Skip to main content
Jaapi

Identity & SSO

Rippling + Jaapi

Connect Rippling to your Jaapi swag store with SCIM 2.0 provisioning. New hires get a store account automatically, leavers are deactivated, and unspent credit returns to the company — no manual user list.

Get a demo

Yes, Jaapi integrates with Rippling. Rippling pushes employee data to your swag store using SCIM 2.0 — the same standard identity providers like Okta and Azure AD use. New hires get a store account on day one, departing employees are deactivated automatically, and their unspent credit returns to the company. Setup is self-serve and takes a Rippling admin an afternoon.

How does the Rippling integration work?

Rippling is an identity provider: it provisions employee data outbound to downstream apps like Jaapi. You don’t pull data from Rippling — Rippling pushes it to your store the moment something changes in HR. The connection runs over SCIM 2.0, so it behaves exactly like the provisioning you may already run from Okta or Entra ID.

The data flows one direction — from Rippling into your Jaapi store — and stays in sync continuously as employees join, change roles, or leave.

What syncs from Rippling to Jaapi?

A SCIM connection keeps your store’s user list as a live mirror of the people Rippling says work at your company. Concretely, it handles the full user lifecycle:

  • Onboarding. A new hire assigned to the Jaapi app in Rippling gets a store account created automatically — no waiting on a manual invite.
  • Profile updates. Name and email changes in Rippling flow through to the store.
  • Offboarding. When someone leaves, their account is deactivated and any unspent credit is reclaimed to an admin wallet, so budget never walks out the door.
  • Rehires. If a former employee returns, their original account is reactivated with history intact.
  • Identity mapping. Rippling’s employee ID is stored as the user’s externalId, keeping records matched across both systems.

How do I set up Rippling provisioning?

Setup is self-serve and lives entirely in the Rippling admin dashboard plus your Jaapi store settings. No code, no Jaapi engineering involvement.

  1. In your Jaapi store, go to Settings and generate a SCIM API token.
  2. In Rippling, create a Custom App under Identity Management and enable User Management via SCIM (SCIM version 2.0).
  3. Set the SCIM Base URL to your store’s SCIM endpoint and the authorization method to Bearer Token, then paste in the token from step 1.
  4. Assign the employees (or groups) who should have store access. Provisioning starts immediately.

What Rippling SCIM does not carry

SCIM is an identity protocol, so it carries name, email, active status, and external ID — but not HR context like department, hire date, location, or budget tier. It also can’t tell the store how much credit an employee should receive.

If you only need “create on hire, deactivate on termination,” SCIM is the cleanest option. If you want HR data to also drive credit — monthly budgets, new-hire welcome kits, anniversary gifts — pair it with an HRIS CSV sync, which can carry any field you like. Many customers run both: SCIM for identity, CSV sync for budget logic. They don’t conflict.

Is Rippling provisioning secure?

Yes. Every request is authenticated with a Bearer token scoped to a single store, all traffic is HTTPS, and new accounts are validated against your store’s allowed email domain. Every provisioning action is written to an audit trail, and admin accounts are protected from deletion via SCIM. Jaapi is ISO 27001:2022 certified with EU-hosted data.

Custom branded tumblers

Ready to unite your global team with hassle-free swag?

Connect your worldwide employees and customers with quality branded items—made on demand and delivered locally. No warehousing headaches. No customs delay.

Get a demo