Summary and recommendation
Vectra AI does expose a REST API - primarily scoped to its Detect and Stream products for detections, hosts, and accounts (security entities, not user accounts).
However, no publicly documented endpoints exist for user management operations: create, read, update, or delete of platform users.
API documentation appears to be partially or fully gated behind a customer support portal login, so the full API surface could not be verified from public sources.
There is no confirmed SCIM support, no webhook system for user-lifecycle events, and no IdP-based provisioning listed in official documentation.
API quick reference
| Has user API | No |
| SCIM available | No |
| SCIM plan required | N/A |
Authentication
Auth method: Not documented
User object / data model
User object field mapping is not yet verified for this app.
Core endpoints
Endpoint coverage is not yet verified for this app.
Rate limits, pagination, and events
Rate limits: Not documented
Rate-limit headers: No
Retry-After header: No
Rate-limit notes: Not documented
Pagination method: none
Default page size: 0
Max page size: 0
Pagination pointer: Not documented
Webhooks available: No
Webhook notes: No publicly documented webhook system for user-management events found in official Vectra AI documentation.
Alternative event strategy: Not documented
SCIM API status
- SCIM available: No
- SCIM version: Not documented
- Plan required: N/A
- Endpoint: Not documented
Limitations:
- No native SCIM support confirmed in official documentation or context data.
Common scenarios
No user management API scenarios can be responsibly documented given the current data.
The Vectra AI developer portal (developer.vectra.ai) is the canonical reference, but publicly accessible content there does not describe user provisioning endpoints.
If your identity graph depends on pulling a live roster of Vectra AI platform users for access reviews, joiners/movers/leavers workflows, or cross-app correlation
you will not find a supported API path from public documentation alone.
Engage the Vectra AI account team or support portal to determine whether any undocumented or gated user management endpoints exist before designing an integration.
Scenario implementations are not yet verified for this app.
Why building this yourself is a trap
The primary trap here is conflating Vectra AI's security-data REST API with a user management API - they are not the same surface. The detection and host endpoints are well-suited for SIEM or SOAR integrations but provide no leverage over platform user identity.
Without SCIM or a user API, any identity graph that needs to include Vectra AI platform users as nodes cannot be populated programmatically from public endpoints. Rate limit details, pagination behavior, and auth scopes for any gated user management endpoints are entirely unverified;
building automation against undocumented endpoints carries significant breakage risk if the vendor changes behavior without public notice.
Automate Vectra AI workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
