Ramp’s Okta API integration keeps your business secure

Ramp integrates with Okta via API to give you peace of mind that all of your employees data and IT infrastructure is secure.

This is some text inside of a div block.
No personal credit checks or guarantee ↑
Oops! Something went wrong while submitting the form.
Ramp's security integrations

Sign in securely via Okta SSO

With Ramp's Okta API integration you can easily toggle secure sign-in, install applications, and assign access to people in your organization

Ramp's security integrations
“Assigning cards with Ramp is a great feature, it keeps us from sharing card information and eliminates the security risk.”
James Cox • at United Training
How do I set up Okta on Ramp?

Okta is a 3rd party authentication service that centralizes how your employees have access to and authenticate with applications. This article outlines how to set up SAML-based Single Sign-On for Ramp using Okta as your Identity Provider. We currently support SP initiated SSO.

Important Note: Enabling Okta SSO will require all of your users to both accept invitations and sign in via Okta SSO. Users cannot sign in or accept invites via Ramp's regular login if Okta SSO is enabled.


  1. Turn on Okta on Ramp
  2. Install Ramp application on Okta
  3. Assign Ramp access to people in your organization in Okta

#1 Turn on Okta on Ramp

  1. Go to the “Settings” menu on your Ramp dashboard.
  2. Select “Company Settings” in the menu.
  3. Scroll down and select "Enable Okta Single Sign-On".
  4. Follow the instructions in the onboarding flow.
User-uploaded Image
User-uploaded Image

#2 Install Ramp application on Okta

  1. In Okta Admin, select Applications then Add Application.
  2. Search for “Ramp” and Select Add.
  3. Select the Ramp app and go to the "Sign On" tab.

  4. Right click the link for Identity Provider Metadata and select Copy Address.
  5. Paste the Identity Provider Metadata address in Okta setup on the Ramp Dashboard. (Settings → Company Settings → Enable Okta)
  6. To enable Okta Single Sign-On for everyone in your organization make sure they are all are added on the Okta Admin Dashboard
User-uploaded Image

#3 Assign Ramp access to people in your organization in Okta

Option 1: Enable Okta for everyone in your organization

  1. Make sure everyone you want is first added to Okta itself (Directory → People → Add Person)
  2. Select "Assign" and then "Assign to Groups" in dropdown.
  3. Click "Assign" on Everyone to enable Ramp for all users in your Okta org.

*This does not automatically give people access to Ramp and spend on it. Everyone still needs to be individually invited.

Option 2: Enable Okta for specific people in your organization

  1. Make sure everyone you want is first added to Okta itself.
  2. (Directory → People → Add Person)
  3. Select "Assign" and then "Assign to People" in dropdown.
  4. Click "Assign" on specific people to enable Ramp through Okta for them.

*This does not automatically give them access to Ramp and spend on it. Everyone still needs to be individually invited.

#4 Set Up a Bookmark App (optional)

You can easily set up a bookmark app which allows your users to sign in to Ramp with one click.

For this, follow these instructions to set up an Okta Bookmark App. Visit this URL on Ramp to get the bookmark URL: https://app.ramp.com/home/company-settings/okta-setup .

Okta Bookmark URL

Finally, upload the following Ramp logo to your bookmark app icon to help your users easily locate and sign in to Ramp!

Trouble signing in

  1. Your business might not have enabled Okta SSO with Ramp. Double check with an Admin to configure Okta on Ramp.
  2. Your account may not have been added on Okta. Ask an Okta Admin to enable your email address for Ramp on Okta.
  3. Are pop-ups enabled in your browser? If not, you will run into the following error message "The email address you submitted is not configured to use Okta SSO."
  4. Make sure you are signing in through Ramp.com and not through your organizations page on Okta (we do not support IdP-iniated log ins).

Disconnect Okta on Ramp

  1. Go to the “Settings” menu on your Ramp dashboard
  2. Select “Company Settings” in the menu
  3. Scroll down and select "Disconnect"

Can I sign in to Ramp by clicking on the Ramp Okta application icon?

We currently do not support IdP-initiated flows. However, you can setup a Bookmark App within Okta to 1 click login (see section above).

Otherwise, head to Ramp.com and click "Sign in with your identity provider".


Then, enter your email address and proceed with the log in process.

What security measures does Ramp take?

At Ramp, we take security and protection of your data very seriously. We achieve this goal through a multitude of approaches:

Multi Factor Authentication

Ramp leverages automated systems to proactively prevent account takeover attempts and other malicious requests. We require all accounts to opt into multi factor authentication and immediately verify suspicious activity with the business owner.

SAML SSO Account Protection

We also support SSO through your identity provider (i.e. Google or Okta idp) leveraging SAML technology.

All data is transmitted with encryption-in-transit using HTTPS or similar protocols. Furthermore, all data is securely stored with encryption-at-rest using AES-256 or higher standards. Where possible within databases, we also leverage in-field encryption to protect particularly sensitive data.


Ramp uses tokenization to protect your card and CVV numbers.

Least Privileges and Audit Logging
As standard best practice, we adhere to the notion of least privileges, whereby only a small subset of personnel have the means to view your data, and only when needed to support you. Naturally, all data access is logged and monitored for audit purposes too.

Penetration Testing
Ramp continuously undergoes automated penetration testing to check for any vulnerabilities in our infrastructure. The tests are augmented by manual "business logic assessment" reviews on a periodic cadence.

External Auditing
On an annual basis, Ramp is audited by a large external firm to ensure we continue to meet and exceed the requirements of SOC 2, a compliance standard. We ensure that all of our partners have current SOC 2 reports too.

WAF and DDoS Protection
Ramp uses an industry leading firewall provider to protect against distributed denial-of-service (DDoS) attacks and attempted intrusions into our systems. We also block certain countries and enforce rate limiting to prevent against brute-force attacks.

Trusted Third Parties
When we need to leverage third-parties to help provide service to you (i.e. with bank account linking, leveraging Finicity and Teller), we verify that they have adopted equally stringent security protocols. Our legal officer ensures we have a comprehensive contract in place and our security team further approves any engagement.

How do I log into Ramp?

Ramp has three main ways that you can authenticate:

1. Log into Ramp.com using your Google SSO company set up

2. Log into Ramp.com using your companies Okta authentication (you cannot currently log in directly from Okta, but will log in through Ramp.com utilizing Okta authentication)

3. Log in using your username and password that you created when signing up (or click "Forgot Password" if you don't remember!)

Learn more about Ramp


Ramp product datasheet

See an overview of Ramp’s unique capabilities and the customers we work with.

Right Arrow Logo

How to reduce sales T&E costs

Your sales team’s time should be spent selling, not doing low-value tasks like expense reports.

Read more
Right Arrow Logo

Your slow expense reimbursement is hurting your employees—and company

Slow repayments hurt your company more than you realize.

Read more
Right Arrow Logo

T&E benchmarks for 2022: how business travel is changing

Business travel is recovering, but it will not look the same as before.

Read more
Right Arrow Logo
Blog post

Buyer.co is joining Ramp

Welcome letter introducing the Buyer.co team to the Ramp family

Read more
Right Arrow Logo
Explore resources