The Rippling integration enables security and compliance teams to synchronize employee lifecycle data and device compliance information with Drata. This connection allows organizations to automatically collect evidence related to personnel onboarding, offboarding, employment status, and workstation security configuration.
Key Capabilities
Employee Lifecycle Sync: Import employee hire dates, termination dates, and employment status from Rippling
Automated Personnel Monitoring: Maintain accurate employee records for onboarding and offboarding compliance
Device Compliance Monitoring: Retrieve device configuration information when Rippling MDM is enabled
This integration supports compliance monitoring related to personnel lifecycle management and workstation security policies.
Prerequisites & Data Access
Rippling Access Requirements
You must have Admin access in your Rippling account.
Your organization must have purchased the Rippling App Management Package.
Rippling must be connected as an HRIS integration before it can be used for MDM monitoring.
Drata Role Requirements
To create or modify connections, you must have one of the following Drata roles with write access: Admin, Workspace Manager, or DevOps Engineer
Access Reviewers can view the connection page but cannot create or modify connections
Permissions & Data Table
Permission / Access | Why It’s Needed |
Employee lifecycle data | Retrieves hire date, termination date, and employment status |
Device configuration data (optional) | Allows Drata to monitor device compliance settings when MDM sync is enabled |
Step-by-Step Setup
Step 1: Connect Rippling in Drata
Log in to Drata → go to the Connections page.
Navigate to your Available Connections.
Search for and start the Rippling connection process.
Enable the desired connection type.
You will be redirected to Rippling to sign in.
Expected outcome:
The Rippling connection process is initiated.
Step 2: Configure Access Settings in Rippling
During the authorization process in Rippling, you will be prompted to configure account provisioning settings.
When asked: Who should automatically get an account with Drata when they join the company?
Select: Everyone including 1099 contractors should get an account
When asked: If an employee (or consultant) matches the access rules, when should they get access to Drata?
Select: As soon as they've signed their offer letter or agreement
Expected outcome:
Rippling is configured to automatically provision users to Drata.
Step 3: Enable Rippling MDM (Optional)
If your organization uses Rippling for device management, you can enable the Rippling MDM option during the connection process.
Important:
Rippling must already be connected as an HRIS integration.
The Use Rippling MDM option enables device compliance monitoring in Drata.
Expected outcome:
Device configuration data from Rippling can sync to Drata for monitoring tests.
Important Notes
HRIS dependency: Rippling must first be connected as an HRIS integration before enabling the MDM connection.
Device compliance limitations: Rippling does not currently provide device information related to automatic security patch configuration.
Manual evidence requirement: Evidence for automatic security patch checks must be uploaded manually.