In your Workday portal, log into the Workday tenant.
In the Search field, type Create Integration System User.
Select the Create Integration System User task.
On the Create Integration System User page, in the Account Information section, enter a user name, and enter and confirm a password.
Note: due to xml encoding, “&”, “<”, and “>” cannot be included in the password.
Note: Make sure Require New Password at Next Sign In is NOT checked.
Note: You’ll want to add this user to the list of System Users to make sure the password doesn’t expire.
Now, add this Integration System User to a Security Group:
- In the Search field, type Create Security Group.
- Select the Create Security Group task.
- Click OK.
- Within the Create Security Group page, choose “Integration System Security Group (Unconstrained)” from the “Type of Tenanted Security Group” dropdown menu
- In the Name field, enter a name.
- Click OK.
- Please input the identical name that you previously used during the ISU creation process in the first section into the “Name” field on the Edit Integration System Security Group (Unconstrained) page.
- Click OK.
- In the Search field, type Maintain Permissions for Security Group
- Please ensure that the Operation is set to “Maintain,” and confirm that the Source Security Group matches the security group assigned in Step 2.
- Add the corresponding Domain Security Policy according to your need. Please note Get Only is just to read data whereas for creating where as Get and Put is to read and create/update. You can consult with your implementation partner/administrator to configure these API permissions.
Please note: Permissions might differ from one implementation to another, so this may require working with your Workday administrator or implementation team to do so.
- In the search bar, type “Activate Pending Security Policy Changes” to view a summary of the changes in the security policy that needs to be approved.
- Add any relevant comments on the window that pops up
- Confirm the changes in order to accept the changes that are being made.
Check the Manage Authentication Policies section to ensure the ISU you created is added to a policy that can access the necessary domains. It should not be restricted to only the “SAML” Allowed Authentication Types – if this is the case, you can create a new Authentication Policy with a “User Name Password” Allowed Authentication Type. For now, let us edit the one in our case.
Editing Authentication Policies
Ensure that the Environments are configured accurately. In our case it is implementation and sales. Then, establish an Authentication Rule Name and include the Security Group within the rule.
Make sure the Allowed Authentication Types is set to specific User Name Password or set to Any
In the search bar type, Activate All Pending Authentication Policy Changes
Put a comment and proceed to the next screen, and confirm the changes. This will save the Authentication Policy that was just created.
We’ll need access to your specific Workday web services endpoint:
Search in Workday for Public Web Services.
Open Public Web Services Report.
Hover over any item, and click the three dots to open the menu.
Click Web Services > View WSDL.
Navigate to the bottom of the page that opens and you’ll find the host.
- Hostname: Enter the Web Services Endpoint you found from Step seven point 6
- Username: Input the Integration System User’s name that was created in the Step One
- Password: Input the password for the Integration System User that you created in Step One
- Tenant: Enter your Workday Tenant name
- Example: If you sign in at “https://wd5-services1.workday.com/UiPath”, enter “UiPath”.
- You have created a new connection now