Skip to content
BigID Developer Portal

BigID Hosted MCP Server

Overview

Section titled “Overview”

The BigID cloud MCP server enables you to connect AI tools (such as Claude Desktop, Claude Code, Cursor, VS Code, and ChatGPT) to the BigID APIs and skills using natural language prompts.

The BigID Connector provides seamless access to your BigID environment. Connect to data sources, customize and run scan workflows, and explore your unified data catalog. Gain full visibility into your data security posture with capabilities across DSPM, access governance, privacy, and labeling. Manage regulatory risk, automate assessments, and detect violations in real time. Take immediate remediation actions — reduce access, delete or clean sensitive data, and enforce controls, ensuring end-to-end data and AI protection in one unified connector.

Prerequisites

Section titled “Prerequisites”
  • Claude Code installed and signed in
  • Access to your BigID environment

Setup

Section titled “Setup”

  1. Add the MCP server by running the following command in your terminal:

    Terminal window
    claude mcp add --transport http --scope user bigid-staging-mcp https://bigid-mcp.ci.bigid-integrations.net

    This adds the following entry to ~/.claude.json under the mcpServers key:

    {
      "bigid-staging-mcp": {
        "type": "http",
        "url": "https://bigid-mcp.ci.bigid-integrations.net"
      }
    }

  2. Open the MCP server list by running /mcp inside Claude Code.

    You’ll see the Manage MCP servers dialog listing all configured servers, for example:

    Manage MCP servers
    19 servers
    

    Local MCPs (~/.claude.json [project: .../mcp])
    ❯ bigid-staging-mcp · △ needs authentication

  3. Select bigid-staging-mcp to open the server detail view:

    Status:           △ needs authentication
    URL:              https://bigid-mcp.ci.bigid-integrations.net
    Config location:  Local MCPs
    ❯ 1. Authenticate
        2. Disable

  4. Choose Authenticate. Claude Code opens a browser tab and navigates to the MCP login page.

  5. Enter your BigID environment URL — for example, https://<tenant>.bigid.cloud for production environments.

  6. Sign in with your BigID IdP. You’ll be redirected to your Identity Provider (Auth0, Okta, or SAML) to authenticate with your normal BigID credentials.

  7. Confirm the connection. After a successful login you’ll see:

    Authentication successful. Connected to bigid-staging-mcp.

    The server status in /mcp changes from △ needs authentication to ✓ connected, and the BigID tools become available to Claude Code.

Troubleshooting

Section titled “Troubleshooting”
ProblemFix
Browser tab doesn’t openRe-run /mcp and select Authenticate again
Stuck on BigID URL pageVerify the URL matches your environment exactly (include https:// and port if required)
IdP login failsConfirm you can log into the BigID UI directly with the same credentials
Status stays “needs authentication” after loginRe-open /mcp, disable and re-enable the server, then authenticate again

Available Apps & APIs

Section titled “Available Apps & APIs”

The BigID MCP server exposes APIs across the following application areas. Click each app to see its available endpoints.

