Workday provides unified finance, human resources and student/faculty lifecycle management cloud applications designed for the way people work in today’s organizations.
Oloid workflow requires the following Workday credentials for Rest API integration.
1. Rest API Endpoint
2. Authorization Endpoint
3. Token Endpoint
4. Client ID
5. Client Secret
6. Refresh Token
Steps to set up API Client in Workday
Step 1 – Get Endpoints
Go to the View API Clients page.
Take note of the below endpoints
Workday REST API Endpoint
Token Endpoint
Authorization Endpoint
Step 2 – Register API Client
Go to Register API Client in your Workday instance.
Give a meaningful Client Name.
Select Authorization Code Grant for Client Grant Type.
Select Bearer for Access Token Type.
Take note of Client ID and Client Secret before clicking done.
Step 3 – Generate New Refresh Token
Go to View API Clients.
Select the API Client created in Step 2.
Go to Action > API Client > Manage Refresh Tokens for integrations.
Select Generate new refresh token and take note of it.
Steps to grant access to workday Data via Rest API Service
Step 1- Create Security Group
Access the Create Security Group task and create an Integration System Security Group.
Step 2- Grant Domain access to Security Group
To grant the security group access to the domains required by your integration, follow these steps for each domain:
Access the View Domain report and find the domain
As a related action on the domain, select Domain > Edit Security Policy Permissions
Add the Security Group that you created in the previous step to the Integration Permissions and select GET, POST, and PUT operations.
Additionally, grant GET operation for the following Domain Security Policies:
Integration Build
Integration Process
Integration Debug
Integration Event
Next, access the Activate Pending Security Policy Changes task and activate these changes.
Step 3- Create ISU Account
Access the Create Integration System User task and configure a Workday user account for the integration.
Keep the Session Timeout Minutes default value of 0 to prevent session expiration. An expired session can cause the integration to time out before it successfully completes.
Select the Do Not Allow UI Sessions checkbox if you wish to prevent the integration system user from signing in to Workday through the UI.
To avoid integration errors caused by expired passwords, Workday recommends that you prevent Workday user passwords from expiring. Access the Maintain Password Rules task and add the integration system user to the System Users exempt from password expiration field.
Step 4- Assign Security Group to ISU
Go to 'Integration System User Security Configuration' & filter for ISU user in the workday account column.
As a related action on the Workday user, select Security Profile > Assign Integration System Security Groups.
At the Integration System Security Group to Assign prompt, select the security group that you created. Access the View Integration System report and access the Connector or Studio integration.
Select Workday Account > Edit as a related action on the integration system.
On the Edit Account for Integration System task, select the ISU account that you created.
Steps to connect to the Workday WQL Service
Step 1- Enable the Workday WQL service before connecting from Oloid Workflow.
Log into your Workday instance, enter "View Domain" in the search bar, and click the View Domain link.
Enter "Workday Query Language" in Domain prompt and click OK.
Ensure that your user is included in one of the Allowed Security Group Types.