Leverage this integration to unify user identities and centralize user lifecycle management in JumpCloud. Import new users from Workday into JumpCloud to save time and avoid mistakes, as well as potential security risks, related to manually creating users. Use JumpCloud SAML Single Sign On (SSO) to give your users convenient but secure access to Workday with their one user identity. <\/p>\n\n\n\n
Read this article to learn how to setup the Workday integration.<\/p>\n\n\n\n
Prerequisites<\/strong><\/p>\n\n\n\n
Considerations<\/strong><\/p>\n\n\n\n
<\/p><\/div>
If this is a Bookmark Application, enter your sign-in URL in the Bookmark URL<\/strong> field.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n
<\/p><\/div>
The SSO IdP URL<\/strong> is not editable after the application is created. You will have to delete and recreate the connector if you need to edit this field at a later time.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n
<\/p><\/div>
JumpCloud sends a value, the NameID<\/kbd>, in the SAML Assertion that Workday uses to identify which user is attempting SSO. This value must match a user’s Workday username. If your users’ Workday usernames already exist within JumpCloud (as their emails or JumpCloud usernames), you may choose which of these attributes to send as the NameID<\/kbd> for each user. If your users’ Workday usernames do not match any pre-existing attributes in JumpCloud, you will need to add a WorkdayID<\/kbd> custom attribute for every user that will be using SSO to Workday. To do so, complete the following steps for every user:<\/p>\n\n\n\n
<\/p><\/div>
The certificate.pem will download to your local Downloads<\/strong> folder.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n
Users are implicitly denied access to applications. After you connect an application to JumpCloud, you need to authorize user access to that application. You can authorize user access from the Application Configuration<\/strong> panel or from the Groups Configuration<\/strong> panel. <\/p>\n\n\n\n
To learn how to authorize user access from the Groups Configuration<\/strong> panel, see Authorize Users to an SSO Application<\/a>.<\/p>\n\n\n\n
<\/p><\/div>
This varies by SP.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n
<\/p><\/div>
Use good security practices for this user. It should only be used for the Workday <> JumpCloud integration and leverage a strong password.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n
In Workday, perform steps 1-4 for each Domain\/Permission pair in the table that follows:<\/p>\n\n\n\n