Remediation
RouteSummaryType
GET /settings/policiesList policies configured for remediationREAD
POST /settings/policiesConfigure one or more policies for remediationWRITE
GET /settings/configurationsList remediation configuration settingsREAD
GET /settings/actionsList available remediation actionsREAD
GET /settings/actions/rulesList automated action rules (presets)READ
GET /objects/{id}/commentsGet comments for a specific objectREAD
GET /datasourcesList data sources with filtering and paginationREAD
GET /datasources/{id}Get a data source by IDREAD
GET /datasources/{id}/commentsGet comments for a specific data sourceREAD
GET /datasources/summaryGet remediation summary for data sourcesREAD
GET /objectsList remediation objects with filtering and paginationREAD
GET /objects/detailsGet detailed information for a specific objectREAD
GET /objects/countGet total count of remediation objectsREAD
GET /user-preferences/permissionsGet current user permissionsREAD
GET /settings/sync/audit-trailRetrieve sync execution statusREAD
GET /settings/sync/audit-trail/{id}Retrieve sync execution status by IDREAD
ACI (Access Control Intelligence)
RouteSummaryType
GET /api/v1/aci/usersList users with access detailsREAD
GET /api/v1/aci/users/{id}Get user by IDREAD
GET /api/v1/aci/users/insights/byDataSourceGet user insights by data sourceREAD
GET /api/v1/aci/users/insights/byVisibilityGet user insights by visibilityREAD
GET /api/v1/aci/users/insights/top-usersGet top users by shared object countREAD
GET /api/v1/aci/groupsList groups with access detailsREAD
GET /api/v1/aci/groups/{id}Get group by IDREAD
GET /api/v1/aci/groups/insights/byDataSourceGet group insights by data sourceREAD
GET /api/v1/aci/groups/insights/byVisibilityGet group insights by visibilityREAD
GET /api/v1/aci/groups/insights/top-usersGet top groups by shared object countREAD
GET /api/v1/aci/categoriesList categories with open access filesREAD
GET /api/v1/aci/ad/config/{name}Get AD configuration by nameREAD
GET /api/v1/aci/ad/syncByName/{name}Get AD sync state by config nameREAD
GET /api/v1/aci/ad/groups/membersGet AD group membersREAD
GET /api/v1/aci/coaList access typesREAD
GET /api/v1/aci/coa/all-labelsList all access types with scope filteringREAD
GET /api/v1/aci/coa/{name}Get access type by nameREAD
GET /api/v1/aci/mappable-labels/providersGet all external labels providersREAD
GET /api/v1/aci/mappable-labels/providers/{type}/{providerId}Get labels provider by type and IDREAD
GET /api/v1/aci/mappable-labels/providers/{type}/{providerId}/connectionGet labels provider credentialsREAD
GET /api/v1/aci/mappable-labels/providers/labels-hierarchyGet labels providers sorted in hierarchy orderREAD
GET /api/v1/aci/mappable-labels/labelsGet labels matching a queryREAD
GET /api/v1/aci/sc/configsGet configurations of all active sensitivity groupsREAD
GET /api/v1/aci/sc/configs/{id}Get sensitivity group configuration by group IDREAD
POST /api/v1/aci/sc/configs/trigger-bootstrapTrigger manual bootstrap for specific data sourcesWRITE
GET /api/v1/aci/sc/ratioGet count of classified vs. unclassified objectsREAD
GET /api/v1/aci/sc/ratio/name/{name}Get classified objects by sensitivity level (by name)READ
GET /api/v1/aci/sc/ratio/id/{id}Get classified objects by sensitivity level (by ID)READ
GET /api/v1/aci/objects/distinct-sourcesGet distinct data sourcesREAD
GET /api/v1/aci/data-managerList file annotationsREAD
GET /api/v1/aci/data-manager/countGet annotation countREAD
GET /api/v1/aci/data-manager/file-download/csvExport annotations as CSVREAD
GET /api/v1/aci/data-manager/permissions/file-download/csvExport annotations with permissions as CSVREAD
GET /api/v1/aci/data-manager/{fullyQualifiedName}/permissionsGet file permissions by fully qualified nameREAD
GET /api/v1/aci/dashboardGet dashboard dataREAD
GET /api/v1/aci/dashboard/latest-ds-summariesGet latest data source summariesREAD
GET /api/v1/aci/dashboard/userWidgetsGet user widget dataREAD
GET /api/v1/aci/dashboard/any-ds-in-progressCheck if any data source scan is in progressREAD
GET /api/v1/aci/continuous-labeling/settingsGet labeling propagation settingsREAD
GET /api/v1/aci/labeling-dashboard/propagationGet labeling dashboard propagationREAD
GET /api/v1/aci/labeling-dashboard/statusGet labeling dashboard statusREAD
GET /api/v1/aci/sensitivity-classification/statusGet sensitivity classification statusREAD
Catalog
RouteSummaryType
GET /data-catalogGet catalog objects with filtering and paginationREAD
POST /data-catalog/ai/interpretAI interpret catalog queryREAD
GET /data-catalog/columnsGet catalog columnsREAD
GET /data-catalog/countGet catalog object countREAD
GET /data-catalog/distinct-values/{fieldName}Get distinct field valuesREAD
GET /data-catalog/file-download/exportExport catalog dataREAD
