Docs

Integration Documentation

Connect your tools, automate provisioning, and build on ARQERA's API.

Request Early Access

Pre-built Connectors

Connect Slack, Notion, Xero, DocuSign, and 100+ tools via OAuth. One-click setup from the Integrations page.

API Authentication

Authenticate via API keys or OAuth 2.0. Scoped permissions, key rotation, and tenant isolation.

SCIM Provisioning

Automate user provisioning and de-provisioning. SCIM 2.0 compliant. Works with Okta, Entra ID, OneLogin, and JumpCloud.

SSO / SAML

Enterprise SSO via SAML 2.0 and OpenID Connect. Managed through WorkOS. Supports Okta, Entra, Google Workspace, and custom IdPs.

Webhooks

Receive real-time events for artifact creation, compliance changes, user actions, and billing. HMAC-signed payloads.

REST API

200+ endpoints. Full OpenAPI specification. Versioned. Rate-limited. Tenant-scoped. Interactive API explorer in-app.

SCIM Provisioning

Automate user lifecycle management with your identity provider

Spec	SCIM 2.0 (RFC 7643 / 7644)
Supported resources	Users, Groups
Operations	Create, Read, Update, Delete, Patch, Filter
Bulk operations	Not currently supported
Auth method	Bearer token (API key)
Max filter results	200
Change password	Supported
ETag	Supported

SCIM Endpoint

https://app.arqera.io/api/scim/v2

Configure this URL in your identity provider (Okta, Entra ID, OneLogin, JumpCloud). Generate a SCIM token from System → SSO & Provisioning in the ARQERA app.

SSO Configuration

Enterprise single sign-on via SAML 2.0 or OpenID Connect

Okta

SAML 2.0

Microsoft Entra ID

SAML 2.0 / OIDC

Google Workspace

OIDC

Custom IdP

SAML 2.0

SSO is available on the Business and Enterprise plans. Configure connections from System → SSO.

Webhooks

Receive real-time event notifications via HTTP POST

Event Categories

artifact.createdartifact.sharedcompliance.check.completedevidence.emitteduser.createduser.deprovisionedsubscription.updatedintegration.connected

All webhook payloads are signed with HMAC-SHA256. Verify signatures using the webhook secret from Settings → API Keys.

Ready to integrate?

Create your free account and connect your first tool in minutes.

Request Early Access Back to Docs

Docs

Integration Documentation

Connect your tools, automate provisioning, and build on ARQERA's API.

Request Early Access

Pre-built Connectors

Connect Slack, Notion, Xero, DocuSign, and 100+ tools via OAuth. One-click setup from the Integrations page.

API Authentication

Authenticate via API keys or OAuth 2.0. Scoped permissions, key rotation, and tenant isolation.

SCIM Provisioning

Automate user provisioning and de-provisioning. SCIM 2.0 compliant. Works with Okta, Entra ID, OneLogin, and JumpCloud.

SSO / SAML

Enterprise SSO via SAML 2.0 and OpenID Connect. Managed through WorkOS. Supports Okta, Entra, Google Workspace, and custom IdPs.

Webhooks

Receive real-time events for artifact creation, compliance changes, user actions, and billing. HMAC-signed payloads.

REST API

200+ endpoints. Full OpenAPI specification. Versioned. Rate-limited. Tenant-scoped. Interactive API explorer in-app.

SCIM Provisioning

Automate user lifecycle management with your identity provider

Spec	SCIM 2.0 (RFC 7643 / 7644)
Supported resources	Users, Groups
Operations	Create, Read, Update, Delete, Patch, Filter
Bulk operations	Not currently supported
Auth method	Bearer token (API key)
Max filter results	200
Change password	Supported
ETag	Supported

SCIM Endpoint

https://app.arqera.io/api/scim/v2

Configure this URL in your identity provider (Okta, Entra ID, OneLogin, JumpCloud). Generate a SCIM token from System → SSO & Provisioning in the ARQERA app.

SSO Configuration

Enterprise single sign-on via SAML 2.0 or OpenID Connect

Okta

SAML 2.0

Microsoft Entra ID

SAML 2.0 / OIDC

Google Workspace

OIDC

Custom IdP

SAML 2.0

SSO is available on the Business and Enterprise plans. Configure connections from System → SSO.

Webhooks

Receive real-time event notifications via HTTP POST

Event Categories

artifact.createdartifact.sharedcompliance.check.completedevidence.emitteduser.createduser.deprovisionedsubscription.updatedintegration.connected

All webhook payloads are signed with HMAC-SHA256. Verify signatures using the webhook secret from Settings → API Keys.

Ready to integrate?

Create your free account and connect your first tool in minutes.

Request Early Access Back to Docs