Connect HiBob to ChatGPT: Automate HR Ops & Employee Records

If you need to connect HiBob to ChatGPT to automate employee onboarding, time off requests, or historical HR records, you need a Model Context Protocol (MCP) server. This server acts as the translation layer between ChatGPT's tool calls and HiBob's REST APIs. You can either build and maintain this infrastructure yourself, or use a managed integration platform like Truto to dynamically generate a secure, authenticated MCP server URL. If your team uses Claude, check out our guide on connecting HiBob to Claude or explore our broader architectural overview on connecting HiBob to AI Agents.

Giving a Large Language Model (LLM) read and write access to a sprawling Human Resources Information System (HRIS) ecosystem like HiBob is an engineering challenge. You have to handle OAuth 2.0 or API key token lifecycles, map massive JSON schemas to MCP tool definitions, and deal with HiBob's specific rate limits. Every time HiBob updates an endpoint or deprecates a field, you have to update your server code, redeploy, and test the integration. This guide breaks down exactly how to use Truto to generate a secure, managed MCP server for HiBob, connect it natively to ChatGPT, and execute complex workflows using natural language.

The Engineering Reality of the HiBob API

A custom MCP server is a self-hosted integration layer. While the open MCP standard provides a predictable way for models to discover tools, the reality of implementing it against HiBob's APIs - or maintaining custom connectors for 100+ other platforms - is painful. You aren't just integrating a generic database; you are integrating a highly customized HR system with specific design patterns, error formats, and quirks.

If you decide to build a custom MCP server for HiBob, you own the entire API lifecycle. Here are the specific integration challenges that break standard CRUD assumptions when working with HiBob:

Effective-Dated History Logs

HiBob does not treat employee data as a simple flat record. Changes to an employee's salary, job title, or employment status are not standard PATCH requests to a user endpoint. Instead, HiBob uses effective-dated history logs. If an LLM needs to update an employee's salary, it must call the specific payroll history endpoint and provide an effectiveDate. If your MCP server just exposes a generic "update user" tool, the LLM will fail to write data correctly and break the historical audit trail. Your server must map the LLM's intent to these specific historical table endpoints.

Custom Tables and Field Discovery

Every HiBob instance is customized. Companies define their own mandatory fields, custom categories, and custom tables (e.g., "Company Equipment" or "Work Visas"). An LLM cannot inherently know the schema of a custom table. If you build a custom MCP server, you must build multi-step reasoning tools where the LLM first queries the metadata endpoints (list_all_hi_bob_custom_tables) to discover the schema, and then dynamically formats its write payload based on the response. Truto handles this by dynamically generating tool schemas directly from the integration's documentation.

Strict Rate Limits and 429 Handling

HiBob enforces strict rate limits based on the tier and the specific endpoint being accessed. A common mistake engineers make when building custom MCP servers is expecting the server to absorb and retry 429 Too Many Requests errors automatically.

Fact: Truto does not retry, throttle, or apply backoff on rate limit errors. When HiBob returns an HTTP 429, Truto passes that error directly to the caller. What Truto does is normalize the upstream rate limit information into standardized headers (ratelimit-limit, ratelimit-remaining, ratelimit-reset) per the IETF specification. The caller - whether that is ChatGPT, an AI agent orchestrator, or your internal service - is entirely responsible for implementing the exponential backoff and retry logic based on those headers. If your LLM gets stuck in a loop scraping the employee directory, the 429 error must be handled gracefully by the client, or the LLM will hallucinate a success response.

The Managed MCP Approach

Instead of forcing your engineering team to build the translation layer from scratch, Truto dynamically derives MCP tools from the integration's resource definitions and documentation records.

When you use Truto to generate a HiBob MCP server, the tools are never cached or pre-built. They are generated dynamically on every tools/list request. The query and body schemas are automatically enhanced - for example, list methods automatically inject pagination instructions, explicitly telling the LLM to pass cursor values back unchanged.

Let's look at exactly how to deploy this.

Creating the HiBob MCP Server

You can generate an MCP server for your connected HiBob account in two ways: via the Truto dashboard or programmatically via the API.

Method 1: Via the Truto UI

1. Navigate to the Integrated Accounts page in your Truto dashboard and select your connected HiBob account.
2. Click the MCP Servers tab.
3. Click Create MCP Server.
4. Select your desired configuration (name, allowed methods, tags, and expiry).
5. Copy the generated MCP server URL (e.g., https://api.truto.one/mcp/abc123def456...).