POST /data-catalog/filtersCreate filterWRITE
GET /data-catalog/glossary/objectsGet glossary objectsREAD
GET /data-catalog/glossary/objects/{id}Get glossary object by IDREAD
GET /data-catalog/healthGet data catalog health statusREAD
GET /data-catalog/insightsGet catalog insightsREAD
GET /data-catalog/object-detailsGet object detailsREAD
GET /data-catalog/object-details/attributesGet object attributesREAD
GET /data-catalog/object-details/columnsGet object column detailsREAD
GET /data-catalog/object-details/columns/column-profileGet column profileREAD
GET /data-catalog/object-details/columns/countGet column countREAD
GET /data-catalog/object-details/fieldsGet object field detailsREAD
GET /data-catalog/object-summaryGet object summary statisticsREAD
GET /data-catalog/objects-with-pii/{source}Get objects with PII by sourceREAD
GET /data-catalog/objects/zipDownload objects as ZIPREAD
GET /data-catalog/preview/{fullyQualifiedName}Get file previewREAD
POST /data-catalog/preview/{fullyQualifiedName}Create file previewWRITE
GET /data-catalog/preview/investigation/{investigationId}Get file investigationREAD
GET /data-catalog/results-tuning/attributesGet results tuning attributesREAD
GET /data-catalog/results-tuning/attributes/categoriesGet attribute categoriesREAD
GET /data-catalog/results-tuning/curation-fieldsList curation fieldsREAD
POST /data-catalog/results-tuning/curation-fields/attributesGet curation fields attributesREAD
GET /data-catalog/results-tuning/curation-fields/grid/filtersGet available filter values for curation fields gridREAD
GET /data-catalog/results-tuning/curation-fields/status/attributeGet curation status grouped by attributeREAD
GET /data-catalog/results-tuning/curation-fields/status/fieldGet curation status grouped by fieldREAD
GET /data-catalog/results-tuning/curation-fields/status/sourceGet curation status grouped by data sourceREAD
GET /data-catalog/results-tuning/curation-fields/{id}Get curation field by IDREAD
GET /data-catalog/results-tuning/sources-allGet all results tuning sourcesREAD
GET /data-catalog/results-tuning/sources/{scanId}Get results tuning sources by scan IDREAD
GET /data-catalog/rulesGet all rulesREAD
GET /data-catalog/scan-result-fetch-findingsGet scan result fetch findingsREAD
POST /data-catalog/scan-result-fetch-findingsCreate scan result fetch findingsWRITE
POST /data-catalog/scan-result-fetch-findings/preview/asyncCreate async preview jobWRITE
POST /data-catalog/scan-result-fetch-findings/preview/jobCreate preview jobWRITE
POST /data-catalog/scan-result-fetch-findings/resultsGet findings resultsREAD
GET /data-catalog/scan-result-fetch-findings/{id}Get scan result fetch finding by IDREAD
POST /data-catalog/scan-result-fetch-findings/{id}Update scan result fetch findingWRITE
GET /data-catalog/side-filter/cloud-typesGet cloud types filterREAD
GET /data-catalog/side-filter/file-typesGet file types filterREAD
GET /data-catalog/sync-control/last-update-at/{entityType}Get last sync update timeREAD
GET /data-catalog/system-attributesGet system attributesREAD
GET /data-catalog/tablesGet catalog tablesREAD
GET /data-catalog/tagsGet all tagsREAD
GET /data-catalog/tags/all-pairs-dsGet all tag pairs by data sourceREAD
GET /data-catalog/tags/{tagId}Get tag by IDREAD
POST /data-catalog/validate-queryValidate queryREAD
Classification
RouteSummaryType
GET /all-classificationsGet all classifiers (including custom)READ
GET /all-classifications/{classifierId}Get classifier by IDREAD
GET /classificationsGet all classificationsREAD
POST /classifications/exclude-listCreate exclude list itemWRITE
GET /classifications/exclude-listGet classification exclude listREAD
GET /classifications/{classificationName}Get classification by nameREAD
GET /classifiersGet a list of available classifiers and advanced classifiersREAD
GET /classifiers-categoriesGet classifiers categoriesREAD
Connectivity
RouteSummaryType
GET /ds-connectionsList all data sourcesREAD
POST /ds-connectionsQuery data sources with body filtersREAD
POST /ds_connectionsCreate a new data sourceWRITE
GET /ds-connections-typesGet all supported data source typesREAD
GET /ds-connections-types/template/{dsType}Get template for data source typeREAD
GET /ds-connections/file-download/exportExport data sources to fileREAD
GET /ds-connections/filters/valuesGet available filter values for data source fieldsREAD
GET /ds-connections/{connectionName}/connection-resultsGet connection test results for a data sourceREAD
GET /ds-connections/{connectionName}/test-statusPoll connection test progressREAD
DSPM (Data Security Posture Management)
RouteSummaryType
GET /actionable-insights/cases-by-severityGet security issue cases grouped by severityREAD
