ADP Integration setup is a little technical and time consuming. However, this guide will cover everything step by step to enable you to generate credentials to setup ADP integration with Allvoices.
Baseline Fields that will be Synced:
- Baseline fields are the standard fields across all HRIS integrations. This helps with demographic charts, exit surveys, and pushing data back accurately.
- exception: any field with
payorsalaryinfo will NOT be pulled in and is excluded.
Field |
Value Type |
|---|---|
| id | string |
| firstName | string - Required |
| lastName | string |
| string - Required | |
| displayName | string |
| employeeNumber | string (optional) |
| title | string |
| department.id | string |
| department.name | string |
| employmentType | 'FULL_TIME' |
| employmentStatus | 'ACTIVE' |
| startDate | string (ISO date) |
| terminationDate | string (ISO date, optional) |
| manager.id | string (optional) |
| manager.firstName | string (optional) |
| manager.lastName | string (optional) |
| manager.email | string (optional) |
| workLocation.name | string |
| workLocation.type | 'OFFICE' |
| workLocation.primaryAddress.street | string (optional) |
| workLocation.primaryAddress.city | string (optional) |
| workLocation.primaryAddress.state | string (optional) |
| workLocation.primaryAddress.country | string (optional) |
| workLocation.primaryAddress.postalCode | string (optional) |
| workLocation.primaryAddress.type | 'WORK' |
| addresses[].street | string |
| addresses[].city | string |
| addresses[].state | string |
| addresses[].country | string |
| addresses[].postalCode | string |
| addresses[].type | 'HOME' |
| phones[].type | 'WORK' |
| phones[].number | string |
| emails[].type | 'WORK' |
| emails[].address | string |
| createdAt | string |
| updatedAt | string |
ADP Specific fields that will be pulled:
ADP Specific Field |
|---|
| associateOID |
| genderCode |
| birthDate |
| terminationDate |
| nickName |
| photoUrl |
| jobCode |
| positionId |
| terminationReason |
| managementPositionIndicator |
| voluntaryIndicator |
| hireDate |
| actualStartDate |
| preferredGenderPronounCode |
| preferredName |
| birthName |
Overview to setup
To authenticate with ADP, you need:
- Client ID - A unique identifier for your client.
- Client Secret - A confidential key used to authenticate the identity of the application (client).
- Client Public Certificate - The public certificate (in PEM format) used for Mutual TLS (mTLS) authentication.
- Client Private Key - The private key (in PEM format) associated with the client certificate, used for establishing a secure TLS connection.
This guide will walk you through obtaining these credentials within ADP.
Prerequisites:
- You must have an account with ADP.
Instructions:
Step 1: Finding Your Client Credentials
- Log in to your ADP Developer account.
- Navigate to the Apps section of the Developer Portal.
- Click on the Register App button.
- Fill in the required information for your app.
- Agree to the ADP Developer Terms of Service and Privacy Policy.
- Click the Submit button to complete the app registration process.
- Once you are done with the registration process, you can obtain your credentials by navigating to the Apps section of the Developer Portal.
- Click on the name of the app you just registered above.
- Click on the Credentials tab to view your app’s
Client IDandClient Secret.
Step 2: Generating the Private Key and Certificate Signing Request
- To authenticate with ADP APIs using Mutual TLS (mTLS), you’ll need to generate a private key and a Certificate Signing Request (CSR). This allows ADP to issue a signed certificate used for secure communication.
Follow the steps below to complete this process:
Part 01: Install OpenSSL
- Windows: Download and install OpenSSL Light from **http://slproweb.com/products/Win32OpenSSL.html**
- Mac: OpenSSL is already included on macOS. You can skip to Part 3 and use Terminal.
Part 02: Open a Command Prompt and Navigate to OpenSSL
- Open
cmd.exeand navigate to the OpenSSL binary directory:
# For 32-bit version cd "C:\\Program Files (x86)\\OpenSSL-Win32\\bin" # For 64-bit version cd "C:\\Program Files\\OpenSSL-Win64\\bin"
Part 03: Generate the Private Key
- Run the following command to generate a 2048-bit RSA private key:
openssl genrsa -out companyname_auth.key 2048
This creates a file named companyname_auth.key, your private key. Keep it safe and do not share this file.
Part 04: Generate the Certificate Signing Request (CSR)
- Using the private key, generate the CSR by running the following command:
openssl req -new -key companyname_auth.key -out companyname_auth.csr
When prompted:
- Leave the Country, State, Locality, and Challenge Password fields blank
- Use the correct Organization Name that matches your ADP registration
- Set the Common Name as your company name followed by
MutualSSL(e.g.,ExampleCorpMutualSSL) - Avoid using special characters in any of the fields
This generates companyname_auth.csr , which you’ll submit to ADP.
Part 05: Next you will need to submit the CSR to ADP. Open the ADP Certificate Signing Tool (no login required but email input is needed. Authenticated email will be received from ADP afterwards)
Part 06: Select “Authentication and Transaction Signing” for the certificate type
Part 07: Paste the full contents of your .csr file, including the header and footer:
Part 08: Provide your:
- Technical contact’s email address, name, and a group email (for renewal notifications)
- Company name
-
ADP client ID*(If you’re using ADP Workforce Now, your client ID is the portion after the
@in your ADP login.)*
Part 09: Receive and Save the Signed Certificate.
Once approved, ADP will return a signed certificate. Save it as:companyname_auth.pem
Place this file in the same directory where you created the .key and .csr in Part 03 and Part 04.
Step 3: Enter credentials in the Connect UI
Once you have your Client ID, Client Secret, Client Public Certificate and Client Private Key:
- Open the form where you need to authenticate with ADP.
- Enter your credentials in their respective fields.
- Submit the form, and you should be successfully authenticated.
You are now connected to ADP.