Required Permissions
This section describes the permissions required for the Workday application on the Workday managed system.
The Workday Connector supports the following operations:
-
Account Aggregation (Full and Delta)
-
Update: Email, Phone, User ID (Internally mapped to username), Custom attributes
Note
For users with minimum permissions and no access to all organizations, aggregation will not work if the Exclude Terminated Worker option is selected on the Workday
Permissions for Basic and OAuth 2.0 authentication types:
-
For Basic authentication, refer to the Basic Authentication section.
-
ForOAuth 2.0 Authentication, the following functional areas under the API client integration are required -- Staffing, System, Contact Information, Personal Data, Integration, Organization, and Roles.
The account used under the API Client to generate a refresh token must be an Integration user and must have all the permissions. For more information about API client creation and permissions, refer to steps 2 and 3 in the Configuration to Update Custom Attributes in Workday section.