GET /actionable-insights/all-casesGet all security issue cases (filtered/paginated)READ
GET /actionable-insights/cases-group-by-policyGet security issue cases grouped by policyREAD
GET /actionable-insights/cases-metadataGet distinct values for all filterable case fieldsREAD
GET /actionable-insights/top-critical-casesGet top five most critical open casesREAD
GET /actionable-insights/trendsGet security issue case trends over the last 30 daysREAD
DSAR
RouteSummaryType
GET /correlation-set-connectionsGet correlation set connectionsREAD
GET /sar/attributesGet SAR attributesREAD
GET /sar/auditGet SAR audit logsREAD
GET /sar/file-download/auditDownload SAR audit logsREAD
GET /sar/deletion-validationsGet deletion validationsREAD
GET /sar/deletion-validations/configGet deletion validation configurationREAD
GET /sar/general-infoGet general SAR configuration and informationREAD
GET /sar/profilesGet SAR profilesREAD
GET /sar/profiles/{profileId}Get SAR profile by IDREAD
GET /sar/report-templatesGet report templatesREAD
GET /sar/reports/{requestId}Get SAR report by request IDREAD
GET /sar/reports/{requestId}/extended-infoGet extended information for a SAR requestREAD
GET /sar/reports/{requestId}/personal-infoGet personal information for a SAR requestREAD
GET /sar/reports/{requestId}/searched-attributesGet searched attributes for a SAR requestREAD
GET /sar/reports/{requestId}/short-reportGet short summary reportREAD
GET /sar/reports/file-download/{requestId}Download the complete SAR reportREAD
GET /sar/reports/file-download/{requestId}/short-reportDownload short report fileREAD
GET /file-download/sar/reports/{requestId}/summary-reportDownload summary reportREAD
GET /sar/scansGet SAR scansREAD
GET /sar/scans/{requestId}Get SAR scan by request IDREAD
GET /sar/search/entity-source-connections/{profileId}Get entity source connections by profileREAD
Data Mapping
RouteSummaryType
GET /data-mapping/profilesRetrieve all DSAR profilesREAD
GET /data-mapping/profiles/{profileId}Retrieve a specific DSAR profileREAD
GET /data-mapping/profiles/{profileId}/correlation-set-connectionsRetrieve correlation set connections for a profileREAD
POST /data-mapping/profiles/{profileId}/correlation-set-connectionsAdd correlation set connections to a profileWRITE
GET /data-mapping/profiles/{profileId}/data-sourcesRetrieve data sources for a profileREAD
POST /data-mapping/profiles/{profileId}/data-sourcesAdd data sources to a profileWRITE
GET /data-mapping/profiles/{profileId}/objectsRetrieve all objects in a profileREAD
GET /data-mapping/profiles/{profileId}/objects/columnsRetrieve column definitions for objects in a profileREAD
GET /data-mapping/profiles/{profileId}/statisticsRetrieve statistics for a profileREAD
GET /privacy-apps/pia/bigid/assetsGet assetsREAD
GET /privacy-apps/pia/bigid/assets/attributesGet asset attributes and categoriesREAD
GET /privacy-apps/pia/bigid/assets/data-sourcesGet data sources by assetREAD
GET /privacy-apps/pia/bigid/vendorsGet vendor projectsREAD
GET /privacy-apps/pia/bigid/vendors/{vendorProjectId}Get vendor project description by IDREAD
GET /privacy-apps/pia/bigid/legal-entitiesGet legal entitiesREAD
GET /privacy-apps/pia/bigid/legal-entities/{entityId}Get legal entity by IDREAD
GET /regulationsGet all data categoriesREAD
GET /regulations-aggregationGet regulations aggregationREAD
GET /compliance-frameworksGet all compliance frameworksREAD
GET /compliance-frameworks/{id}Get compliance framework by IDREAD
Labels
RouteSummaryType
GET /labelsGet all labelsREAD
GET /labels/{labelName}Get label by nameREAD
Lineage
RouteSummaryType
GET /api/v1/lineage/treeGet all lineage nodes showing collection relationshipsREAD
Overview & Reporting
RouteSummaryType
POST /executive-dashboard/widgetFetch executive dashboard widget dataREAD
POST /data-explorer/objectsGet data explorer objects (all types)READ
POST /data-explorer/objects/{entityType}Get data explorer objects by typeREAD
POST /data-explorer/countGet data explorer count (all types)READ
POST /data-explorer/count/{entityType}Get data explorer count by entity typeREAD
POST /inventoryQuery data inventory with aggregationsREAD
GET /inventory/file-download/export/attributeExport inventory by attributeREAD
GET /inventory/file-download/export/sourceExport inventory by sourceREAD
POST /inventory/{entityType}Query inventory aggregations filtered by entity typeREAD
GET /metadata-search/entity-typesGet all entity typesREAD
GET /metadata-search/entity-types/{entityType}Get entity type detailsREAD
POST /metadata-search/filterFilter metadata search resultsREAD
POST /metadata-search/filter/suggestGet filter suggestionsREAD
GET /metadata-search/health-checkHealth check for metadata search serviceREAD
POST /metadata-search/index-by-filter/{entityType}Index objects matching a filterWRITE
