BigID API/DSAR Tutorial

From BigID Developer Portal

In this article, you'll learn:

  • Find a DSAR profile using the BigID API
  • Search for individuals using attributes using the BigID API
  • Run a DSAR scan using the BigID API
  • Get a DSAR report using the BigID API


scenarioYou already have your own account management portal that also manages other tasks for your business. You already have BigID for your security and data governance teams and they've mentioned that it can perform DSARs too. Run the DSAR calls required to integrate your management portal with BigID's DSAR capabilities

In this tutorial, we'll use SAMPLE as our session token. This is unique to the training sandbox and will not work in other environments. See BigID API/Tutorial for information on authenticating with BigID.

Getting DSAR Profiles[edit]

BigID uses DSAR profiles to specify which databases to look for users. You can create these using the APIs, but creating them via the UI is preferred since the UI will provide suggestions as you work. In our case, we already have a few data sources within our system.

Add a new header named "Authorization" and paste the session token you got in the previous request to authenticate yourself.

In that API call, we can see a list of data sources and all the information for each data source.

{
    "status": "success",
    "statusCode": 200,
    "data": {
        "ds_connections": [
            "<data source info here>"
         ]
    }
}

We now know the API calls we need and can use our programming language of choice to prepare our report. Below are some samples.

import fetch from 'node-fetch';

let credentials = { username: "bigid", password: "bigid111" };
let env = "https://sandbox.mybigid.com/";

async function getDataSources(credentials, env) {
    // Request API Key using user/pass authentication
    const sessionRequest = fetch(env + 'api/v1/sessions', {
        method: 'POST',
        body: JSON.stringify(credentials),
        headers: { 'Content-Type': 'application/json' }
    });
    const sessionData = await request.json();

    const dsRequest = fetch(env + 'api/v1/ds-connections', {
        method: 'GET',
        headers: {
            'Content-Type': 'application/json',
            'Authorization': sessionData.auth_token
        }
    });
    return await dsRequest.json();
}
let credentials = { username: "bigid", password: "bigid111" };
let env = "https://sandbox.mybigid.com/";

async function getDataSources(credentials, env) {
    // Request API Key using user/pass authentication
    const sessionRequest = window.fetch(env + 'api/v1/sessions', {
        method: 'POST',
        body: JSON.stringify(credentials),
        headers: { 'Content-Type': 'application/json' }
    });
    const sessionData = await request.json();

    const dsRequest = window.fetch(env + 'api/v1/ds-connections', {
        method: 'GET',
        headers: {
            'Content-Type': 'application/json',
            'Authorization': sessionData.auth_token
        }
    });
    return await dsRequest.json();
}
import requests

credentials = {'username':'bigid', 'password':'bigid111'}
env = 'https://sandbox.mybigid.com/'

def getDataSources(credentials, env):
    sessionRequest = requests.post(env+'api/v1/sessions', data = credentials)
    sessionData = sessionRequest.json()
    dsRequest = requests.get(env+'api/v1/ds-connections', headers = {'Authorization':sessionData.get('auth_token')})
    return dsRequest.json()