Skip to content

Workday API Key

Service Name: Workday

Service Description: Workday is a cloud-based software vendor that specializes in human capital management (HCM), financial management, and planning applications. It provides enterprise resource planning (ERP) software for managing various business operations and employee data.

Service Address: https://www.workday.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Workday tenant level through IP address safelisting.

Secret Access Scope: Grants programmatic access to Workday APIs, allowing integration with Workday services including HR data, financial information, and other business processes depending on the API key's permissions.

Secret Revokement URL: https://community.workday.com/articles/1966

Secret Example: c3d330f9-6cb0-4c94-9a13-8481cb3c8db5

Suspicious Activity Investigation Instructions:

  • Review Workday audit logs for unusual API calls or data access patterns
  • Check for unexpected integrations or data exports from your Workday tenant
  • Monitor for unusual volume of API requests or access from unusual locations
  • Review any changes to employee data, payroll information, or financial records
  • Verify if there are any unauthorized reports being generated or scheduled

Mitigation Instructions:

  • Log in to your Workday tenant as an administrator
  • Navigate to the Integration System User configuration

  • Locate and deactivate the compromised API key/integration user

  • Generate a new API key with appropriate permissions
  • Update any legitimate integrations with the new API key
  • Review and adjust API access permissions to follow the principle of least

privilege

  • Consider implementing additional IP restrictions for API access
  • Enable enhanced monitoring for API activities