Security

Sendoso’s SCIM API provides several security features to ensure that your data is protected and only accessible by authorized users.

​

Authentication

Sendoso SCIM API uses Oauth standards to authenticate your API requests. The access token should be passed in the request headers for each API call. See more information.

​

Authorization

All requests to the Sendoso SCIM API are authorized based on the permissions associated with the Oauth application and the SCIM scope. If you need to access other resources besides the SCIM API you’ll need a different set of credentials to access the Core API. See more information.

​

Security of transmitted data

All data sent to the Sendoso API is encrypted at REST with AES-256 standards and using HTTPS TLS 1.2 with RSA 256-bit, which ensures that the data is transmitted securely over the internet.

​

Rate limiting

The Sendoso SCIM API has rate limits in place to prevent abuse and ensure fair usage of resources. If you exceed the rate limit, your IP address will be temporarily blocked from making further requests. See more information.

​

Logging

All requests to the Sendoso SCIM API are logged, including the IP address of the request, the request method, the resource requested, and the response status. This allows us to monitor for suspicious activity and detect any potential security breaches.

When you’re done using the Sendoso SCIM API, it is recommended that you revoke your API key.

If you have any questions or concerns about the security of the Sendoso SCIM API, please contact the Sendoso support team at developers@sendoso.com.