Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 2

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The EmpowerID Workday SuccessFactors Connector functions as a bridge, enabling the smooth transition of user data from a Workday cloud instance to EmpowerIDis a strategic integration tool designed to seamlessly link EmpowerID's Identity Management platform with SAP SuccessFactors, a leading Human Capital Management (HCM) suite. This connector is engineered to facilitate robust and efficient synchronization of user identities, roles, and permissions between the two systems, thereby streamlining HR and IT processes within organizations. Utilizing the SCIM 2.0 protocol for provisioning and the OData protocol for data retrieval, the connector can provision EmpowerID Persons and sustain data synchronization ensures consistent and reliable synchronization of data across all connected back-end user directories.

Architecture Overview

This connector's architecture comprises two three core components: an EmpowerID microservice deployed

  1. EmpowerID Microservice: Deployed on an Azure app service

...

  1. , this microservice handles the integration logic and processes data between EmpowerID and SuccessFactors.

  2. EmpowerID Account Store: Specifically designed to store and synchronize

...

  1. SuccessFactors identity information, ensuring data consistency and integrity.

  2. OData Layer: Positioned between the Azure Tenan and SuccessFactors, the OData layer facilitates the retrieval of data from SuccessFactors, allowing for efficient querying and manipulation of HR data.

The Azure app service is engineered to function operates using a system-assigned managed identity tied to an Azure AD a Microsoft Entra ID application explicitly created for EmpowerID. This setup enables the Workday SuccessFactors microservice to securely access Azure AD-protected services securely Entra ID-prote

cted services without requiring explicit credentials for authentication. Client certificate authentication is employed to To ensure a high degree of security throughout this interaction.

...

 , client certificate authentication is employed.

image-20240724-162255.pngImage Added

Key Features and Benefits

  1. Standardized Data Retrieval:

    • OData Protocol: Utilizes OData to retrieve data from SuccessFactors, ensuring standardized querying and manipulation of HR data.

    • Efficiency: The OData protocol supports filtering, sorting, paging, and other query operations, allowing for efficient data handling.

  2. Provisioning and Synchronization:

    • SCIM 2.0 Protocol: Facilitates the provisioning of EmpowerID Persons and sustains data synchronization across connected directories.

    • Real-time Updates: Ensures that changes in SuccessFactors are promptly reflected in EmpowerID, maintaining data consistency.

  3. Secure Integration:

    • Managed Identity: Uses a system-assigned managed identity to securely access Entra ID-protected services.

    • Client Certificate Authentication: Enhances security by employing client certificate authentication for all interactions.

  4. Seamless HR and IT Processes:

    • Unified Management: Streamlines the management of user identities, roles, and permissions across HR and IT systems.

    • Improved Efficiency: Reduces manual intervention and automates synchronization tasks, leading to more efficient HR and IT operations.

Inventory Objects and their corresponding components in EmpowerID

Connects to the Human Resource service SuccessFactors OData API and retrieves Worker Employee data.

Object in WorkdaySuccessFactors

Component in EmpowerID

WorkerEmployee

Account

Attribute Mapping

The table below shows the attribute mappings of Workday SuccessFactors users to EmpowerID. Attributes marked with N/A* are supported but are not specifically mapped to corresponding EmpowerID Person Attributes. To map these attributes, the EmpowerID Schema needs to be extended. For information on extending the schema for Workday, see https://dotnetworkflow.jira.com/wiki/spaces/EIDADV23/pages/3176988713/Inventory+Workday+Custom+Attributes#Configure-EmpowerID-for-the-Workday-Custom-Attributes.

