Configuration Parameters

Authentication types supported by the managed system:

• Basic Authentication

• OAuth 2.0

Authorization grant to be used to obtain an access token:

• Refresh Token

This is valid URL to connect to the Human Resource module of workday.

URL format: https://wd2-impl-services1.workday.com/ccx/service/tenant1/Human_Resources where tenant1 is the Workday tenant name.

Note
The Workday connector only supports the Human Resource module of Workday.

The name of the administrative user.

The Username must always be in the following format: username@tenantname

The password of the administrative user.

The number of accounts to be fetched per page (Limit 1 to 999).

Enter the time zone of your primary HR business operations. For example, ACT, EST, CST.

Set this parameter to customize aggregation and fetch data based on the Time Zone configured. By default, the value is UTC. SailPoint recommends the use of the Effective Time Zone parameter during aggregation.

For example, if the Workday server is in the PST time zone you will enter PST in this field.

The following are examples of supported valid timezones for Effective Time Zone:

• America/New_York

• America/Los_Angeles

• America/Chicago

• PST

• HST

• Asia/Dubai

• CET

• GMT

• ACT

• Australia/Melbourne

Provide the timeout value in minutes. The default value is 1 minute.

Retain information for canceled future hires to support leaver workflows.

For more information, refer to Aggregation of Rescinded Future Hire Records

Retain information for the rescinded past hires to support leaver workflows.

For more information, refer to Aggregation of Rescinded Past Hire Records

Specify the number of days in the past to aggregate rescinded hires. To fetch rescinded past hire data for a worker, their hire date must be in the Past Rescinded Offset range.

The REST API Endpoint of the Workday server.

For example, https://WORKDAY_HOST/ccx/api/v1/TENANT_NAME

The Workday token API endpoint.

For example, https://WORKDAY_HOST/ccx/oauth2/TENANT_NAME/token

The Workday API client ID.

The Workday API client secret.

The Workday API refresh token.

Note
Ensure that the token never expires.

The user connected to the integration security group who will have permission to update the Workday account.

The password of the provisioning administrator.

Enter the number of days in advance to aggregate future hires and terminates. For example, enter 14 to aggregate the Workday worker 14 days in advance of their joining date.

Note
SailPoint recommends that the end user perform a full aggregation if the Effective Date Offset is changed. For more information, refer to Future Dated Workers.

Provide comma separated values of organization reference IDs to aggregate workers from required organizations.

The Organizations Reference IDs can be found as follows:

1. Search for the required organization.
2. Hover over the action and then select Integration ID.
3. Select View IDs and note down the ID mentioned in front of the organization type.

Provide the system ID of the integration system to fetch custom or calculated attributes.

Provide the integration field override service name.

Provide comma separated fields of the integration service to aggregate workers based on mentioned filter conditions.

The offset value, in days, which indicates the number of past days to aggregate terminated workers. The default is 60 days.

If selected, terminated or disabled accounts will not be aggregated.

Note
(Applicable only for full aggregation) If the Don't Allow Terminated Accounts parameter is selected, the account aggregation in Workday will aggregate the user using the organization of the cost center. Initially, it will fetch the cost centers and then fetch Workday accounts from each organization in chunks.

Retain information for canceled future hires to support leaver workflows.

For more information, refer to Aggregation of Rescinded Future Hire Records

Retain information for the rescinded past hires to support leaver workflows.

For more information, refer to Aggregation of Rescinded Past Hire Records

Specify the number of days in the past to aggregate rescinded hires. To fetch rescinded past hires data for a worker, their hire date must be in the past rescinded offset range.

Enables the REST API configuration (REST API credentials will be used to update custom attributes).

The REST API Endpoint of Workday server.

For example, https://WORKDAY_HOST/ccx/api/v1/TENANT_NAME

The Workday token API endpoint.

For example, https://WORKDAY_HOST/ccx/oauth2/TENANT_NAME/token

The Workday API client ID.

The Workday API client secret.

The Workday API refresh token.

Note
Ensure that the token never expires.