Use a custom OAuth app to authenticate Workday users within the 本製品. See OAuth 認証の使用 for more information.
Create an OAuth App
Follow the procedure below to create an OAuth app within Workday:
- Login to the Workday account. This redirects to the user home page, which has a search box at the top.
- Search for Register API Client. This takes the user to a form.
- Enter a name for the app in Client Name.
- Choose Authorization Code Grant for the grant type.
- Choose Bearer as the access token type.
- Choose a Redirection URI. The exact URI depends on how the user intends to use the app. See the next section for more details.
- In the Scope section, enable the Custom Objects > System scope. The 本製品 uses system endpoints to list views and columns.
- If you want the 本製品 to access Reports as a Service, enable the Workday REST API > Tenant Non-Configurable scope. The 本製品 uses this permission to execute reports.
- Add any additional desired scopes for the 本製品 to have acecss to. If there is any uncertainty regarding which scopes to include, all the scopes under each subsection can be enabled.
- Check the Include Workday Owned Scope box.
- Click OK.
Once the app is created, Workday loads the View API Client page with all the information for the new app. Make sure to save the Client ID and Client Secret so they can be used with the OAuthClientId and OAuthClientSecret connection options.
Choosing a Redirect URI
There are several different use scenarios which all require different redirect URIs. Workday only allows registering a single redirect URI with each app, so it is necessary to create a new app for each of these purposes:
- CData Desktop Applications CData desktop applications (Sync, API Server, ArcESB) accept OAuth tokens at /src/oauthCallback.rst. The host and port is the same as the default port used by the application. For example, if you use https://localhost:8019/ to access CData Sync then the redirect URI will be https://localhost:8019/src/oauthCallback.rst. The application must be configured for HTTPS as Workday requires it for all redirect URIs.
- CData Cloud Applications CData cloud applications are similar to their desktop counterparts. If you access Connect Cloud at https://184.108.40.206/ then you should use the redirect https://220.127.116.11/src/oauthCallback.rst.
- Desktop Application When using a desktop application, the URI https://localhost:33333 is recommended. The 本製品 uses this as the redirect URI automatically if no CallbackURL is provided.
- Web Application When developing a web application using the 本製品, use your own URI here such as https://my-website.com/oauth. Workday will provide this URL with verifier tokens when users login. Refer to カスタムクレデンシャル for details on how to exchange this verifier for an acecss token.