IAM CIS Person API (v2) Beta test


I’m happy to announce that the CIS (Change Integration Service) API v2 is ready for beta testing. This API allows you to query IAM user profile information and list all users.

You can find documentation about it here: https://github.com/mozilla-iam/cis/blob/master/docs/PersonAPI.md

Key information:

  • This API is read-only
  • Information access is protected by scopes, which derive from the Mozilla data classification
  • Only Mozilla Staff of contributors with a Staff sponsor are currently able to get access (same as RP enrollments)
  • Pull-requests for features are indeed welcome, should you be interested in that (thanks!)
  • The data that is accessible is defined by the user profiles. Here is an example empty profile (here’s an easier way to view it: https://codebeautify.org/jsonviewer/cb3f6ec0).
  • The data currently present is Staff and LDAP contributor data. Non-LDAP contributor data will be added during the beta testing period.

We also have a write-only API which is only available to publishers of data (the CIS Change API) such as LDAP, HRIS, Mozilliansorg/DinoPark, Auth0, etc.


  • This is a beta test, which means you may find bugs or issue. If you do, please file an issue at https://github.com/mozilla-iam/cis/issues (please use the tag BETA_TEST_PERSON_API to speed up triage)
  • The API may be unavailable for short periods of time during the beta-testing period



Beta feedback:
I have added display:null as a scope in order to be able to consume fields that do not use the display levels in APIs, without having to grant display:all.

For example this lets you get the user_id (classification public, display set to null) without getting back all the fields that may be public, but with another display value set.