Personal Data

Workday

Workday SuccessFactors Attribute

SCIM Attribute

EmpowerID Person Attribute

First_NamepersonalInfoNav.FirstName

name.givenName

FirstNameLast_Name

personalInfoNav.LastName

name.familyName

LastName Middle_Name

personalInfoNav.MiddleName

name.middleName

MiddleName Formatted_Name

personalInfoNav.LastName , personalInfoNav.FirstName

displayName

DisplayName 

CountryOfBirth

AdditionalDataExtension.CountryOfBirth

N/A*

Citizenship

AdditionalDataExtension.Citizenship

N/A*

Email_Address

emails[?(@.type=='work')].value

Email

PhoneData.PhoneNumber.Communicationtype=FAX

phoneNumbers[?(@.type=='fax')].value

Fax

PhoneData.Phonenumber.Communicationtype=HOMEPHONE

phoneNumbers[?(@.type=='home')].value

HomeTelephone

NumberData.Phonenumber.Communicationtype=MOBILENUMBER

phoneNumbers[?(@.type=='mobile')].value

MobilePhone

PhoneData.PhoneNumber.Communicationtype=WORK

phoneNumbers[?(@.type=='work')].value

BusinessPhone

Employment Data

DateOfBirth

additionalDataExtension.DateOfBirth

DateOfBirth

personalInfoNav.Gender

additionalDataExtension.Gender

Gender

homeAddressNavDFLT.Country

addresses.country && user.Country

Country

homeAddressNavDFLT.ZipCode

address.PostalCode

ZipCode

homeAddressNavDFLT.State

address.Region && user.State

State

homeAddressNavDFLT.Address1

address.StreetAddress

StreetAddress

homeAddressNavDFLT.City

address.Locality && user.City

City

employee.PersonExternalId

user.UserName , User.Id , user.ExternalId

Username , Id , LogonName

emailNav.Primary

email.IsPrimary

Primary

emailNav.Value

email.Value

Email

PerPhone.PhoneNumber

phoneNumber.Value

HomePhone

PerPhone.Primary

phoneNumber.isPrimary

Employment Data

SuccessFactors Attribute

SCIM Attribute

EmpowerID Person Attribute

Worker_Status_Data.Active

active

Status

Worker_Status_Data.Original_Hire_Date

hireDate

OriginalHireDate

Worker_Status_Data.Hire_Date

hireDate

ExpectedHireDate

Worker_Status_Data.Termination_Date

terminationDate

TerminationDate

Worker_Status_Data.Rehire

AdditionalDataExtension.RehireFlag

If set to Y, the Person is directed through the Rehire Workflow.

Worker_Status_Data.Terminated

Terminated

If set to true this value is used to terminate the Person in EmpowerID.

Worker_Status_Data.Hire_Rescinded

HireRescinded

If set to true, accounts linked to the EmpowerID Person are disabled.

Worker_Status_Data.Leave_Status_Data

OnLeave

If set to Y, the EmpowerID Person is directed to the On Leave workflow. Accounts can be disabled as needed.

Worker_Status_Data.Secondary_Termination_Reasons_Data

TerminationReason

N/A*

Worker_Job_Data.Position_Data.Business_Title

Title

Title

Organization Data

...

Workday Attribute

...

SCIM Attribute

...

EmpowerID Person Attribute

...

Workday Attribute

...

SCIM Attribute

...

EmpowerID Person Attribute

...

Organization_Data.Organization_Name.COST_CENTER

...

Organization[?(@.organizationType=='COST_CENTER')].organizationName

...

CostCenter

...

Organization_Data.Worker_Organization_Data.Cost_Center_Reference_ID

...

['urn:ietf:params:scim:schemas:extension:AdAdditionalData:2.0:User']['WorkDayDataExtension']['departmentNumber']

...

DepartmentNumber

...

Organization_Data.Organization_Name.Division

...

Organization[?(@.organizationType=='Division')].organizationName

...

Division 

Custom Attributes

...

EmploymentNav.JobInfo.Department

enterpriseUserExtension.Department

Department

EmploymentNav.JobInfo.Division

enterpriseUserExtension.Divsion

Division

EmploymentNav.JobInfo.SeqNumber

enterpriseUserExtension.EmployeeNumber

EmployeeId

EmploymentNav.JobInfo.ManagerId

enterpriseUserExtension.Manager.Value

ManagerId

EmploymentNav.JobInfo.CompanyNav.Name_en_US

enterpriseUserExtension.Organization

EmploymentNav.JobInfo.CostCenter

enterpriseUserExtension.CostCenter

CostCenter

EmploymentNav.JobInfo.StartDate

enterpriseDataExtension.StartDate

ValidFrom

EmploymentNav.JobInfo.EndDate

enterpriseDataExtension.EndDate

ValidUntil

EmploymentNav.JobInfo.JobCode

enterpriseDataExtension.JobCode

JobCode

EmploymentNav.JobInfo.JobTitle

enterpriseDataExtension.JobTitle

JobTitle

EmploymentNav.JobInfo.CompanyNav.Name_en_US

enterpriseDataExtension.CompanyName

CompanyName

EmploymentNav.JobInfo.WorkLocation

enterpriseDataExtension.WorkLocation

OfficeLocation

EmploymentNav.JobInfo.EmployeeStatusNav.Status

enterpriseDataExtension.EmployeeStatus

EmployeeStatus

EmploymentNav.JobInfo.WorkingDaysPerWeek

enterpriseDataExtension.WorkingDaysPerWeek

CustomAttribute1

EmploymentNav.JobInfo.CostCenterNav.CostCenterDescription

enterpriseDataExtension.CostCenterDescription

CostCenterDescription

EmploymentNav.JobInfo.CompanyNav.Name_en_US

enterpriseDataExtension.CompanyDescription

CompanyDescription

EmploymentNav.JobInfo.BusinessUnit

enterpriseDataExtension.BusinessUnit

BusinessUnit

EmploymentNav.JobInfo.IsFulLTimeEmployee

enterpriseDataExtension.IsFullTimeEmployee

IsFulLTimeEmployee

EmployeeNav.IsContigentWorker

enterpriseDataExtension.IsContigentWorker

IsContigentWorker

employeeNav.LastDayWorked

enterpriseDataExtension.LastDayWorked

LastDayWorked

employmentNav.OriginalStartDate

enterpriseDataExtension.OriginalStartDate

OriginalHireDate

Macrosuite divider macro
dividerWidth100
dividerTypetext
emoji{"id":"smile","name":"Smiling Face with Open Mouth and Smiling Eyes","short_names":["smile"],"colons":":smile:","emoticons":["C:","c:",":D",":-D"],"unified":"1f604","skin":null,"native":"😄"}
isEditingIconOrEmojifalse
textColor#000000
dividerWeight3
labelPositionmiddle
textAlignmentcenter
iconColor#0052CC
iconSizemedium
fontSizemedium
textNext Steps
emojiEnabledfalse
dividerColor#DFE1E6
dividerIconbootstrap/CloudsFill

 

Connect to WorkdayInventory Workday Custom AttributesSuccessFactors

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

...