Skip to main content
BambooHR Connection

Making the initial connection to BambooHR

Updated this week

Connecting BambooHR to Drata allows for automated checks and evidence collection to provide details on personnel hire and separation dates as well as their employment status.

Prerequisite

  • Ensure you have admin access to your company's BambooHR account. Drata offers two connection methods: OAuth tied directly to a user account or a BambooHR API Key.

  • Drata highly recommends creating a separate service account for the read-only administrator permissions needed in this connection.

For OAuth:

  • (Optional) If you prefer to connect through OAuth with a separate user account, you can create one with proper with read-only administrator permissions.

    • Have the username and password ready to log in to BambooHR when prompted.

For API Key:

  1. To generate a BambooHR API Key, you need to access the BambooHR console with administrator permissions.

  2. On the Home page, select Account and then API Keys.

  3. Select Add New Key.

  4. Enter a name for the API key in the API Key Name field and select Generate Key.

  5. Copy the API key so that you can paste it into Drata.

  6. Select Done.

Customize application permissions

BambooHR allows you to define specific admin permissions for a connection by creating a custom access level.

  1. To create a custom access level, navigate to {domain}.bamboohr.com/access_levels/custom/create to set up this access level.

  2. Configure the access level with the following settings:

    • For What this access level can do section: No items are selected. Continue on.

    • For What Can People with this Access Level See section: Select See About other Employees and All Employees.

  3. Navigate to the data table to begin selecting access level permissions for the following data:

    • Enable View Only for these fields:

      • Personal > Basic Info: Status, First Name, Last Name

      • Personal > Contact: Work Email, Home Email

      • Job: Hire Date, Original Hire Date, Employment Status, Job Information

      • Documents: Signed Documents (if you're syncing Policy info through BambooHR), Company Policies.

  4. Grant Access to Company Files containing the company policies and test you wish to sync to Drata. If view access is not given to the folders containing the policies, you will not be able to import or link them in Drata.

  5. This access level will then need to be assigned to the account making the BambooHR connection in Drata. Drata highly recommends this to be a service account, not one of your main administrator accounts.

Connect BambooHR to Drata

  1. Select Connections on the side navigation menu.

  2. Select the Available connections tab, search for BambooHR, and select Connect.

  3. The drawer provides step-by-step instructions for you to connect.

You may be able to switch between OAuth and API Key with the green button at the bottom of the connection modal.

Did this answer your question?