Method 2: Via the API

The API allows you to programmatically spin up servers, which is ideal if you are provisioning AI agents for your own end-users. The API validates the configuration, generates a secure cryptographically hashed token, stores it in edge KV storage, and returns a ready-to-use URL.

curl -X POST https://api.truto.one/integrated-account/{integrated_account_id}/mcp \
  -H "Authorization: Bearer YOUR_TRUTO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "HiBob HR Agent Server",
    "config": {
      "methods": ["read", "write"],
      "tags": ["directory", "time_off"]
    },
    "expires_at": "2026-12-31T23:59:59Z"
  }'

The response will return the configuration and the secure url you will pass to ChatGPT.

Connecting the MCP Server to ChatGPT

Once you have your Truto MCP server URL, you must connect it to your LLM framework. You can do this directly in the UI or via a configuration file for headless environments.

Method A: Via the ChatGPT UI

If you are using ChatGPT Enterprise or a tier with Developer Mode enabled:

1. Open ChatGPT and go to Settings → Apps → Advanced settings.
2. Enable Developer mode.
3. Under MCP servers / Custom connectors, click Add new server.
4. Set the Name to "HiBob HR" and paste the Truto MCP URL into the Server URL field.
5. Click Save. ChatGPT will immediately execute a handshake and list the available HiBob tools.

(Note: For Claude Desktop, the flow is similar: Settings → Connectors → Add custom connector → paste the URL.)

Method B: Via Manual Config File

If you are running an AI agent orchestrator locally or via a headless setup that reads standard MCP JSON configurations, you use the Server-Sent Events (SSE) transport adapter.

{
  "mcpServers": {
    "hibob_hris": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-sse",
        "-u",
        "https://api.truto.one/mcp/YOUR_SECURE_TOKEN"
      ]
    }
  }
}

Security and Access Control

Exposing an HRIS like HiBob to an LLM requires strict boundary controls. The Truto MCP token embeds your security configuration directly into the edge router.

• Method Filtering: Restrict the LLM to specific operation types. Set methods: ["read"] to allow get and list operations while hard-blocking create, update, and delete. This is critical for read-only analytical agents.
• Tag Filtering: Group tools by functional area. Set tags: ["time_off"] to only expose leave management endpoints, preventing the agent from seeing or touching salary or performance data.
• Require API Token Auth (require_api_token_auth): For maximum security, enable this flag. The LLM client must pass a valid Truto API token in the Authorization header to connect, ensuring that possession of the URL alone is not enough to access the tools.
• Automatic Expiration (expires_at): Schedule automatic teardown of the server using a Unix timestamp. The system leverages edge KV expiration and Durable Object alarms to permanently destroy the token and flush the credentials when the time expires.

High-Leverage HiBob Tools for ChatGPT

Truto provides all the resources defined on the HiBob integration as tools. When ChatGPT asks for tools, Truto flattens the query and body parameters into a single namespace using the JSON schemas derived from the API documentation. Here are the most critical tools you should expose for HR operations.

list_all_hi_bob_people

Retrieves employee data from your HiBob account based on specified criteria. The response includes each employee's details, such as their unique identifier, contact information, and employment status.

Contextual Usage Notes: This is your primary discovery tool. Because HiBob requires an employee_id for almost all historical and update operations, the LLM will frequently use this tool first to map a human name to their internal ID.

"Pull the employee roster for the Engineering department and list their names, internal IDs, and current employment status."

update_a_hi_bob_person_by_id

Use this endpoint to update a single employee's core data in your HiBob account. It always requires an ID to update.

Contextual Usage Notes: This tool edits the static base record (like personal email or display name). Do not use this tool for title changes or salary adjustments, as those require creating entries in the effective-dated history tables.

"Update the personal contact email for employee ID 10492 to their new provided address."

list_all_hi_bob_time_off_requests

Use this endpoint to return time off information for users within a specified date range. You must provide the from and to parameters.

Contextual Usage Notes: Ideal for agents acting as automated HR assistants. The LLM can audit who is out of the office next week across specific departments.

"Check the time off requests for next week and tell me if anyone from the DevOps team will be on vacation."

create_a_hi_bob_time_off_request

Submits or creates a new time off request for an employee in your HiBob account. You must specify an employee_id.

Contextual Usage Notes: The agent needs to parse natural language dates into the strict ISO format expected by HiBob's API. Ensure the LLM first checks the employee's time off balance before submitting.

