Anecdotes User Management API Guide

Auth method: Not documented

User object field mapping is not yet verified for this app.

Endpoint coverage is not yet verified for this app.

• Rate limits: Not documented

• Rate-limit headers: No

• Retry-After header: No

• Rate-limit notes: Not documented

• Pagination method: none

• Default page size: 0

• Max page size: 0

• Pagination pointer: Not documented

• Webhooks available: No

• Webhook notes: No webhook documentation for user lifecycle events has been found in any official Anecdotes (anecdotes.ai) source. The platform supports outbound integrations (e.g., Jira, ServiceNow ticket creation) but no publicly documented webhook system for user provisioning or deprovisioning events.

• Alternative event strategy: User access is managed via IdP (Okta SAML SSO confirmed). User Access Review (UAR) workflows are handled natively within the Anecdotes platform UI. For programmatic evidence ingestion, Anecdotes offers a 'Data Delegation API' and custom connector framework, but these are not user-management APIs.

• SCIM available: No
• SCIM version: Not documented
• Plan required: Unknown
• Endpoint: Not documented

Limitations:

• No SCIM provisioning endpoint has been documented in any official Anecdotes (anecdotes.ai) source.
• The context JSON scim_reference confirms has_native_scim=false.
• User provisioning appears to rely on IdP-initiated SSO (Okta SAML) with just-in-time or manual provisioning only.

No automation scenarios for user provisioning, deprovisioning, or role assignment can be documented for Anecdotes GRC because no user management API endpoints exist in any public source. The platform's API page is marketing-level only and does not expose a developer reference.

Anecdotes uses OpenAPI/Swagger internally per their engineering blog, but no public spec has been released. The only programmatic surface confirmed is the Data Delegation API for evidence ingestion - scoped to compliance data, not user identity.

Webhook support for user lifecycle events is also absent; outbound integrations such as Jira and ServiceNow exist for ticket creation but are unrelated to user provisioning. Important disambiguation: the public API at public-api.

anecdoteai. com belongs to Anecdote (anecdoteai.

com), a separate customer-feedback product, and is entirely unrelated to Anecdotes GRC (anecdotes. ai).

Scenario implementations are not yet verified for this app.

The absence of a user management API is a hard blocker for any automated identity workflow targeting Anecdotes GRC.

There is no SCIM endpoint, no REST user API, no webhook for provisioning events, and no public developer portal - meaning any integration built today would rely on undocumented internals or UI automation, both of which carry high maintenance risk.

The MCP server with ~100 deep IT/identity integrations does not include Anecdotes as a supported connector, which is consistent with the platform's current API posture. Teams should not architect automated joiner/mover/leaver flows against Anecdotes until a user management API is publicly documented and stable.

Monitor the product roadmap directly with the vendor; given the pattern of responding to feature requests noted in community reviews, a SCIM or provisioning API may be a viable roadmap ask.