Skip to main content

About Workday Report

Iru consumes Advanced Custom Reports exposed as REST (Reports as a Service, RaaS). Authenticate with an Integration System User (ISU) via HTTP Basic (isu_username/isu_password). URLs follow https://YOUR_HOST/ccx/service/customreport2/YOUR_TENANT/YOUR_OWNER/YOUR_REPORT - production vs implementation hosts and data-center suffixes (wd5, wd12, …) must match your tenant.

How It Works

Authorization: Basic base64(isu_username:isu_password)
DetailValue
CategoryHRIS
AuthenticationBasic (ISU)
Official references: RaaS community article, Workday docs on ISU and security (see your Workday release documentation).

Prerequisites

  • Tenant admin to create an ISU, security group, and enable target reports as web services.

Connect Workday Report to Iru

Complete this tab before you connect the source in Compliance.
1

Sign in to Workday with tenant admin

Sign in to the correct Workday tenant (production vs implementation) with security rights to create Integration System Users and security groups.
2

Create an Integration System User (ISU)

Use the Create Integration System User task. Create a dedicated service account for Iru, not a human interactive user. Set Session Timeout to 0 only where policy allows, and choose a password policy compatible with automation.
3

Create or update an Integration System Security Group

Add the ISU to an Integration System Security Group that grants Get access to the domains your reports need (commonly HR and Security Configuration; adjust to your report definitions).
4

Allow User Name Password authentication

In the security group (or related authentication policy), ensure User Name Password (or WS-Security Username Token) authentication is allowed for the ISU, per Workday’s integration authentication model.
5

Activate security policy changes

Run Activate Pending Security Policy Changes (or your tenant’s equivalent) so Workday applies the new user and group memberships.
6

Open the target custom report

Locate the Advanced Custom Report (or report definition) you want Iru to consume via Reports as a Service.
7

Enable the report as a web service

Set the report type to Advanced where required, enable Enable As Web Service, and save the definition.
8

Copy the REST URL

Use ActionsWeb ServiceView URLs (wording may vary) and copy the REST endpoint URL, tenant path, and credentials details Iru’s wizard asks for.
Continue on the Iru Compliance tab.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
ISU credentials; auth policy allows password auth.
ISSG domain permissions; activate security changes.
Report not web service-enabled; ISU cannot see data domain.
Do not mix impl and prod credentials.

Sources Management

Browse and manage every Compliance source.

Getting Started With Compliance

Frameworks, actions, and Artifacts.

Iru Overview

How Endpoint, Compliance, and Identity fit together.

Artifacts Management

Upload, review, and organize evidence from sources and actions.