GET /metadata-search/report/{dataSourceName}Get data source reportREAD
POST /metadata-search/search/fullFull metadata searchREAD
POST /metadata-search/search/quickQuick metadata searchREAD
GET /metadata-search/statusGet indexing statusREAD
GET /metadata-search/stored-events/statusGet stored events statusREAD
POST /metadata-search/sync/update-objectUpdate a specific object in the search indexWRITE
PII Records
RouteSummaryType
GET /piiRecordsGet PII records with RBAC filteringREAD
GET /identityLocationsGet identity locations with PII record countsREAD
GET /systemLocationsGet system locations by data sourceREAD
GET /applicationLocationsGet application locations by data sourceREAD
GET /applicationRisksGet risk data by applicationREAD
GET /attributeRisksGet risk data by attributeREAD
GET /activityViolationsGet activity violation informationREAD
Policies
RouteSummaryType
GET /compliance-rulesGet compliance policiesREAD
GET /compliance-rules/{ruleId}Get a single policy by IDREAD
GET /compliance-rules/{policyFqdn}/mapped-controlsGet compliance framework controls mapped to a policyREAD
GET /acm-rulesList ACM rulesREAD
GET /acm-rules/{ruleName}Get ACM rule by nameREAD
GET /complianceSummariesGet compliance summariesREAD
Privacy Risks
RouteSummaryType
GET /privacy-risksList privacy risksREAD
GET /privacy-risks/search-metadataGet privacy risks search metadataREAD
GET /privacy-risks/{policyFqdn}/mapped-controlsGet compliance controls mapped to a privacy riskREAD
GET /controlsGet all controls (risk and compliance)READ
GET /risk-controlsGet all risk controlsREAD
ROPA / PIA
RouteSummaryType
GET /privacy-apps/pia/base-templates/metadataGet all base templates metadataREAD
GET /privacy-apps/pia/base-templates/{id}Get base template by IDREAD
GET /privacy-apps/pia/templates/metadataGet all custom templatesREAD
GET /privacy-apps/pia/templates/{id}Get custom template by IDREAD
GET /privacy-apps/pia/templates/{id}/metadataGet template metadata by IDREAD
GET /privacy-apps/pia/templates/{id}/instancesGet total number of assessments for a templateREAD
GET /privacy-apps/pia/templates/countsGet all custom template countsREAD
GET /privacy-apps/pia/templates/typesGet template typesREAD
GET /privacy-apps/pia/templates/search-filtersGet search template filtersREAD
POST /privacy-apps/pia/templates/searchCreate search templatesWRITE
GET /privacy-apps/pia/instances/{id}Get assessment by IDREAD
GET /privacy-apps/pia/instances/{id}/metadataGet assessment metadata by IDREAD
GET /privacy-apps/pia/instances/{id}/fields/{fieldId}/general-dataGet assessment field general dataREAD
GET /privacy-apps/pia/instances/{id}/collaboratorsGet collaborators for assessmentREAD
GET /privacy-apps/pia/instances/search/baseGet search assessment for base gridREAD
GET /privacy-apps/pia/instances/search-filtersGet search filtersREAD
GET /privacy-apps/pia/instances/export/{templateId}Get exported privacy impact assessmentsREAD
GET /privacy-apps/pia/instances/export/{templateId}/templateExport PIA templateREAD
POST /privacy-apps/pia/instances/searchCreate search assessmentWRITE
GET /privacy-apps/pia/reports/instance-overview/{id}Get assessment overview reportREAD
GET /privacy-apps/ropa/reports/instance-report/{id}Get ROPA assessment overview reportREAD
GET /privacy-apps/pia/collaboration/healthCheck collaboration service healthREAD
GET /privacy-apps/pia/collaboration/versionGet collaboration service versionREAD
GET /privacy-apps/pia/collaboration/version/api-versionGet collaboration service API versionREAD
GET /privacy-apps/pia/collaboration/{collaborationId}/instance-idGet instance ID by collaboration IDREAD
GET /privacy-apps/pia/collaboration/collaborations/commentsGet comments for instance or fieldREAD
GET /privacy-apps/pia/collaboration/collaborations/{instanceId}/comments:countByFieldGet total comments per fieldREAD
GET /privacy-apps/pia/collaboration/collaborations/comments/statusGet comment status for the userREAD
GET /privacy-apps/pia/assignments/{id}Get assignmentREAD
GET /privacy-apps/pia/permissionsGet permissionsREAD
GET /privacy-apps/pia/settings/collaborationGet collaboration settingsREAD
GET /privacy-apps/pia/settings/configurationGet configuration settingsREAD
GET /privacy-apps/pia/feature-flagsFetch feature flagsREAD
GET /privacy-apps/pia/risksGet all privacy risksREAD
GET /privacy-apps/pia/risks/{riskId}Get risk by IDREAD
GET /privacy-apps/pia/risks/metadataGet risk search metadataREAD
GET /privacy-apps/pia/risks/summary/{instanceId}Get risk summary by assessment IDREAD
POST /privacy-apps/pia/risks/bulk-deleteBulk delete risks by list of IDsWRITE
GET /privacy-apps/pia/controlsGet all controlsREAD
Scan Management
RouteSummaryType
GET /scansList all scansREAD
GET /scans/parent-scansGet parent scansREAD
