Overview
Connecting Vanta to Ironclad enables two key workflows:
Trust Center: Automatically approve Trust Center access requests and bypass NDA requirements for viewers whose email or domain matches a counterparty record in Ironclad.
Customer Commitments: Automatically sync your finalized contracts from Ironclad into Vanta so Vanta AI can extract and track your security, compliance, and privacy obligations.
Note: Ironclad uses OAuth to authorize Vanta. You will need appropriate permissions in Ironclad to complete the connection. |
Connecting the integration
Go to the Integrations page and search for Ironclad in the Available tab.
Click View details.
Then click Connect.
A Link Ironclad modal will appear with two permission options. Select the permissions that apply to your use case:
Permissions for Trust Center access auto-approval and NDA bypass — Grants Vanta read-only access to Ironclad. Select this if you want to use Ironclad to automate Trust Center access approvals and NDA bypass rules. This option is selected by default.
Permissions to sync contracts for commitment management — Grants Vanta the ability to manage Ironclad webhooks and read attachments. Select this if you want to sync finalized contracts from Ironclad into Vanta for Customer Commitments.
Select Connect Ironclad to authorize via OAuth.
Note: You can select one or both options depending on how you plan to use the integration. You can also reconnect later to add permissions. |
Log in using your Ironclad credentials and select Allow access.
Once the connection is confirmed, you will see a success message on the Integrations page.
Trust Center
Configure automated access approvals
Once connected, you can establish rules to automatically approve requests to access your Trust Center based on Ironclad counterparty records.
Go to Settings (via the gear icon on the top right navigation bar) > Customer trust.
Click the Trust Center tab.
Scroll to the Configure auto-approval section.
Under Automatically approve access requests, select If request meets condition.
From the dropdown, select:
Ironclad Record counterparty matches email
Ironclad Record counterparty matches email domain
Additional conditions can be added using the dropdown under "and." Supported rules consist of any boolean field found in Ironclad and the record type.
Conditions can be removed at any time by selecting Remove.
Configure NDA bypass
If you have an NDA requirement enabled for your Trust Center, viewers can bypass it if their request meets specific conditions through the Ironclad integration.
Note: Ironclad is not used as an NDA signing provider in Vanta. If you want viewers to sign an NDA, this is supported via DocuSign or Vanta's built-in click-wrap NDA. The Ironclad integration is used to bypass the NDA requirement for viewers whose email or domain already matches a counterparty record in Ironclad.
While still in the Settings > Customer trust area of the platform under the Trust Center tab, scroll to the Configure non-disclosure agreement (NDA) section.
From the If request meets condition dropdown, select:
Ironclad Record counterparty matches email
Ironclad Record counterparty matches email domain
Add any additional properties as needed.
Viewers who meet these conditions will be able to access the requested resources without signing the established NDA.
Viewing auto-approved requests
Viewers who meet the conditions of your auto-approval rules will be added to the Viewers granted access tab. To review the list of viewers, navigate to:
Customer trust (on the left-hand navigation bar) > Trust Center > Viewers granted access tab
From here, you can select the three-dot menu by each viewer in order to:
Edit access: Set an expiration date, require an NDA, change access level, or add access to additional resources
Revoke access: Remove the viewer's access to resources
Send access reminder: Remind the viewer they have access to resources in your Trust Center
Move to a different account:
If a viewer was granted access through Ironclad, the Ironclad logo will appear next to their name.
Customer Commitments
The Ironclad integration also supports Customer Commitments, which automatically syncs your finalized contracts from Ironclad into Vanta. Vanta AI then extracts and tracks the security, compliance, and privacy commitments within those contracts.
Note on large contracts: Contracts over 175 pages are processed using an older AI model, which may reduce extraction quality. To improve results, consider splitting large contracts into smaller files at natural break points (such as separating addendums or exhibits). Keep in mind that Vanta AI does not cross-reference separate documents — if one file references a definition in another, the AI will not automatically link them. There is no limit to the number of contracts that can be associated with a single customer account.
Note: Only finalized contracts are synced. Contracts in draft status are not pulled into Vanta. The sync runs automatically on an ongoing basis, so as new contracts are finalized, they automatically get synced into Vanta |
Before you connect:
Ensure you have the appropriate permissions in your Ironclad account to authorize the integration and allow contract syncing.
To enable the Ironclad connection for Customer Commitments:
Go to Customer Trust > Commitments and click the Contracts tab.
Next to the Import contracts button, click the gear icon to open the commitment settings.
Follow the prompts to connect your Ironclad account.
Note: When prompted, make sure to check the box to grant Vanta permission to sync contracts for commitment management. This permission is required for contracts to sync.
Once connected, visit Commitments settings by going to Settings > Customer trust > Commitments tab and finish configuring Ironclad sync.
For next steps, see Managing Customer Commitments.