Rippling

Overview

Rippling's Single Sign-On (SSO) solution is designed to automatically adjust user access permissions in direct response to changes in employee attributes such as salary, job role, department, or employment status. This dynamic access control is a foundational feature of Rippling's unified platform, which integrates Human Resource Information System (HRIS) data with its Identity and Access Management (IAM) capabilities. By tying permissions directly to an employee's live HR data, the system automates access changes that would otherwise require manual intervention from IT administrators, thereby reducing the risk of security gaps like 'access creep' where former employees or individuals who changed roles retain unnecessary permissions.

Key Features

The technical mechanism that powers this automation is an Attribute-Based Access Control (ABAC) model, which is implemented through a feature Rippling calls 'Supergroups.' Unlike traditional role-based access control (RBAC) where permissions are assigned to static roles, Supergroups are dynamic groups whose membership is determined by a set of logical rules based on real-time employee attributes.

Technical Specifications

Rippling's HRIS serves as the primary source of truth for these attributes, but the system can also integrate with over 70 external HRIS platforms, such as Workday, BambooHR, and ADP, to pull the necessary employee data. The provisioning and de-provisioning of access to downstream applications are handled through standard protocols like SAML 2.0 for SSO and SCIM for user lifecycle management, with Rippling supporting over 800 pre-built application integrations.

How It Works

For example, an administrator can create a Supergroup for 'Senior Engineering Managers' with rules that include 'Department equals Engineering,' 'Job Title contains Manager,' and 'Compensation is greater than $200,000.' If an employee is promoted and their salary and title are updated in the HRIS, they are automatically added to this Supergroup and instantly inherit all the associated application permissions. Conversely, if an employee transfers to another department, they are automatically removed from their old department's Supergroups and lose the corresponding access. This ensures that access is always a direct function of an employee's current, verified status within the company.

Use Cases

Limitations and Requirements

For implementation, administrators must configure the access policies and Supergroup rules in advance. The system enforces these predefined rules; it does not make access decisions independently. The propagation of these changes is described as 'instantaneous,' as Supergroup membership updates in real-time with HR data changes, and SCIM or API calls are triggered automatically to update downstream applications.

Comparison to Alternatives

This approach differs significantly from standalone SSO providers like Okta or Azure AD. While those systems are powerful, they typically require separate connectors, custom scripts, or third-party middleware to synchronize with an HR system. This can introduce latency and complexity, and the management of group memberships often remains a manual or semi-automated task within the identity provider itself. Rippling's model, by contrast, eliminates this intermediate layer, allowing HR or Operations staff to effectively manage access control through a more intuitive, rule-based interface without deep technical expertise.

Summary

In conclusion, Rippling's SSO product provides dynamic and automated access management that directly references live HR data, including sensitive attributes like salary and role. By utilizing an ABAC model with its 'Supergroups' feature, the platform ensures that application permissions are always aligned with an employee's current status, significantly enhancing security and operational efficiency. This integrated approach reduces the administrative burden and potential for human error associated with traditional, siloed identity management solutions, although it requires careful upfront configuration of the access policies and rules.