GET /scans/child-scans/{parentScanId}Get child scansREAD
GET /scanProfiles/{id}Get a scan profile by IDREAD
GET /scan-templatesGet all scan templatesREAD
GET /scan-templates/{scanTemplateId}Get a scan template by IDREAD
Configurations
RouteSummaryType
GET /services-configurationGet BigID services configuration settingsREAD
GET /audit-logGet audit log dataREAD
GET /audit-log/scope/{scopeName}Get audit logs by scopeREAD
GET /saved-queriesGet all saved queriesREAD
GET /saved-queries/{savedQueryId}Get saved query by IDREAD
POST /saved-queriesCreate saved queryWRITE
Data Retention
RouteSummaryType
GET /api/v1/policiesGet retention policiesREAD
POST /api/v1/policiesCreate a new retention policyWRITE
GET /api/v1/policies/{id}Get retention policy by IDREAD
PUT /api/v1/policies/{id}Update a retention policyWRITE
DELETE /api/v1/policies/{id}Delete a retention policyWRITE
POST /api/v1/policies/{id}/evaluateStart evaluation of a policyWRITE
GET /api/v1/policies/statisticsGet policy statisticsREAD
GET /api/v1/policies/namesGet policy namesREAD
GET /api/v1/policies/domainsGet policies grouped by domainREAD
GET /api/v1/policies/exportExport policies to CSVREAD
POST /api/v1/policies/importImport policies from CSVWRITE
GET /api/v1/policies/import/templateDownload CSV import templateREAD
POST /api/v1/policies/evaluateEvaluate policies by filter criteriaWRITE
POST /api/v1/policies/cloneClone existing retention policiesWRITE
GET /api/v1/policies/actionsGet available policy actionsREAD
GET /api/v1/policies/queryGet queries for policy hitsREAD
GET /api/v1/policies/{id}/definitionsGet all policy definitions for a policyREAD
POST /api/v1/policies/{id}/test-catalog-basedTest catalog-based policy definitionWRITE
POST /api/v1/policies/{id}/test-query-basedTest query-based policy definitionWRITE
POST /api/v1/policies/{id}/test-header-tableTest entity-based policy definitionWRITE
POST /api/v1/policies/{id}/test-regular-tableTest table-based policy definitionWRITE
GET /api/v1/policies/evaluationsGet policy evaluationsREAD
POST /api/v1/policies/evaluations/stopStop policy evaluationsWRITE
POST /api/v1/policies/evaluations/{policyEvaluationId}/resumeResume a stopped policy evaluationWRITE
GET /api/v1/policy-hitsGet policy hitsREAD
GET /api/v1/policy-hits/sample-dataGet policy hit sample dataREAD
GET /api/v1/findingsGet finding objectsREAD
GET /api/v1/findings/countGet findings countREAD
GET /api/v1/findings/by-data-sourcesGet findings grouped by data sourcesREAD
GET /api/v1/findings/datasourcesGet distinct data source namesREAD
GET /api/v1/findings/statistics-by-dateGet findings statistics grouped by dateREAD
GET /api/v1/findings/file-download/exportExport findings to CSVREAD
POST /api/v1/findings/send-findingsSend findings to RemediationWRITE
POST /api/v1/findings/send-to-deletionSend findings to DeletionWRITE
GET /api/v1/activity-logsGet activity logsREAD
GET /api/v1/activity-logs/actionsGet distinct activity log actionsREAD
GET /api/v1/activity-logs/item-namesGet distinct activity log item namesREAD
GET /api/v1/activity-logs/item-typesGet distinct activity log item typesREAD
GET /api/v1/disposition-tasksGet disposition tasksREAD
GET /api/v1/policy-evaluation-scheduleGet policy evaluation schedulesREAD
PATCH /api/v1/policy-evaluation-scheduleUpdate policy evaluation schedulesWRITE
DELETE /api/v1/policy-evaluation-schedule/{policyId}Cancel a policy evaluation scheduleWRITE
GET /api/v1/policy-associations/{policyId}Get associated policiesREAD
PUT /api/v1/policy-associationsCreate a policy associationWRITE
DELETE /api/v1/policy-associationsRemove a policy associationWRITE
GET /api/v1/data-sourcesGet data sources from BigID CoreREAD
GET /api/v1/data-sources/connector-typesGet data source connector typesREAD
POST /api/v1/data-sources/searchSearch data sourcesREAD
GET /api/v1/settings/criticalitiesGet criticalitiesREAD
POST /api/v1/settings/criticalitiesCreate a criticalityWRITE
PUT /api/v1/settings/criticalities/{id}Update a criticalityWRITE
DELETE /api/v1/settings/criticalities/{id}Delete a criticalityWRITE
GET /api/v1/settings/domainsGet domainsREAD
POST /api/v1/settings/domainsCreate a domainWRITE
PUT /api/v1/settings/domains/{id}Update a domainWRITE
DELETE /api/v1/settings/domains/{id}Delete a domain and its subdomainsWRITE
GET /api/v1/settings/environmentsGet environmentsREAD
POST /api/v1/settings/environmentsCreate an environmentWRITE
PUT /api/v1/settings/environments/{id}Update an environmentWRITE
DELETE /api/v1/settings/environments/{id}Delete an environmentWRITE
GET /api/v1/settings/jurisdictionsGet jurisdictionsREAD
POST /api/v1/settings/jurisdictionsCreate a jurisdictionWRITE
PUT /api/v1/settings/jurisdictions/{id}Update a jurisdictionWRITE
