Don't forget to check out our JSON RESTful APIs, they can help you utilize and extend Quickbase with ease.
This topic lists and explains restrictions on provisioning via the Quickbase SCIM API.
Allowable usernames
Usernames cannot have spaces or be longer than 255 characters. Special characters are allowed.
Preventing conflicts with email addresses as usernames
If an email address is specified as a username, Quickbase verifies updates to usernames to prevent conflicts with existing users.
For example, in this scenario, a new user can be provisioned without conflict:
User | Username | Email address |
---|---|---|
User 1 (existing user) |
user@example.com |
a@example.com |
User 2 (new provisioned user) |
user2 |
a@example.com |
But a conflict is caused if an email update occurs as follows, because user@example.com already exists as a username.
User | Username | Email address |
---|---|---|
User 1 |
user@example.com |
a@example.com |
User 2 |
user2 |
user@example.com |
Sign-in must use SSO
Sign-in to Quickbase must use SSO, because of the method by which usernames provisioned via the SCIM API are stored.
Deletions
Deletions via the SCIM API are mapped as denied users in Quickbase.
Updates to basic information limited to in-company
Updates to basic information (first name, last name, email address) are limited to those within the same company. Updates to basic information for usernames outside the company are not supported.
Link only through primary emails
Quickbase supports linking via the value set for primary emails only.
App sharing
To share Quickbase apps, users must share the app with the email address of the SCIM user, or with the Quickbase username (if the user had already existed in Quickbase before provisioning).
Provisioned existing users
If you use the SCIM API to provision existing users, and the user already has a Quickbase username set, the Quickbase username will be cleared.
Deactivated users
You cannot use the SCIM API to restore any Quickbase users that have a status of deactivated.
Rate limitation
SCIM API usage rate may be limited. If your requests are being limited, an HTTP: 429 error will be returned. Most IdM tools recognize rate limit status and automatically retry.
Restrictions on changing SCIM users from Quickbase
The following activities cannot be completed using the Quickbase Admin Console. You must use an IdM provider or the SCIM API:
-
Deny users
-
Update email, username, firstname, lastname
Group mapping management restrictions from Quickbase
-
You cannot appoint new managers, or promote users to managers.
-
You must manage the following items through your IdM application: add or remove SCIM members, and delete or rename SCIM groups.
-
You cannot link existing groups in Quickbase to SCIM groups in your IdM application. All SCIM groups are new groups.
-
You cannot rename or create a non-SCIM group using an existing SCIM's group name. Each SCIM group name is unique within a realm. For example, you cannot create a non-SCIM group using "QB_PD" because a SCIM group with the same name exists within the same realm:
Group Type Group Name Creation Status SCIM group QB_PD existing group Non-SCIM group QB_PD name conflict -
With subscriptions and email notifications, if an existing user has the same username as a SCIM group in the same realm, then any subscriptions or email notifications created are sent to the user. For example, within the same realm, if there is a user with the username "sales" and a new SCIM group is created with the name "sales", then any subscription or email notification is sent to the user.
-
You cannot create nested SCIM groups.