ml-connector
Microsoft Dynamics GPTipalti

Microsoft Dynamics GP and Tipalti integration

Microsoft Dynamics GP runs your financial records on-premises. Tipalti automates accounts payable and payments in the cloud. Connecting them keeps payables on the same schedule: new vendor invoices in GP move to Tipalti for payment, payment batches approved in Tipalti post back into GP as GL entries, and vendor master data stays aligned across both systems. ml-connector handles the very different authentication models (Windows domain vs Tipalti HMAC-SHA256) and moves data on a schedule you control.

How Microsoft Dynamics GP works

Microsoft Dynamics GP exposes vendors, payables invoices, purchase orders, GL accounts, and payments through REST Service Based Architecture (SBA) at https://<server>:<port>/GPService/Tenants(<TenantName>)/Companies(<CompanyName>)/<Module>/<Resource>, or through SOAP Web Services at http://<server>:<port>/Dynamics/GPService/GPService. Authentication uses Windows domain accounts (Negotiate/Kerberos or NTLM) mapped to GP users with role-based security. Because GP runs on-premises, the customer must expose the endpoint through the firewall with a valid SSL certificate. GP has no webhook system; polling only, with recommended limits of 2-5 concurrent requests and 100-200ms delays per call. Write operations work only on unposted (Work) transactions; posted records are read-only.

How Tipalti works

Tipalti exposes payees, invoices, purchase orders, payments, and GL accounts through two separate API families: SOAP/XML at https://api.tipalti.com/v14/PayeeFunctions.asmx and PayerFunctions.asmx (sandbox at https://api.sandbox.tipalti.com) with HMAC-SHA256 signature authentication (payer_name + api_key), and REST/JSON at https://triggers.approve.com with OAuth2 client credentials or static x-api-key header (sandbox at https://triggers.sandbox.approve.com). Tipalti supports a single account-wide Instant Payment Notifications (IPN) webhook endpoint configured via Tipalti Hub, with event types including payee_details_changed, payment_submitted, payment_cancelled, and completed. Events are verified via HMAC-SHA256.

What moves between them

Payables invoices flow from Microsoft Dynamics GP into Tipalti on a schedule you define, mapped to the correct Tipalti payees. Purchase orders and vendor master records sync in both directions so Tipalti approvals align with GP authorization workflows. When payment batches complete in Tipalti, ml-connector reads the payment records and posts them back into GP as GL entries in the Accounts Payable module, allocated to the GL account and cost center for each invoice. Tipalti IPN webhooks notify ml-connector when payments move through the approval and execution pipeline so the sync responds in real time where possible, falling back to polling for consistency.

How ml-connector handles it

ml-connector stores both credential sets encrypted: the Windows domain account for GP (cached after first Kerberos negotiation to reduce auth overhead) and the Tipalti payer_name with api_key for SOAP calls or OAuth2 client credentials for REST calls. Because GP runs on-premises, it accepts the customer's specific server hostname and port, and validates that the endpoint is reachable before attempting data reads. ml-connector polls GP at your defined cadence using $filter=ModifiedDate filters to retrieve only changed invoices, and presents those invoices to Tipalti via SOAP PayeeFunctions methods. When Tipalti IPN sends a webhook (payment_submitted, completed, etc.), ml-connector parses the HMAC-SHA256 signature using the shared api_key and updates the GL posting status in GP without waiting for the next polling cycle. Because GP's write operations require unposted transactions and the company database name is the SQL Server database name (not a human-readable label), ml-connector validates both before posting payment GL entries. Rate limiting is handled by respecting GP's practical SQL Server performance and Tipalti's cloud-side response codes. Every record carries a full audit trail and can be replayed if a downstream call fails.

A real-world example

A mid-sized manufacturing company runs Microsoft Dynamics GP for accounting and inventory on a Windows Server with SQL Server backend, and uses Tipalti for global supplier payments and compliance management across 15 countries. Before the integration, the AP team exported vendor invoices from GP weekly, re-entered them into Tipalti by hand, and after payment approval in Tipalti, manually posted the payment GL entries back into GP. This created a 3-to-5-day lag between invoice receipt and payment execution, and month-end reconciliation was error-prone because GP and Tipalti invoices counts drifted. With Microsoft Dynamics GP and Tipalti connected, new invoices in GP flow automatically to Tipalti, approved payments post back to GP the same day with correct GL allocations, and both systems show the same supplier and payment status. The AP team now focuses on exceptions and compliance instead of re-keying, and cash forecasting is accurate because payment GL postings reflect actual Tipalti execution.

What you can do

  • Sync vendor invoices from Microsoft Dynamics GP into Tipalti for payment processing, matching vendors to Tipalti payees.
  • Post approved payments from Tipalti back into Microsoft Dynamics GP as GL entries in the Accounts Payable module.
  • Keep vendor master records aligned across both systems so payment authorizations in GP reflect Tipalti payee status.
  • Authenticate Microsoft Dynamics GP with Windows domain credentials and Tipalti with HMAC-SHA256 or OAuth2, bridging on-premises and cloud security models.
  • Respond to Tipalti IPN webhooks for real-time payment status updates while maintaining a polling fallback for consistency.

Questions

How does ml-connector handle the different authentication models between Microsoft Dynamics GP and Tipalti?
ml-connector encrypts both credential sets separately: the Windows domain account (cached after Kerberos negotiation for performance) for GP, and Tipalti's payer_name + api_key for SOAP calls or OAuth2 client credentials for REST. The two authentication flows never cross; each system always receives the credentials it expects.
Can payments approved in Tipalti post back into Microsoft Dynamics GP as GL entries?
Yes. When a payment batch completes in Tipalti, ml-connector reads the payment records and posts them as GL Journal Entries into GP's Accounts Payable module, allocated to the correct GL account for each invoice. Because GP's write operations work only on unposted (Work) transactions, ml-connector validates the fiscal period is open and the transaction is unposted before attempting to post.
Does this integration require the customer to expose Microsoft Dynamics GP across the internet?
Yes. Because Microsoft Dynamics GP is on-premises, the customer must expose the SBA or SOAP endpoint through the firewall with a valid SSL certificate, or deploy a local bridge agent inside the network. ml-connector connects securely over HTTPS and respects the customer's network boundary.

Related integrations

More Microsoft Dynamics GP integrations

Microsoft Dynamics GP and Adobe CommerceMicrosoft Dynamics GP and ADPMicrosoft Dynamics GP and AdyenMicrosoft Dynamics GP and AirbaseMicrosoft Dynamics GP and Amazon Seller CentralMicrosoft Dynamics GP and AnaplanMicrosoft Dynamics GP and SAP AribaMicrosoft Dynamics GP and AsanaMicrosoft Dynamics GP and AvalaraMicrosoft Dynamics GP and AvidXchangeMicrosoft Dynamics GP and BambooHRMicrosoft Dynamics GP and Basware

Other systems that connect to Tipalti

Acumatica and TipaltiDATEV and TipaltiDeltek and TipaltiMicrosoft Dynamics 365 Business Central and TipaltiMicrosoft Dynamics 365 F&O and TipaltiMicrosoft Dynamics NAV and TipaltiEpicor Kinetic and TipaltiExact Online and TipaltiFreshBooks and TipaltiIFS Cloud and TipaltiInfor CloudSuite and TipaltiSage Intacct and Tipalti

Connect Microsoft Dynamics GP and Tipalti

Free to use. Add your credentials, ping your real systems, and see if we fit.

Get started