DELETE /api/v1/settings/jurisdictions/{jurisdictionId}Delete a jurisdictionWRITE
GET /api/v1/settings/regulationsGet regulationsREAD
POST /api/v1/settings/regulationsCreate a regulationWRITE
PUT /api/v1/settings/regulations/{id}Update a regulationWRITE
DELETE /api/v1/settings/regulations/{id}Delete a regulationWRITE
GET /api/v1/application-settingsGet application settings and feature flagsREAD
GET /api/v1/system-statusGet system status reportREAD
GET /api/v1/system-usersGet system usersREAD
GET /api/v1/system-users/{userId}Get system user by IDREAD
GET /api/v1/stream/sse-retentionSubscribe to retention SSE eventsREAD
Data Deletion
RouteSummaryType
GET /api/v1/data-minimization/requestsGet all data minimization requestsREAD
DELETE /api/v1/data-minimization/requests/{requestId}Delete a data minimization requestWRITE
POST /api/v1/data-minimization/requests/expire-requestsExpire data minimization requestsWRITE
GET /api/v1/data-minimization/requests/insightsGet request insightsREAD
GET /api/v1/data-minimization/objectsGet all data minimization objectsREAD
POST /api/v1/data-minimization/objectsCreate data minimization objectsWRITE
PUT /api/v1/data-minimization/objectsUpdate data minimization objectsWRITE
DELETE /api/v1/data-minimization/objectsDelete data minimization objectsWRITE
GET /api/v1/data-minimization/objects/file-download/exportExport data minimization objects to CSVREAD
POST /api/v1/data-minimization/objects/actionUpdate action status for data minimization objectsWRITE
POST /api/v1/data-minimization/objects/executeExecute objects marked as Delete AutomaticallyWRITE
GET /api/v1/data-minimization/objects/execute/countGet count of objects to be executed (GET)READ
POST /api/v1/data-minimization/objects/execute/countGet count of objects to be executed (POST)READ
POST /api/v1/data-minimization/objects/countGet count of objectsREAD
POST /api/v1/data-minimization/objects/execute-asyncExecute objects marked as Delete Automatically (async)WRITE
DELETE /api/v1/data-minimization/objects/asyncDelete data minimization objects (async)WRITE
GET /api/v1/data-minimization/datasourcesGet all data minimization data sourcesREAD
DELETE /api/v1/data-minimization/datasourcesDelete data minimization data sourcesWRITE
POST /api/v1/data-minimization/datasources/executeExecute deletion for data sourcesWRITE
POST /api/v1/data-minimization/datasources/objects/countGet count of objects per data sourceREAD
GET /api/v1/data-minimization/datasource-stateGet data source stateREAD
GET /api/v1/data-minimization/datasources/error-mappingsGet error mappings for data sourcesREAD
GET /api/v1/data-minimization/datasources/file-download/exportExport data sources to CSVREAD
GET /api/v1/data-minimization/datasources/errors/file-download/exportExport data source errors to CSVREAD
GET /api/v1/data-minimization/datasources/objects/file-download/exportExport data source objects to CSVREAD
GET /api/v1/data-minimization/datasources/objects/failed/file-download/exportExport failed object samples to CSVREAD
GET /api/v1/data-minimization/datasources/insightsGet insights for data sourcesREAD
DELETE /api/v1/data-minimization/datasources/asyncDelete data minimization data sources (async)WRITE
GET /api/v1/data-minimization/executionsGet data deletion executionsREAD
POST /api/v1/data-minimization/executions/{executionId}/stopStop a running executionWRITE
GET /api/v1/data-minimization/disposition-tasksGet all disposition tasksREAD
DELETE /api/v1/data-minimization/disposition-tasksCancel disposition tasksWRITE
POST /api/v1/data-minimization/disposition-tasks/executeExecute deletion for disposition tasksWRITE
GET /api/v1/data-minimization/disposition-tasks/actionsGet distinct disposition task actionsREAD
GET /api/v1/data-minimization/disposition-tasks/policiesGet distinct disposition task policiesREAD
GET /api/v1/data-minimization/dsar-queriesGet DSAR queries for deletionREAD
GET /api/v1/data-minimization/settings/objectsGet data minimization global settingsREAD
POST /api/v1/data-minimization/settings/objectsUpdate data minimization global settingsWRITE
DELETE /api/v1/data-minimization/settings/objectsDelete data minimization global settingsWRITE
POST /api/v1/data-minimization/support/datasourcesCheck if data sources support auto-deletionREAD
POST /api/v1/data-minimization/states/by-datasourcesGet deletion states by request ID and data sourcesREAD
GET /api/v1/data-minimization/error-mappings/categoriesGet error mapping categoriesREAD
POST /api/v1/data-minimization/statisticsGet data minimization statisticsREAD
POST /api/v1/data-minimization/executeExecute data minimization deletionWRITE
GET /api/v1/data-minimization/statusGet data minimization app statusREAD
GET /api/v1/data-minimization/manifestGet data minimization manifestREAD

