Workday Connector

Owned by Phillip Hanegan
Feb 29, 2024
2 min read

The EmpowerID Workday Connector functions as a bridge, enabling the smooth transition of user data from a Workday cloud instance to EmpowerID. Utilizing the SCIM 2.0 protocol, the connector can provision EmpowerID Persons and sustain data synchronization across all connected back-end user directories.

This connector's architecture comprises two core components: an EmpowerID microservice deployed on an Azure app service and an EmpowerID account store specifically designed to store and synchronize Workday identity information. The Azure app service is engineered to function using a system-assigned managed identity tied to an Azure AD application explicitly created for EmpowerID. This setup enables the Workday microservice to access Azure AD-protected services securely without requiring explicit credentials for authentication. Client certificate authentication is employed to ensure a high degree of security throughout this interaction.

Workday Connector Architecture

 

Inventory Objects and their corresponding components in EmpowerID

Connects to the Human Resource service and retrieves Worker data.

Object in Workday

Component in EmpowerID

Object in Workday

Component in EmpowerID

Worker

Account

Attribute Mapping

The table below shows the attribute mappings of Workday users to EmpowerID. Attributes marked with N/A* are supported but are not specifically mapped to corresponding EmpowerID Person Attributes. To map these attributes, the EmpowerID Schema needs to be extended. For information on extending the schema for Workday, see Inventory Workday Custom Attributes | Configure EmpowerID for the Workday Custom Attributes.

Personal Data

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

First_Name

name.givenName

FirstName

Last_Name

name.familyName

LastName 

Middle_Name

name.middleName

MiddleName 

Formatted_Name

displayName

DisplayName 

CountryOfBirth

AdditionalDataExtension.CountryOfBirth

N/A*

Citizenship

AdditionalDataExtension.Citizenship

N/A*

Email_Address

emails[?(@.type=='work')].value

Email

PhoneData.PhoneNumber.Communicationtype=FAX

phoneNumbers[?(@.type=='fax')].value

Fax

PhoneData.Phonenumber.Communicationtype=HOMEPHONE

phoneNumbers[?(@.type=='home')].value

HomeTelephone

NumberData.Phonenumber.Communicationtype=MOBILENUMBER

phoneNumbers[?(@.type=='mobile')].value

MobilePhone

PhoneData.PhoneNumber.Communicationtype=WORK

phoneNumbers[?(@.type=='work')].value

BusinessPhone

Employment Data

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Worker_Status_Data.Active

active

Status

Worker_Status_Data.Original_Hire_Date

hireDate

OriginalHireDate

Worker_Status_Data.Hire_Date

hireDate

ExpectedHireDate

Worker_Status_Data.Termination_Date

terminationDate

TerminationDate

Worker_Status_Data.Rehire

AdditionalDataExtension.RehireFlag

If set to Y, the Person is directed through the Rehire Workflow.

Worker_Status_Data.Terminated

Terminated

If set to true this value is used to terminate the Person in EmpowerID.

Worker_Status_Data.Hire_Rescinded

HireRescinded

If set to true, accounts linked to the EmpowerID Person are disabled.

Worker_Status_Data.Leave_Status_Data

OnLeave

If set to Y, the EmpowerID Person is directed to the On Leave workflow. Accounts can be disabled as needed.

Worker_Status_Data.Secondary_Termination_Reasons_Data

TerminationReason

N/A*

Worker_Job_Data.Position_Data.Business_Title

Title

Title

Organization Data

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Workday Attribute

SCIM Attribute

EmpowerID Person Attribute

Organization_Data.Organization_Name.COST_CENTER

Organization[?(@.organizationType=='COST_CENTER')].organizationName

CostCenter

Organization_Data.Worker_Organization_Data.Cost_Center_Reference_ID

['urn:ietf:params:scim:schemas:extension:AdAdditionalData:2.0:User']['WorkDayDataExtension']['departmentNumber']

DepartmentNumber

Organization_Data.Organization_Name.Division

Organization[?(@.organizationType=='Division')].organizationName

Division 

Custom Attributes

Additionally, the EmpowerID Workday connector supports inventorying custom attributes from Workday. After creating a Workday account store in EmpowerID, you can enable this functionality by following the procedure outlined in the Inventory Workday Custom Attributes article.

 

 

Connect to Workday

Inventory Workday Custom Attributes