--- title: KnowBe4 API Integration on Truto slug: knowbe4 category: Knowledge Management canonical: "https://truto.one/integrations/detail/knowbe4/" --- # KnowBe4 API Integration on Truto **Category:** Knowledge Management **Status:** Generally available ## Unified APIs ### Unified User Directory API - **Groups** — Groups are a collection of users in the source application. In some applications, they might also be called Teams. - **Roles** — The Role object represents a role of a User. - **Users** — The User object represents a User. ## How it works 1. **Link your customer's KnowBe4 account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach KnowBe4.** The Proxy API is a 1-to-1 mapping of the KnowBe4 API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Automate compliance evidence collection from KnowBe4** — GRC and compliance platforms can continuously pull user training statuses and completions from KnowBe4, eliminating manual screenshot uploads and keeping audit evidence current without end-user effort. - **Sync employee directories into KnowBe4 for zero-touch onboarding** — HR and onboarding platforms can provision new hires into KnowBe4 and assign them to the correct training groups automatically, ensuring security awareness training starts on day one without IT intervention. - **Enforce dynamic access controls based on human risk scores** — IAM and Zero-Trust platforms can query KnowBe4 user data to inform access policies — restricting privileges for employees who repeatedly fail phishing simulations until their risk posture improves. - **Keep KnowBe4 user and group data in sync with your platform's directory** — Any SaaS product that manages employee records can use the integration to ensure KnowBe4 groups and user profiles stay aligned with organizational changes like department transfers, role changes, and offboarding. ## What you can build - **Automated new-hire security training enrollment** — Provision users into KnowBe4 and assign them to onboarding groups the moment they appear in your HR or identity platform, triggering training campaigns automatically. - **Real-time org chart to KnowBe4 group sync** — Map departments, teams, and roles from your product's user directory to KnowBe4 groups so training campaigns always target the right people. - **Offboarding-triggered KnowBe4 user deactivation** — Automatically remove or deactivate users in KnowBe4 when they are terminated in your platform, closing gaps in license management and reporting accuracy. - **Unified employee directory with security training context** — Surface KnowBe4 user and group membership data alongside records from other directory sources in a single normalized view inside your product. - **Cross-platform role-based training group assignment** — Use role data from your identity provider or HRIS integration to automatically place users into the correct KnowBe4 groups for role-specific phishing and training campaigns. ## FAQs ### What authentication method does KnowBe4 use for API access? KnowBe4's Reporting API uses a static API token (Bearer token) that account admins generate from their KnowBe4 console. Truto handles storing and injecting this token so your end users only need to paste it once during the connection flow. ### Which Truto Unified API covers KnowBe4? KnowBe4 is mapped to Truto's Unified User Directory API, which provides normalized access to Users, Groups, and Roles. This lets you read and manage KnowBe4's organizational data using the same schema you use for other directory integrations. ### Are there specific tools or pre-built resources available for KnowBe4 today? KnowBe4 tools are built on request. Once requested, Truto builds and maps the relevant KnowBe4 API endpoints to the Unified User Directory API resources (Users, Groups, Roles), handling pagination, error handling, and data normalization for you. ### Does KnowBe4 have rate limits I should be aware of? Yes. KnowBe4's Reporting API enforces rate limits that vary by endpoint and account tier. Truto manages retry logic and backoff strategies so your integration handles throttling gracefully without custom code. ### Can I access KnowBe4 risk scores and training data through Truto? Risk scores, training campaign results, and phishing simulation data are available through KnowBe4's API but are not currently part of the Unified User Directory API schema. These can be accessed through Truto's proxy or custom tool capabilities once the integration is built. ### How does KnowBe4 handle multi-region API endpoints? KnowBe4 hosts separate API base URLs depending on the customer's data center region (US, EU, etc.). Truto's connection setup captures the correct region so API calls are routed to the right endpoint automatically.