BigID is a New York City-headquartered data security platform that combines Data Security Posture Management (DSPM), Data Loss Prevention (DLP), access governance, AI security & governance (AISPM), privacy automation, and a unified Data & AI Catalog. Founded in 2016 by Dimitri Sirota and Nimrod Vax, BigID exposes every action available in its UI through a REST API rooted at /api/v1 — covering data sources, scans, catalog, cluster analysis, DSPM cases, and DSARs — plus an App Framework for building custom apps, a connector framework (Java and REST) for new data sources, and an MCP surface for AI agents.
URL: Visit APIs.json
Run: Capabilities Using Naftiko
- Data Security, DSPM, DLP, Privacy, AI Security, Data Catalog, DSAR, Data Discovery, Compliance
- Created: 2026-05-25
- Modified: 2026-05-25
Authenticate against a BigID deployment using either username/password or a long-lived user token. Exchange a user token for a short-lived system token (JWT) used to authorize subsequent REST API calls.
Human URL: https://developer.bigid.com/api/bigid-api-token-authentication/
- Documentation — User Authentication
- Documentation — Token Authentication
- OpenAPI
- Example — Create Session
- Naftiko Capability — Sessions
Programmatically manage data source connections in BigID. List, create, test, and export data sources, and inspect the catalog of available connector templates (e.g. rdb-mysql, s3-v2, snowflake, sharepoint-online).
Human URL: https://developer.bigid.com/api/data-source-connections-api-tutorial/
- Documentation — Data Source Connections
- Documentation — Add A Data Source
- OpenAPI
- JSON Schema — Data Source
- Example — List Data Sources
- Naftiko Capability — Connections
- Naftiko Capability — Templates
Configure and execute BigID scans. Create scan profiles to control which data sources are scanned and using which classifier template, then start and monitor scan executions and parent-scan rollups.
Human URL: https://developer.bigid.com/api/scan-profiles-api-tutorial/
- Documentation — Scan Profiles
- Documentation — Scan Insights
- OpenAPI
- Naftiko Capability — Scan Profiles
- Naftiko Capability — Scan Executions
Query and export BigID's data catalog — the central inventory of objects, columns, and attributes discovered by BigID scans. Includes metadata export, duplicate-detection, and cluster-similar-column lookups.
Human URL: https://developer.bigid.com/api/bigid-api-metadata-export-tutorial/
- Documentation — Metadata Export
- Documentation — Duplicate Data
- OpenAPI
- JSON Schema — Catalog Object
- Naftiko Capability — Objects
Retrieve clusters of similar data identified by BigID's cluster-analysis engine. Clusters group structurally or semantically similar columns and objects across data sources to support deduplication, retention, and minimization workflows.
Human URL: https://developer.bigid.com/api/cluster-analysis-api-tutorial/
Fetch and remediate Data Security Posture Management (DSPM) findings via BigID's actionable insights API. List open cases, bulk-update them, and resolve individual cases with audit reasons.
Human URL: https://developer.bigid.com/api/data-posture-api-tutorial/
Run Data Subject Access Requests (DSARs) and retrieve the resulting reports. Inspect available DSAR profiles and identifier attributes, submit new DSAR scans, poll status, and download short or full reports in JSON or CSV.
Human URL: https://developer.bigid.com/api/bigid-api-dsar-tutorial/
- BigID Developer Portal (DeveloperPortal)
- BigID Get Started Guide (GettingStarted)
- BigID REST API Reference (APIReference)
- BigID App Framework (Documentation)
- BigID Connector Framework (Documentation)
- BigID MCP and LLM Integration (Documentation)
- BigExchange GitHub Organization (GitHubOrganization)
- BigID JavaScript SDK (SDK)
- BigID iOS Consent SDK (SDK)
- BigID Simple App Quickstart (TypeScript) (Quickstart)
- BigID DSPM Quickstart (TypeScript) (Quickstart)
- BigID App Framework Hello-World App (Java) (CodeExamples)
- BigID External-Service Helm Template (CodeExamples)
- BigID Azure Key Vault App (Integrations)
- BigID AWS Control Tower Integration (Integrations)
- BigID AWS Security Hub Integration (Integrations)
- BigID XSOAR Content Pack (Integrations)
- BigID GTM Consent Template (Integrations)
- BigID Website (Portal)
- BigID Blog (Blog)
- About BigID (Hub)
- Contact BigID (Contact)
- BigID Terms and Conditions (TermsOfService)
- BigID Privacy Notice (PrivacyPolicy)
- BigID Cookies Policy (Legal)
- BigID Sub-processors (Compliance)
- BigID Certifications and Assessments (Compliance)
- BigID on LinkedIn (LinkedIn)
- BigID Spectral Ruleset (SpectralRules)
- BigID Vocabulary (Vocabulary)
- BigID JSON-LD Context (JSONLD)
- BigID Plans and Pricing (Plans)
- BigID Rate Limits (RateLimits)
- BigID FinOps Profile (FinOps)
- Data Security Posture Management (DSPM) — Continuous risk detection across cloud, on-prem, and SaaS data with severity-based remediation workflows.
- Data Loss Prevention (DLP) — ML-enhanced DLP with custom labeling by sensitivity, residency, and risk; integrates with MIP and Google labels.
- Access Governance — Identify over-privileged access, enable zero-trust controls, and mitigate insider risk.
- AI Security & Governance (AISPM) — Shadow AI detection, AI model inventory, prompt and response governance, TRiSM.
- Privacy Automation — DSAR fulfillment, retention, deletion, consent, and 190,000+ out-of-the-box retention policies.
- Data & AI Catalog — Unified catalog of structured/unstructured data, AI models, prompts, and agents.
- 100+ Data Source Connectors — Cloud, SaaS, on-prem, and developer-environment connectors plus a custom connector framework.
- 1000+ Pre-Trained Classifiers — Patented AI classification across 100+ languages.
- App Framework — Build custom apps via
/manifest,/execute, and/uiHTTP endpoints; deploy on Kubernetes. - MCP for Agents — BigID exposes its data governance and connector surface through the Model Context Protocol.
- AI Risk Management and TRiSM — Discover, govern, and secure AI models, training data, prompts, and agent surfaces.
- Cloud Data Security — Find and remediate exposed PII, PHI, PCI in S3, GCS, Azure Storage, Snowflake, Databricks.
- Data Minimization — Surface duplicate and stale data to shrink the sensitive-data footprint.
- Privacy Compliance — Operationalize HIPAA, GDPR, CCPA, LGPD with DSAR, retention, and consent automation.
- Insider Risk Detection — Spot suspicious access to sensitive data based on behavior, role, and policy.
- Breach Investigation — Determine what sensitive data was implicated in an incident and notify accordingly.
- Source Code DLP — Prevent exfiltration of source code and credentials.
AWS, Snowflake, Databricks, Splunk, Wiz, Salesforce, ServiceNow, Collibra, Alation, Informatica, Atlan, Microsoft Information Protection (MIP), Cortex XSOAR, Google Tag Manager.
- Data Security Platform — DSPM + DLP + access governance.
- Privacy Automation Suite — DSAR, retention, deletion, consent, regulatory reporting.
- AI Security & Governance — Shadow AI, model inventory, prompt/response governance, TRiSM.
- Data & AI Catalog — Unified catalog spanning structured, unstructured, and AI assets.
- Kin Lane — kin@apievangelist.com — apievangelist.com