ADP – SAP Open Connectors
SAP Open Connectors provides HR, payroll, and benefits integration for ADP Workforce Now. The connector enables you to access employee data, payroll information, benefits details, and other HR-related data from ADP Workforce Now through SAP's Open Connectors platform.

Power end-to-end data operations for your ADP – SAP Open Connectors API with Nexla. Our bi-directional ADP – SAP Open Connectors connector is purpose-built for ADP – SAP Open Connectors, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to ADP – SAP Open Connectors or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your ADP – SAP Open Connectors workflows fast, secure, and fully governed.
Features
Type: API
- Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
- Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
- API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
- Request optimization with intelligent batching, retry, and caching to minimize API calls and costs
Prerequisites
Before creating an ADP Workforce Now credential, you'll need to obtain OAuth 2.0 client credentials and a PKCS12 certificate from the ADP Developer portal. The ADP Workforce Now API uses OAuth 2.0 with mutual TLS (mTLS) authentication, which requires a client certificate in PKCS12 format.
ADP Developer Portal Setup
To obtain the required credentials for ADP Workforce Now:
-
Access ADP Developer Portal: Navigate to the ADP Developer Portal and sign in to your ADP account. If you don't have an account, you'll need to register for one.
-
Create an Application: In the ADP Developer Portal, create a new application or select an existing application that will be used for API access. Applications in ADP are used to manage OAuth 2.0 credentials and API access.
-
Obtain Client Credentials: From your application settings, obtain the following:
- Client ID: The unique identifier for your application
- Client Secret: The secret key associated with your application
-
Generate or Obtain Certificate: ADP Workforce Now requires mutual TLS (mTLS) authentication using a PKCS12 (.p12) certificate file. You'll need to:
- Generate a certificate signing request (CSR) or obtain a certificate from your certificate authority
- Convert your certificate and private key to PKCS12 format if needed
- The PKCS12 file should contain both the certificate and private key
-
Convert Certificate to PKCS12 Format (if needed): If you have a certificate in PEM format (.pem) and a private key (.key), you can convert them to PKCS12 format using OpenSSL:
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.pemYou'll be prompted to enter a passphrase for the PKCS12 file. Remember this passphrase as you'll need it when creating the credential.
ADP Workforce Now uses OAuth 2.0 with mutual TLS (mTLS) for enhanced security. The PKCS12 certificate file must contain both the certificate and private key. Keep your certificate passphrase secure, as it's required for authentication. For complete information about ADP Workforce Now authentication, see the SAP Open Connectors ADP Workforce Now Documentation.
API Access Requirements
ADP Workforce Now API access requires:
- ADP Developer Account: You must have an active ADP Developer account
- OAuth 2.0 Client Credentials: Client ID and Client Secret from your application
- PKCS12 Certificate: A certificate file in PKCS12 format for mTLS authentication
- Certificate Passphrase: The passphrase used to protect the PKCS12 certificate file
The ADP Workforce Now API uses OAuth 2.0 client credentials grant flow with mutual TLS authentication. All API requests must use HTTPS and include the client certificate for authentication.
For complete information about ADP Workforce Now API authentication and getting started, see the SAP Open Connectors ADP Workforce Now Documentation.
Authenticate
Credentials required
Performs OAuth 2.0 client credentials grant with mTLS using a PKCS12 (.p12) certificate file. The P12 file can be generated from your .pem certificate and .key files using OpenSSL.
| Field | Required | Secret | Description |
|---|---|---|---|
| Client ID | Yes | No | Your application's Client ID from the ADP Developer portal. |
| Client Secret | Yes | Yes | Your application's Client Secret from the ADP Developer portal. |
| Certificate (.p12 File Content) | Yes | Yes | Paste the Base64-encoded content of your PKCS12 (.p12) certificate file. |
| Certificate Passphrase | Yes | Yes | The passphrase for your PKCS12 (.p12) certificate file. |
Create a credential in Nexla
- After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
New Credential Overlay – SAP Open Connectors

-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
-
Enter your ADP application's Client ID in the Client ID field. This is the unique identifier for your application from the ADP Developer portal.
-
Enter your ADP application's Client Secret in the Client Secret field. This is the secret key associated with your application from the ADP Developer portal.
-
Paste the Base64-encoded content of your PKCS12 (.p12) certificate file in the Certificate (.p12 File Content) field. The certificate file should contain both the certificate and private key required for mutual TLS authentication.
-
Enter the passphrase for your PKCS12 certificate file in the Certificate Passphrase field. This is the password you set when creating or exporting the PKCS12 certificate file.
The PKCS12 certificate file must be Base64-encoded before pasting into the credential field. You can encode the file using base64 command-line tools or online Base64 encoders. The certificate passphrase is required to decrypt the certificate during authentication. Keep your certificate and passphrase secure, as they provide access to your ADP Workforce Now data.
-
Click the Save button at the bottom of the overlay. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation.
Use as a data source
To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Select the SAP Open Connectors connector tile, then select the credential that will be used to connect to the SAP Open Connectors instance, and click Next; or, create a new SAP Open Connectors credential for use in this flow.
Endpoint templates
Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common ADP Workforce Now endpoints. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below.
Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.
Manual configuration
SAP Open Connectors data sources can also be manually configured to ingest data from any valid ADP Workforce Now API endpoint, including endpoints not covered by the pre-built templates, chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.
ADP Workforce Now API URLs typically follow the format: https://api.adp.com/hr/v2/workers for worker operations, or https://api.adp.com/time/v1/timeCards for time card operations. For the response data path, use $.workers[*] to extract individual worker objects from worker list responses, or $ to extract the entire object from single worker responses. The Content-Type header should be set to application/json for most ADP Workforce Now API requests; authentication headers (OAuth 2.0 access tokens) are automatically included from your credentials. For complete information about ADP Workforce Now API endpoints and response formats, see the SAP Open Connectors ADP Workforce Now Documentation.
Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and create the new SAP Open Connectors data source. Nexla will now begin ingesting data from the configured endpoint and will organize any data that it finds into one or more Nexsets.