By creating a service user in Bob, you can connect Vanta to easily import employee status information, allowing you to monitor the start & end dates of your team. Vanta only requires base-level permissions to access the data it needs, using a permission group that applies to all employees, not just active ones.
Prerequisites
- Admin permissions in Vanta
- Admin Permissions in Bob
- Permissions in Bob can be checked by navigating to your Profile and clicking on the 'Permissions' tag next to the action dropdown
- Permissions in Bob can be checked by navigating to your Profile and clicking on the 'Permissions' tag next to the action dropdown
Procedure
- In your Vanta dashboard, navigate to the Integrations page and click on the Available tab
- Search for Bob, then click Connect
Note: The connection module will appear with redirect links to the Bob dashboard, allowing you to log in - In the Bob dashboard, click on Settings from the left-hand menu, followed by Integrations
- From the Integrations page, click on Service Users
- Click on New Service User
- In the popup, enter Vanta for both the Service user name & Display name, then click next
- This will generate your API credentials
- Important: Copy both the ID and Token but do not save them in Vanta yet. There is no way to retrieve the Token again, so be sure to paste it into a notepad, where it can be deleted afterward
- Once you have copied the ID and token, click Done. Click on the Settings icon from the left menu, then Permissions Groups
- Click on Create Group
- Enter the group name as Vanta Permission Group
Under Group Members, enable Select people by Condition - Select Edit
- The condition Lifecycle status will be added by default. Hovering near the last box should give you a delete option
- Delete this condition
- Click on the Dropbox under Add Specific Employees, and search for the Vanta user previously created. Select and click apply.
- Then click the apply button again and click Create to create the group. You'll receive a prompt to confirm that you're adding one person to this group, which you can confirm.
- You should be automatically redirected to the settings for the new group. Click on the tab Peoples Data, then under the Access Rights section, click on People
- Vanta needs access to all sections that include the following fields: Termination Date, Lifecycle Status, Employee ID, First Name, Last Name, Email, Display Name, Start Date, Department, Site, and Job Title.
- Typically, enabling the following permissions will grant access to all of these fields (some of these permissions may already be enabled by default). Please see the “Troubleshooting” section below for custom “Employee Fields” configurations.
- View selected employees' About sections
- View selected employees' Basic info sections
- View selected employees' Lifecycle sections
- View selected employees' Work sections
- View selected employees' Work contact details sections
- Click Save. You will be presented with a summary of changes that you can review and cross-check that everything has been set correctly.
- Click Apply
- Navigate back to Vanta, and enter the Service ID & Token previously generated, then click store token. You should be presented with a pop-up confirming the connection with an option to configure the scope
Troubleshooting
I'm unable to connect with Bob and I've set up a custom Employee Fields category
- If you've moved a field such as Termination Date, Lifecycle Status, Employee ID, First Name, Last Name, Email, Display Name, Start Date, Department, Site, Job Title to a section that is not About, Basic Info, Lifecycle, Work, or Work contact details section, you'll need to grant the Vanta permission group access to View selected employees' [CUSTOM CATEGORY] sections for any additional sections.
Why do my Vanta users associated with Bob accounts appear inactive instead of terminated when past their end date?
- Ensure the lifecycle status filter in Access rights has been deleted for the Vanta permission group. This filter is probably set to Lifecycle Status equals Employed, so we cannot pull data for terminated employees.