Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Response
200 - application/xml
OK
SAML Metadata returned in XML
A. Companies
E. Current User
J. Leaves
G. SAML
H. ATS
I. Application Management
GET SAML Metadata
Copy
curl --request GET \
--url https://api.rippling.com/platform/api/saml/idp_metadata \
--header 'Authorization: Bearer <token>'Copy
"<?xml version='1.0' encoding='UTF-8'?>\n<ns0:EntityDescriptor xmlns:ns0=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ns1=\"urn:oasis:names:tc:SAML:metadata:algsupport\" xmlns:ns2=\"http://www.w3.org/2000/09/xmldsig#\" entityID=\"https://www.rippling.com/5f381c24d22e3e099d41c727/idp.xml\" validUntil=\"2030-06-26T03:30:26Z\"><ns0:Extensions><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#md5\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#ripemd160\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#sha224\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#sha384\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha512\" /><ns1:SigningMethod Algorithm=\"http,//www.w3.org/2000/09/xmldsig#dsa-sha1\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-md5\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha224\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha384\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha512\" /></ns0:Extensions><ns0:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><ns0:KeyDescriptor use=\"signing\"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIICZDCCAc0CBAE+aoEwDQYJKoZIhvcNAQELBQAweDELMAkGA1UEBhMCVVMxCzAJ\nBgNVBAgMAkNBMQswCQYDVQQHDAJTRjERMA8GA1UECgwIUmlwcGxpbmcxITAfBgNV\nBAsMGEFhbWlyIFByb2QgW1Rlc3RdIFBvcnRhbDEZMBcGA1UEAwwQd3d3LnJpcHBs\naW5nLmNvbTAgFw0yMDA4MTcwMzMwMjRaGA8yMTIwMDcyNDAzMzAyNFoweDELMAkG\nA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjERMA8GA1UECgwIUmlw\ncGxpbmcxITAfBgNVBAsMGEFhbWlyIFByb2QgW1Rlc3RdIFBvcnRhbDEZMBcGA1UE\nAwwQd3d3LnJpcHBsaW5nLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\nyNF48+Of3Lc4VsgcDi+trDYsC4zerzzbNtD7OaZibdUuTY77p2NILW2QW2A5Q2Nf\neCahkWk3egyY0wm7eiczclzrM676uTpPyG/g7nJMfmdEFQf7uxh/OVMbXyD6e8No\n9ck8k1Antz28At761xmnXyl+mMcUDy6lTGFkK8/gnTUCAwEAATANBgkqhkiG9w0B\nAQsFAAOBgQAbO8K/SSkeMD9cPv6d2VWdF2TjuhVNgfiB74qnOc8NZ8OwfY7brd0+\nKFJAJ1nwXlBZuJ8OG0KnTranRWHMXTTckFUd4othNARFolC2m4OAmi7IrobMbtlH\nhDbqT2JWPqdOTv1GE72xQe0deh3WzFLp6saxqE5Xg9sVZ9KJACa2rA==\n</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://www.rippling.com/api/platform/sso/sp-initiated/5f381c24d22e3e099d41c727\" /><ns0:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://www.rippling.com/api/platform/sso/sp-initiated/5f381c24d22e3e099d41c727\" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang=\"en\">Rippling</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang=\"en\">Rippling</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang=\"en\">https: //www.rippling.com</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType=\"support\"><ns0:GivenName>Support</ns0:GivenName><ns0:EmailAddress>support@rippling.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>"G. SAML
GET SAML Metadata
Returns a SAML IDP metadata file for the current app integration. Note that this endpoint is only accessible using a token associated with an app integration that has SAML enabled; otherwise it returns a 404 error.
Rippling’s SAML Metadata is per customer app installation. It is not the same across all customers. It is not the same if the customer uninstalls and reinstalls your app. Any time a new app is installed, unique SAML Metadata will be generated specific to that app.
GET
/
platform
/
api
/
saml
/
idp_metadata
GET SAML Metadata
Copy
curl --request GET \
--url https://api.rippling.com/platform/api/saml/idp_metadata \
--header 'Authorization: Bearer <token>'Copy
"<?xml version='1.0' encoding='UTF-8'?>\n<ns0:EntityDescriptor xmlns:ns0=\"urn:oasis:names:tc:SAML:2.0:metadata\" xmlns:ns1=\"urn:oasis:names:tc:SAML:metadata:algsupport\" xmlns:ns2=\"http://www.w3.org/2000/09/xmldsig#\" entityID=\"https://www.rippling.com/5f381c24d22e3e099d41c727/idp.xml\" validUntil=\"2030-06-26T03:30:26Z\"><ns0:Extensions><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#md5\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#ripemd160\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#sha224\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#sha384\" /><ns1:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha512\" /><ns1:SigningMethod Algorithm=\"http,//www.w3.org/2000/09/xmldsig#dsa-sha1\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-md5\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha224\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha384\" /><ns1:SigningMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha512\" /></ns0:Extensions><ns0:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><ns0:KeyDescriptor use=\"signing\"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIICZDCCAc0CBAE+aoEwDQYJKoZIhvcNAQELBQAweDELMAkGA1UEBhMCVVMxCzAJ\nBgNVBAgMAkNBMQswCQYDVQQHDAJTRjERMA8GA1UECgwIUmlwcGxpbmcxITAfBgNV\nBAsMGEFhbWlyIFByb2QgW1Rlc3RdIFBvcnRhbDEZMBcGA1UEAwwQd3d3LnJpcHBs\naW5nLmNvbTAgFw0yMDA4MTcwMzMwMjRaGA8yMTIwMDcyNDAzMzAyNFoweDELMAkG\nA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQswCQYDVQQHDAJTRjERMA8GA1UECgwIUmlw\ncGxpbmcxITAfBgNVBAsMGEFhbWlyIFByb2QgW1Rlc3RdIFBvcnRhbDEZMBcGA1UE\nAwwQd3d3LnJpcHBsaW5nLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\nyNF48+Of3Lc4VsgcDi+trDYsC4zerzzbNtD7OaZibdUuTY77p2NILW2QW2A5Q2Nf\neCahkWk3egyY0wm7eiczclzrM676uTpPyG/g7nJMfmdEFQf7uxh/OVMbXyD6e8No\n9ck8k1Antz28At761xmnXyl+mMcUDy6lTGFkK8/gnTUCAwEAATANBgkqhkiG9w0B\nAQsFAAOBgQAbO8K/SSkeMD9cPv6d2VWdF2TjuhVNgfiB74qnOc8NZ8OwfY7brd0+\nKFJAJ1nwXlBZuJ8OG0KnTranRWHMXTTckFUd4othNARFolC2m4OAmi7IrobMbtlH\nhDbqT2JWPqdOTv1GE72xQe0deh3WzFLp6saxqE5Xg9sVZ9KJACa2rA==\n</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://www.rippling.com/api/platform/sso/sp-initiated/5f381c24d22e3e099d41c727\" /><ns0:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://www.rippling.com/api/platform/sso/sp-initiated/5f381c24d22e3e099d41c727\" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang=\"en\">Rippling</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang=\"en\">Rippling</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang=\"en\">https: //www.rippling.com</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType=\"support\"><ns0:GivenName>Support</ns0:GivenName><ns0:EmailAddress>support@rippling.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>"⌘I