Rippling is connected once at the org level by an admin. The credential is shared across all groups that have been granted access — individual team members don't need to connect their own accounts.
Go to Rippling → IT Management → Apps → API
Generate an API key with the permissions you need
Paste it below
Ready to connect?
Go directly to the integrations page in your dashboard.
These are the data scopes On Belay can be granted for Rippling. Your org admin controls which scopes are enabled per group.
| Scope | Description | Access |
|---|---|---|
employees:read | Read employees | Read only |
departments:read | Read departments | Read only |
payroll:read | Read payroll | Read only |
devices:read | Read devices | Read only |
Double-check that you copied the full key without any leading/trailing spaces. Some platforms show a truncated preview — make sure to copy the full token. If the key was generated with restricted scopes, verify it includes the permissions listed above.
Check that your group has been granted access to this integration in On Belay → Groups → [your group] → Integrations. Also verify the specific scopes your group is permitted to use match what your query requires.
Some API keys have expiration policies. Generate a new key in Rippling and update it in On Belay → Integrations → Rippling → Update key. Consider creating a dedicated service account or machine user for On Belay so the key isn't tied to a personal account.
Still stuck? We're happy to help.
Contact support →