"Submit a sick leave request for employee ID 5581 for tomorrow and the day after. Format the dates correctly."

list_all_hi_bob_employment_history

List employment history for employees. Returns entries including working patterns, effectiveDate, reason, and weekly hours.

Contextual Usage Notes: Essential for compliance auditing. The LLM can reconstruct the timeline of when an employee changed departments or went from part-time to full-time.

"Pull the employment history for Sarah Jenkins (find her ID first) and outline every title change she has had since joining the company."

hi_bob_tasks_mark_task_as_complete

Mark a specific onboarding or offboarding task as complete in HiBob using the task id.

Contextual Usage Notes: Perfect for IT orchestration. If an agent automatically provisions a user in Okta, it can call this tool to check off the corresponding "Provision IT Accounts" task in HiBob.

"Mark task ID 99201 as complete, indicating that the IT equipment has been successfully returned."

For the complete inventory of HiBob tools, including equity grants, variable payments, custom tables, and payroll histories, view the HiBob integration page.

Workflows in Action

Here is how an LLM strings these individual tools together to automate complex HR workflows.

Scenario 1: Leave Management & Balance Audits

Managers often ask HR how much leave their direct reports have left, or to log unexpected sick days. ChatGPT can handle this entirely via MCP.

"Check how much sick leave balance John Doe has. If he has at least 2 days left, submit a sick leave request for him for today and tomorrow."

Execution Steps:

1. list_all_hi_bob_people: The LLM queries the directory for "John Doe" to extract his internal employee_id.
2. list_all_hi_bob_time_off_balances: The LLM calls the balance endpoint using the employee_id and filters for the "Sick Leave" policyType to verify the available days.
3. create_a_hi_bob_time_off_request: Having confirmed the balance, the LLM constructs the payload with the current dates and submits the request.

Outcome: The user receives a confirmation that John Doe has been found, his balance was sufficient, and the sick leave has been officially logged in HiBob.

sequenceDiagram
    participant User
    participant ChatGPT
    participant MCP_Server
    participant HiBob_API

    User->>ChatGPT: "Log sick leave for John Doe for today/tomorrow"
    ChatGPT->>MCP_Server: Call tool: list_all_hi_bob_people (Query: John Doe)
    MCP_Server->>HiBob_API: GET /v1/people
    HiBob_API-->>MCP_Server: Return ID 8842
    MCP_Server-->>ChatGPT: Result: ID 8842
    
    ChatGPT->>MCP_Server: Call tool: list_all_hi_bob_time_off_balances (ID 8842)
    MCP_Server->>HiBob_API: GET /v1/timeoff/employees/8842/balance
    HiBob_API-->>MCP_Server: Return Balance: 5 days
    MCP_Server-->>ChatGPT: Result: Balance 5 days

    ChatGPT->>MCP_Server: Call tool: create_a_hi_bob_time_off_request (ID 8842, Dates)
    MCP_Server->>HiBob_API: POST /v1/timeoff/employees/8842/requests
    HiBob_API-->>MCP_Server: Success 200 OK
    MCP_Server-->>ChatGPT: Result: Request Created
    ChatGPT-->>User: "Sick leave logged successfully. He has 3 days remaining."

Scenario 2: Automating IT Offboarding Checklists

When an employee leaves, IT needs to revoke access and notify HR. An IT agent can orchestrate this cross-platform.

"Initiate IT offboarding for Marcus Aurelius. Find his open tasks in HiBob, and mark the 'Revoke System Access' task as complete."

Execution Steps:

1. list_all_hi_bob_people: The LLM searches for Marcus to retrieve his employee_id.
2. get_single_hi_bob_task_by_id: The LLM fetches the open task lists associated with Marcus's employee ID, specifically looking for the offboarding workflow.
3. hi_bob_tasks_mark_task_as_complete: The LLM extracts the specific task ID for "Revoke System Access" and executes the completion tool.

Outcome: The LLM identifies the correct user, finds the active offboarding task list, and closes out the specific IT requirement, keeping the HR team informed without manual data entry.

Moving Past Manual HR Operations

Building a custom MCP server for HiBob requires navigating effective-dated tables, complex pagination schemes, and strict rate limits where the burden of retries falls entirely on your system. If you want to connect AI agents to HiBob securely and reliably, you need infrastructure that abstracts away the boilerplate while maintaining absolute control over access.

Truto's dynamically generated MCP servers give your LLMs immediate, documentation-driven access to the exact tools they need, protected by granular method and tag filters. You stop maintaining API schemas, and your AI agents start automating HR workflows on day one.