C1 provides identity governance for Paycom. Integrate your Paycom instance with C1 for unified visibility and governance over user access.
C1 provides identity governance for Paycom. Integrate your Paycom
instance with C1 for unified visibility and governance over employee access.The Paycom connector is read-only: it syncs employees as identities. Paycom’s
API exposes no write endpoints for employee accounts or assignments, so the
connector does not provision access.
Employees are synced from the Paycom Employee Directory and enriched with each
employee’s master record (work email, manager, position, location, lifecycle
dates, and normalized account status).
Paycom’s API is gated. You must register your connector’s egress IP addresses
with Paycom before credentials are issued, and the endpoints this connector
uses must be enabled. Contact your Paycom Specialist or
automation@paycomonline.com to begin. Sandbox credentials are available from
the automation team.
1
Provide the connector’s WAN egress IP address(es) to your Paycom
representative for IP allow-listing. Requests from non-listed IPs are
rejected with 401 Unauthorized.
2
In Paycom, go to User Options > User Access and Security > API Setup,
edit the API user, and under Function Enablement enable the read
endpoints the connector uses: Employee Directory and Employee. (Sensitive
endpoints are not required and remain disabled.)
3
From the API Setup page, copy the SID (Client ID / username) and
generate or copy the Token (Client Secret / password). Note which
regional data center (OKC, PHX, or DFW) hosts your tenant.