
Use Rippling as the identity source of truth for OneLogin, automating SSO provisioning and deprovisioning across your entire connected application stack.
We map OneLogin's app catalog and access policies to Rippling's department, role, and location structure, so new hires are automatically entitled to the correct applications based on rules already defined in Rippling.
We configure MFA policy assignment tied to role risk level, ensuring higher-risk roles — finance, IT admin, executive — get stricter authentication requirements without manual policy management.
We test the full provisioning and deprovisioning lifecycle, confirming that offboarding an employee in Rippling correctly cascades to revoke OneLogin-managed access across every connected application.

OneLogin is common among US mid-market companies wanting a dedicated identity provider layered on top of Rippling's employee data for SSO and access governance across a broad application stack.
Canadian and cross-border operations: for Canadian employees, thePeopleStack confirms OneLogin's access policies reflect the correct Rippling work location so app entitlements match jurisdiction-specific licensing where applicable.
New hires in Rippling can trigger automatic OneLogin account creation with app access assigned based on department, role, and location, all without manual IT setup.
Yes — OneLogin's app catalog and access policies map to Rippling's department and role structure, so entitlements to specific applications follow the same rules Rippling already enforces for provisioning.
Yes — offboarding an employee in Rippling triggers immediate suspension of their OneLogin account, which cascades to revoke access across every application connected through OneLogin's SSO.
Yes — Rippling's Supergroup and role-based access rules can drive OneLogin's multi-factor authentication policy assignment, applying stricter requirements to higher-risk roles automatically.
A standard setup covering provisioning, app access policies, and MFA rules typically takes 3–4 hours.