes for a user. To update a user's attributes, you must use the correct syntax for the operation, as defined in the SCIM specification(opens in a new tab or window).

For example, to update a user's work email and familyName values, use the following for the request body:

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
  "Operations": [
    {
      "op": "replace",
      "path": "emails[type eq \"work\"].value",
      "value": "[email protected]"
    },
    {
      "op": "replace",
      "path": "name.familyName",
      "value": "New-Family-Name"
    }
  ]
}
JSON

To deprovision a SCIM user, you can use an operation to set the active attribute to false. For example:

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
  "Operations": [
    {
      "op": "replace",
      "path": "active",
      "value": false
    }
  ]
}
JSON

Alternatively, you can provide an operation's value object as a list of paths and values to modify. For example:

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
  "Operations": [
    {
      "op": "add",
      "value": {
        "name.givenName": "New-Given-Name",
        "name.familyName": "New-Family-Name",
        "externalId": "abcd1234"
      }
    }
  ]
}
JSON

HTTP method and URL path

PATCH https://www.canva.com/_scim/v2/Users/{canva_scim_id}

Header parameters

Authorizationstring
REQUIRED

Provides credentials to authenticate the request, in the form of a Bearer token.

For example: Authorization: Bearer {token}

Content-Typestring
REQUIRED

Indicates the media type of the information sent in the request. This must be set to application/scim+json.

For example: Content-Type: application/scim+json

Path parameters

canva_scim_idstring
REQUIRED

The Canva-generated SCIM ID for the user.

Body parameters

schemasstring[]
REQUIRED

The URIs of the SCIM schemas. The value for this can only be urn:ietf:params:scim:api:messages:2.0:PatchOp.

Operationsobject[]
REQUIRED

List of patch operations

Properties of Operations
opstring
REQUIRED

The SCIM patch operation to perform. This can be one of the following:

  • add
  • remove
  • replace
pathstring
OPTIONAL

An attribute path describing the target of the operation. For more information, see the SCIM specification(opens in a new tab or window).

value
OPTIONAL

The value to add, remove, or replace.

Example request

Examples for using the /_scim/v2/Users/{canva_scim_id} endpoint:

curl --request PATCH 'https://www.canva.com/_scim/v2/Users/{canva_scim_id}' \
--header 'Authorization: Bearer {token}' \
--header 'Content-Type: application/scim+json' \
--data '{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
  "Operations": [
    {
      "op": "replace",
      "path": "name.familyName",
      "value": "Liddell"
    }
  ]
}'
SH
const fetch = require("node-fetch");


fetch("https://www.canva.com/_scim/v2/Users/{canva_scim_id}", {
  method: "PATCH",
  headers: {
    "Authorization": "Bearer {token}",
    "Content-Type": "application/scim+json",
  },
  body: JSON.stringify({
    "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:PatchOp"
    ],
    "Operations": [
      {
        "op": "replace",
        "path": "name.familyName",
        "value": "Liddell"
      }
    ]
  }),
})
  .then(async (response) => {
    const data = await response.json();
    console.log(data);
  })
  .catch(err => console.error(err));
JS
import java.io.IOException;
import java.net.URI;
import java.net.http.*;


public class ApiExample {
    public static void main(String[] args) throws IOException, InterruptedException {
        HttpRequest request = HttpRequest.newBuilder()
            .uri(URI.create("https://www.canva.com/_scim/v2/Users/{canva_scim_id}"))
            .header("Authorization", "Bearer {token}")
            .header("Content-Type", "application/scim+json")
            .method("PATCH", HttpRequest.BodyPublishers.ofString("{\"schemas\": [\"urn:ietf:params:scim:api:messages:2.0:PatchOp\"], \"Operations\": [{\"op\": \"replace\", \"path\": \"name.familyName\", \"value\": \"Liddell\"}]}"))
            .build();


        HttpResponse<String> response = HttpClient.newHttpClient().send(
            request,
            HttpResponse.BodyHandlers.ofString()
        );
        System.out.println(response.body());
    }
}
JAVA
import requests


headers = {
    "Authorization": "Bearer {token}",
    "Content-Type": "application/scim+json"
}


data = {
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:PatchOp"
    ],
    "Operations": [
        {
            "op": "replace",
            "path": "name.familyName",
            "value": "Liddell"
        }
    ]
}


response = requests.patch("https://www.canva.com/_scim/v2/Users/{canva_scim_id}",
    headers=headers,
    json=data
)
print(response.json())
PY
using System.Net.Http;


var client = new HttpClient();
var request = new HttpRequestMessage
{
  Method = HttpMethod.Patch,
  RequestUri = new Uri("https://www.canva.com/_scim/v2/Users/{canva_scim_id}"),
  Headers =
  {
    { "Authorization", "Bearer {token}" },
  },
  Content = new StringContent(
    "{\"schemas\": [\"urn:ietf:params:scim:api:messages:2.0:PatchOp\"], \"Operations\": [{\"op\": \"replace\", \"path\": \"name.familyName\", \"value\": \"Liddell\"}]}",
    Encoding.UTF8,
    "application/scim+json"
  ),
};


using (var response = await client.SendAsync(request))
{
  response.EnsureSuccessStatusCode();
  var body = await response.Content.ReadAsStringAsync();
  Console.WriteLine(body);
};
CSHARP
package main


import (
	"fmt"
	"io"
	"net/http"
	"strings"
)


