WorkOS Docs Homepage
Integrations

Rippling SCIM

Learn about syncing your user list with Rippling SCIM v2.0.

This guide outlines how to synchronize your application’s Rippling directories using SCIM.

To synchronize an organization’s users and groups provisioned for your application, you’ll need to provide the organization with two pieces of information:

  • An Endpoint that Rippling will make requests to.
  • A Bearer Token for Rippling to authenticate its endpoint requests.

Both of these are available in your Endpoint’s Settings in the WorkOS Dashboard.

Steps 2, 3, and 4 below will need to be carried out by the organization when configuring your application in their Rippling instance.

Login to your WorkOS Dashboard and select “Organizations” from the left hand navigation bar.

Select the organization you’ll be configuring a new Directory Sync for.

Under “Actions” click “Add Directory”.

A screenshot showing where to click "Add Directory" in the WorkOS dashboard.

Select “Rippling” from the dropdown, and enter the organization name.

Then, click “Create Directory.”

A screenshot showing where to name and create a Rippling Directory in the WorkOS dashboard.

Your Rippling directory sync has now been created successfully with an Endpoint and Bearer Token.

A screenshot showing where to locate the Rippling directory details in the WorkOS dashboard.

We have support for custom URLs for Directory Sync endpoints. Contact us for more info!

Log in to the Rippling admin dashboard and select the “Custom App” option in the menu under the “Identity Management” category.

A screenshot showing where to select the "Custom App" option in the "Identity Management" menu in Rippling.

Select “Create New App” in the Custom App page.

A screenshot showing where to select "Create New App" in Rippling.

Fill out the application’s name, select categories, upload an image for the logo, and check the “User Management via SCIM” box. Click “Continue” and the next page will populate more option fields regarding SCIM setup.

A screenshot showing where to fill in the name, categories, logo, and type of custom app in Rippling.

Set the SCIM version to 2.0.

Fill in the endpoint into the “SCIM Base URL” field.

A screenshot showing where to set the SCIM version and "SCIM Base URL" in Rippling.

Set the SCIM authorization method to “Bearer Token” in the “SCIM Authorization Method” dropdown list. Check off features for groups, pagination, delete groups and PATCH groups.

A screenshot showing the SCIM authorization method and configuration options in Rippling.

Add SCIM attributes externalId, emails.primary, name.givenName, name.familyName to the “Supported SCIM Attributes” input box. If you have additional custom attributes, add the appropriate corresponding Rippling values of the custom attributes. Click “Continue” to move to the next step.

A screenshot showing the "Supported SCIM Attributes" field in Rippling.

Rippling will then prompt you to install the app. Click “Install now” and proceed through the next step. Then, copy and paste the Bearer Token into the “Bearer Token” field and click “Continue”.

A screenshot showing where to enter the Bearer Token in Rippling.

After entering the Bearer Token, the following two pages “App Access Rules” and “Provision Time”, can be filled out by your own preference. You should then arrive at the “Account Matching” page.

In order for your users and groups to be synced, you will need to assign them to your Rippling Application. Match the Rippling users to the account, or create a new application account for the user(s).

A screenshot showing where to match Rippling users to an account in Rippling.

Create groups for the application as needed.

A screenshot showing where to create a group in Rippling.

Name the group.

A screenshot showing where to name a group in Rippling.

Assign Rippling users/groups to the newly created application group.

A screenshot showing where to assign users and groups to a newly created application in Rippling.

Make sure all attributes previously added are enabled, and that their cadence is set to “On user creation and updates”. Then, click “Save” and “Continue” to finish setup.

A screenshot showing where to ensure that all attributes are enabled in Rippling.

In your WorkOS dashboard, you should now see the users and groups synced over.

A screenshot showing a successfully synced user from Rippling in the WorkOS dashboard.

A detailed guide to integrate the WorkOS API with your application can be found here

Can I add additional custom fields to this SCIM integration?

Yes, however Rippling allows only a limited set of custom fields in SCIM applications.

  • addresses.home.country
  • addresses.home.formatted
  • addresses.home.locality
  • addresses.home.postalCode
  • addresses.home.region
  • addresses.home.streetAddress
  • addresses.work.country
  • addresses.work.formatted
  • addresses.work.locality
  • addresses.work.postalCode
  • addresses.work.region
  • addresses.work.streetAddress
  • department
  • displayName
  • emails.primary
  • employeeNumber
  • externalId
  • manager.displayName
  • manager.email
  • manager.managerId
  • name.familyName
  • name.formatted
  • name.givenName
  • phoneNumbers.mobile
  • phoneNumbers.work
  • photos.photo
  • title
  • userType