Example Prompts

Section titled “Example Prompts”

The following natural language prompts illustrate what you can accomplish by connecting Claude to the BigID MCP server.

Discover Data Sources and Their Security Posture

Section titled “Discover Data Sources and Their Security Posture”
Show me the security posture of all my data sources in BigID.
Highlight critical risks and exposed sensitive data.

Discover Shadow AI

Section titled “Discover Shadow AI”
What AI assets, AI applications, and unsanctioned AI usage exist
across my organization according to BigID?

Breach Investigation Report

Section titled “Breach Investigation Report”
Investigate a potentially compromised account in BigID. Pull data access
history, entitlements, and sensitive data exposure, then generate a
risk-rated incident report with remediation actions.

Find Cleartext Passwords and Secrets

Section titled “Find Cleartext Passwords and Secrets”
Find repositories, files, or databases containing exposed secrets, API keys,
tokens, certificates, or cleartext passwords in BigID.

GDPR Readiness Assessment

Section titled “GDPR Readiness Assessment”
Evaluate our GDPR readiness in BigID. Identify personal data exposure,
missing retention policies, cross-border data risks, and DSAR compliance gaps.

Data Retention Cleanup

Section titled “Data Retention Cleanup”
Identify stale, duplicate, or unnecessary sensitive data in BigID
that should be archived or deleted.
© 2026 BigID, Inc.
All rights reserved.
Terms Privacy Notice Cookies Your Privacy Choices Legal Resources Certifications Conduct & Ethics Sub-processors