func main() {
	payload := strings.NewReader(`{
	  "schemas": [
	    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
	  ],
	  "Operations": [
	    {
	      "op": "replace",
	      "path": "name.familyName",
	      "value": "Liddell"
	    }
	  ]
	}`)


	url := "https://www.canva.com/_scim/v2/Users/{canva_scim_id}"
	req, _ := http.NewRequest("PATCH", url, payload)
	req.Header.Add("Authorization", "Bearer {token}")
	req.Header.Add("Content-Type", "application/scim+json")


	res, _ := http.DefaultClient.Do(req)
	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)
	fmt.Println(string(body))
}
GO
$curl = curl_init();
curl_setopt_array($curl, array(
  CURLOPT_URL => "https://www.canva.com/_scim/v2/Users/{canva_scim_id}",
  CURLOPT_CUSTOMREQUEST => "PATCH",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_HTTPHEADER => array(
    'Authorization: Bearer {token}',
    'Content-Type: application/scim+json',
  ),
  CURLOPT_POSTFIELDS => json_encode([
    "schemas" => [
      "urn:ietf:params:scim:api:messages:2.0:PatchOp"
    ],
    "Operations" => [
      [
        "op" => "replace",
        "path" => "name.familyName",
        "value" => "Liddell"
      ]
    ]
  ])
));


$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);


if (empty($err)) {
  echo $response;
} else {
  echo "Error: " . $err;
}
PHP
require 'net/http'
require 'uri'


url = URI('https://www.canva.com/_scim/v2/Users/{canva_scim_id}')
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true


request = Net::HTTP::Patch.new(url)
request['Authorization'] = 'Bearer {token}'
request['Content-Type'] = 'application/scim+json'
request.body = <<REQUEST_BODY
{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
  "Operations": [
    {
      "op": "replace",
      "path": "name.familyName",
      "value": "Liddell"
    }
  ]
}
REQUEST_BODY


response = http.request(request)
puts response.read_body
RUBY

Success response

If successful, the endpoint returns a 200 response with a JSON body with the following parameters:

schemasstring[]

The URIs of the SCIM schemas. The value for this can only be urn:ietf:params:scim:schemas:core:2.0:User.

idstring

The Canva-generated SCIM ID for the user.

metaobject

Meta properties for the user.

Properties of meta
resourceTypestring

The SCIM resource type of the object. The value for this can only be User.

createdstring

The timestamp when the object was created.

userNamestring

A unique identifier for the user.

displayNamestring

The name of the user, suitable for display to end-users.

emailsobject[]

The email address for the user.

The Canva SCIM API only supports one email address for each user.

Properties of emails
primaryboolean

Whether the email is the primary address. Only one email address for a user can be the primary one.

valuestring

The email address.

typestring

The type of email address for the user. The Canva SCIM API only supports work as the type of the email address.

activeboolean

Whether the user account is active. Setting this to false deprovisions the user in Canva.

rolestring

The role of the user. This can be one of the following:

  • Member
  • Teacher
  • Staff
  • Admin
  • Template-designer
  • Aide
  • Administrator
  • School administrator
  • School
  • Tenant
  • Faculty

If an invalid value is provided, the role defaults to Member.

Except for Member, all other role values map to the Canva "Brand Designer" role. For more information on Canva roles, see Team roles and permissions(opens in a new tab or window).

externalIdstring
OPTIONAL

A string that is an identifier for the resource as defined by the provisioning client.

namename
OPTIONAL

The components of the user's name.

Properties of name
givenNamestring
OPTIONAL

The first or 'given' name for the user.

familyNamestring
OPTIONAL

The last or 'family' name for the user.

localestring
OPTIONAL

The user's default location, for example en_AU.

Example response

{
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:User"
  ],
  "id": "UAFdxab1abC",
  "externalId": "abcd1234",
  "meta": {
    "resourceType": "User",
    "created": "2023-09-18T06:08:35Z"
  },
  "userName": "aliddell",
  "displayName": "Alice Liddell",
  "name": {
    "givenName": "Alice",
    "familyName": "Liddell"
  },
  "emails": [
    {
      "primary": true,
      "value": "[email protected]",
      "type": "work"
    }
  ],
  "active": true,
  "locale": "en_US",
  "role": "Member"
}
JSON

Error responses

400 Bad request

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be No SSO configurations found, please check the settings page.

statusstring

The HTTP status code of the error.

Example error response

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "detail": "No SSO configurations found, please check the settings page",
  "status": "400"
}
JSON

403 Forbidden

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be Email domain not authorized for SCIM..

statusstring

The HTTP status code of the error.

Example error response

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "detail": "Email domain not authorized for SCIM.",
  "status": "403"
}
JSON

404 Not found

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

The value for this can only be No user found for id {canva_scim_id}.

statusstring

The HTTP status code of the error.

Example error response

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "detail": "No user found for id {canva_scim_id}",
  "status": "404"
}
JSON

409 Conflict

schemasstring[]

The value for this can only be urn:ietf:params:scim:api:messages:2.0:Error.

detailstring

This can be one of the following:

  • userName not available
  • Account with email can not be updated. User needs to accept SSO linking
  • Account with email already exists. User must first log in with SAML to confirm account ownership
  • Account with email is soft deleted. The user must first log in to reactivate their account
statusstring

The HTTP status code of the error.

Example error response

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "detail": "userName not available",
  "status": "409"
}
JSON