Workday Financial Management Setup Guide Private Previewlink
Follow our setup guide to connect Workday Financial Management to Fivetran.
Prerequisiteslink
To connect Workday Financial Management to Fivetran, you need a Workday Integration System User account that has read permissions for financials domain objects in Workday.
NOTE: We have added support for authentication using OAuth. To configure a Workday Financial Management connector, you can use a Workday user or a Workday integration system user. We recommend that you use a Workday ISU.
Setup instructionslink
Create integration system user link
- Log in to your Workday application using an Administrator account.
- In the application's search box, search for 'create user' and then select Create Integration System User.
- Enter a User Name and Password.
- Leave the Require New Password at Next Sign In checkbox clear.
- (Only for Basic authentication mode) Select the Do Not Allow UI Sessions checkbox.
NOTE: If you opt for authentication using OAuth, be sure not to select the Do Not Allow UI Sessions checkbox. OAuth requires UI sessions.
- Click OK and then click Done.
Create integration security group link
- In the search box, search for 'create security group' and then select Create Security Group.
- In the Type of Tenanted Security Group drop-down menu, select Integration System Security Group (Unconstrained).
- Enter a Security Group Name and click OK.
- In the Edit Integration System Security Group (Unconstrained) window, add the integration system user you created in Step 1 to this security group.
- Click OK.
Add domain security policies link
In the search box, search for 'security group membership and access' and then select the report link.
Select the security group you created in Step 2 and click OK.
Click the ... symbol next to the security group name.
Select Security Group > Maintain Domain Permissions for Security Group.
In the Integration Permissions section, in the Domain Security Policies permitting Get access field, add all the relevant domains.
TIP: You will see an alert. You must activate the security policy changes.
Click OK and then click Done.
Activate security policy changeslink
- In the search box, search for 'Activate Pending Security Policy Changes'.
- Select Activate Pending Security Policy Changes.
- In the comment box, enter 'I approve the changes' and click OK.
- Select the Confirm checkbox and click OK.
Create custom OAuth client applink
IMPORTANT: Perform this step only if you want to authenticate your account using OAuth. Skip to the next step if you want to use Basic authentication to sync your data.
- In the search box, search for Register API client.
- In the Client Name field, enter your custom app name.
- In the Client Grant Type field, select Authorization Code Grant.
- Select the Enforce 60 Minute Access Token Expiry checkbox.
- In the Access Token Type field, select Bearer.
- In the Redirection URI, enter
https://fivetran.com/integrations/workday_financial_management/oauth2/return
. - In the Refresh Token Timeout (in days) field, enter a timeout period for your refresh token.
NOTE: By default, the value is set to 30 days. You can enter the timeout period value between 1 and 365 days.
- In the Scope (Functional Areas) drop-down menu, select the scopes you need access to.
NOTE: Be sure not to select the Support Proof Key for Code Exchange (PKCE), Grant Administrative Consent, Include Workday Owned Scope, and Locked Out due to Excessive Failed Signon Attempts checkboxes.
- Click OK.
- Make a note of the Client ID, Client Secret, and Authorization Endpoint. You will need them to configure Fivetran.
Finish Fivetran configuration link
In the connector setup form, enter the Destination schema name of your choice.
Select the authentication mode: Basic or OAuth.
(Optional): If you choose Basic, do the following:
- Enter your Workday Username.
- Enter your Workday Tenant. You can find the tenant in your Workday Web Services URL:
https://<Workday-host-name>/ccx/service/<Workday-Tenant>/...
. - Enter your Workday Password.
- Enter your Workday Hostname. You can find the Workday Hostname in your Workday Web Services URL, in the following format:
https://<Workday-host-name>/ccx/service/...
.
(Optional): If you choose OAuth, do the following:
- Enter your Workday Tenant. You can find the tenant in your Workday Web Services URL:
https://<Workday-host-name>/ccx/service/<Workday-Tenant>/...
. - Enter the Client ID you found in Step 5.
- Enter the Client Secret you found in Step 5.
- Enter your Workday Hostname. You can find the Workday Hostname in your Workday Web Services URL, in the following format:
https://<Workday-host-name>/ccx/service/...
. - In the Authorization URL field, enter the authorization endpoint that you found in Step 5.
- Click Authorize to allow Fivetran to access your Workday Financial Management account using OAuth. You will be redirected to your Workday Financial Management account to authorize Fivetran's access.
- Log in to your Workday Financial Management account. Once you have finished, you will be redirected back to Fivetran.
- Enter your Workday Tenant. You can find the tenant in your Workday Web Services URL:
Click Save & Test. Fivetran will take it from here and sync your Workday Financial Management data.
Related articleslink
description Connector Overview
account_tree Schema Information
settings API Connector Configuration