The Rippling App Shop provides a catalogue of Rippling integrated applications. Rippling customers and their employees can take advantage of co-marketing opportunities as well as quickly identity providers within various verticals and services, such as applications for Collaboration or Office Management.
Rippling integrates with third-party applications through a number of methods, such as single sign-on, provisioning, and deep integrations. API-based Provisioning integrations have grown extremely popular within the Rippling ecosystem as they allow for employees to be created, removed, and managed within your third-party applications, in real-time from your Rippling Dashboard.
How do I find Rippling Provisioning Integrations?
API Provisioning integrations can be identified by the application’s profile page within the App Shop. Typically, the ‘Integration Quick Look’ will have mention of the capabilities to Create accounts, Remove accounts, and Manage groups, although not all provisioning integrations enable the management of groups.
How do I install Rippling Provisioning Integrations?
As with all Rippling integrations, a Rippling administrator will need to install the application or invite the admin of the third-party application to install the account. The Rippling administrator will have the option of inviting another member of their team once they click the ‘Connect Account’ button from the application profile page.
Connecting your Account: OAuth and API Keys
Rippling provides guided installation set ups for API-based provisioning integrations. Often times, these guided wizards will have you sign-in to your account of the third-party application through Rippling, enabling scoped privileges for Rippling. This leverages OAuth to provide scoped privileges that allow your organization’s admins to manage your third-party accounts through Rippling.
Alternatively, you may be required to retrieve an API key directly from the third-party application to connect your account to Rippling. In these cases, an admin for your third-party application will need to retrieve the API key and then provide it to the Rippling installation flow. These API keys are found in various areas within third-party applications, although the installation wizard will show you where to find it specific to each application.
Using a Provisioning Integration
Once installed, Rippling provisioning integrations provide admins with account management oversight from the application dashboard.
This information includes current user statuses, as well as the ability to grant or revoke employee accounts within third-party applications from the Overview tab. New user accounts will usually be created using the employee’s work email. If the third-party application supports non-matching domains for account creation, then a personal email may be used when a work email is not present.
Within the ‘Groups’ tab, admins can align your third-party application groups (e.g. Slack channels) with your Rippling employee groups for automated provisioning. For instance, if an employee is hired and put within a certain department, Rippling can place the employee within their department’s Channel in Slack. Additionally, admins can manually add employees to third-party groups on a one-off basis.
Please note, in certain cases, applications enable Rippling to manage paid-licenses through the integration as well. In these cases, licenses will be managed within the Groups tab.
Additionally, in most cases, Rippling will match any Rippling employees with their pre-existing accounts within the third-party application. In cases where the accounts are not automatically matched, admins for your organization can match or adjust previous matches, so that employees are paired with the appropriate corresponding account.
The ‘Access Rules’ tab allows for time-based third-party user creation in accordance to the access rules that you’ve set up for your employees. As an admin, you can specify when and which employees third-party application access. API provisioning integrations allow for account assignments to actually correspond to the Access Rules, so that you have full control over when third-party accounts are created.