Configuring the Integration System User for Workday

The Integration System User account is responsible for making Workday API requests to deliver academic data to the LYNX database. Please refer to the Workday Documentation for more detailed information and for the security requirements necessary to complete these steps.


Part 1: Create the Integration System User (ISU)

1. Run the Create Integration System Task

Getting to the Create Integration System task in Workday.Image: Getting to the Create Integration System task in Workday. 

2. Enter a Username and Password

Entering information in the Create Integration User view.Image: Entering information in the Create Integration User view. 

Leave the Session Timeout Minutes set to zero to prevent session expiration. Enable Do Not Allow UI Sessions to prevent the ISU account from logging into the Workday UI. Special characters (such as ampersands) are allowed in the passwords.

Part 2: Create the Integration System Security Group

1. Run the Create Security Group Task

Image: Running the Create Security Group task in Workday. 

Using a Previously Created Group

If you already have a security group of type Integration System Security Group (Unconstrained) then you can skip Steps 1 and 2. Make sure you complete Step 3 to add the ISU account to the security group.

2. Name the Group and Select Type

Give your security group a name and select Integration System Security Group (Unconstrained) for the type. An unconstrained security group means that members will have access to data for all organizations.

Name the security group and select the constraint.Image: Name the security group and select the constraint. 

3. Add the Account to the New Group

Add the ISU account that you created previously as a member of the security group.

Add your account to the new security group.Image: Add your account to the new security group. 

Part 3: Apply Domain Security Policies

1. Run the Security Group Task in Workday

Run the Maintain Permissions for Security Group task for the ISU security group.

Running the security group task.Image: Running the security group task. 

2. Add Domain Security Policies

Under Integration Permissions, add the domain security policies according to the lists below.

  • Domain Security Policies permitting GET and PUT access:
    • Manage: Curriculum Management
    • Manage: Section Data
  • Domain Security Policies permitting GET access:
    • Manage: Course Sections
      • Set Up: Curriculum Management
      • Worker Data: Public Worker Reports
      • Workday Usage Metrics
      • Set Up: Academic Units
      • Set Up: Academic Appointments and Related Data
      • Set Up: Academic Calendar
      • Set Up: Organization
      • Manage: Location
      • Integration Build
    • Manage: Course Subjects
  • Domain Security Policies permitting VIEW and MODIFY access:
Why these specific policies?

The domain security policies were determined by running the View Security for Securable Item report in the Workday UI for the Web Service Operations used by LYNX. Omitting any of them will prevent the LYNX integration from functioning properly.

Part 4: Apply Business Process Security Policies

1. Run the Business Process for Functional Area Report

Run the Business Process for Functional Area report.

Image: Running the report in Workday.Image: Running the report in Workday. 

2. Select a Functional Area and Business Process

Select “Student Records” as the Functional Area and “Course Section Event” as the Business Process.

Choosing an Area and Process in Workday.Image: Choosing an Area and Process in Workday. 

3. Edit Permissions

Scroll to the very bottom of the page and Edit Permissions.

Editing permissions in Workday.Image: Editing permissions in Workday. 

4. Add the Security Group

Under Initiating Action - Submit Published Course Section (Web Service), add the security group for the ISU account.

Adding the security group in Workday.Image: Adding the security group in Workday. 

Why these specific policies?

The business process security policies were determined by running the View Security for Securable Item report in the Workday UI for the Web Service Operations used by LYNX. Omitting any of them will prevent the LYNX integration from functioning properly.

Part 5: Activate Pending Security Policy Changes

1. Activate the Pending Security Policy

Run the Activate Pending Security Policy Changes task.

Activating the task in Workday.Image: Activating the task in Workday. 

2. Enter Comments

Enter a comment to describe the changes.

Entering a comment while activating the task.Image: Entering a comment while activating the task. 

3. Confirm the Changes

Confirm the changes using the OK button.

Hit the OK button to confirm changes.Image: Hit the OK button to confirm changes.