Setup Overview

You will need to provide the following to Moveworks.

• Integration System User (ISU) Credentials
  • Username
  • Password
• API Client for Integrations Credentials
  • Client ID
  • Client Secret
  • API Client Refresh Token for the ISU
• Enable OAuth 2.0 Clients Enabled
  • Edit Tenant Setup
• URLs
  • The following RaaS-Enabled Report URLs
    • Cases Retrieval
    • Case Type Details
  • Token Endpoint
  • Workday REST API Endpoint
  • End User URLs
    • Workday Help - Cases Page

👉 Provide provide ALL of the above to your Moveworks Customer Success team via encrypted email.

Grant ISU Domain Security Permissions

Please create an Integration System User (ISU) and Integration System Security Group (ISSG).

How to Create an ISU with Domain Security Permissions

Create the ISU

1. Use the universal search to find the Create Integration System User (ISU) Workday Task.
   
2. Use the Create Integration System User (ISU) Workday Task to create a user following these settings. Write down the username and password that you use.
   
3. Validate that the ISU has these default permissions after creation.
   

Create an ISSG and add the ISU to it

1. Find the Create Security Group task.
   
2. Create an Integration System Security Group (Unconstrained) (ISSG). Title it "ISSG_Moveworks" for best practices.
   
3. Use the All Workday Accounts report to find the account again.
   
4. Use the action menu to select Assign Integration System Security Groups.
   
5. Add the ISU to the ISSG.
   

Add Domain Security Policies to the ISSG

1. Navigate to the ISSG using the View Security Group Report.
   
2. Use the menu item for Maintain Domain Permissions for Security Group.
   
3. Add any permissions that are needed for your Moveworks bot. You can find the full list of permissions here.
   
4. Activate your permissions with the Activate Pending Security Policy Changes task.
   

Permissions

💡

Note: The Modify and Put permissions are not necessarily required to identify users. The View and Get permissions should be enough for the use case. However, we might need to explore those permissions too if we fail to fetch users using just the View and Get permission types.

Create API Client for Integrations

Please create an API Client for Integrations and provide the following function areas (scopes). Then create a refresh token for the ISU you created earlier.

How to Create an API Client for Integrations

Create API Client

1. Search for Register API Client for Integrations.
   
2. Set the name to Moveworks and add the scopes required. You can find the full list of scopes here.
   
3. Write down your Client ID and Client Secret.
   
4. Navigate to View API Clients. Write down the Token Endpoint and Workday REST API Endpoint.
   

Provision a Refresh Token for the ISU

1. From the View API Clients view, click on the API Clients for Integrations tab. Click on the API Client you just created.
   
2. From the related actions menu, select Manage Refresh Tokens for Integrations.
   
3. Add the ISU Account you created earlier to the API Client.
   
4. Select Generate Refresh Token.
   
5. Write down your new refresh token.
   

Enable OAuth 2.0 Clients Enabled

👍

Check the box for OAuth 2.0 Clients Enabled

Access the Edit Teams Setup – Security task and select the checkbox for OAuth 2.0 Clients Enabled

📘

Follow the above step with the help of this screenshot and box in red

Scopes

Create RaaS-Enabled Reports

Create each of the following reports into your Workday instance. Transfer ownership to our ISU, then share the JSON URL with your Moveworks Customer Success team.

Case Retrieval Report

Moveworks Cases Retrieval.xlsx

How it is used

We use this report to detect when new cases are created or previously created cases are updated in your Workday instance.

Prompt Instructions

Please provide all the prompts (default and additional) as mentioned in the file above since they are crucial for the integration to function.

Case Type Details Retrieval Report

Moveworks Case Types Retrieval.xlsx

❗️

Important!

Please ensure your Workday instance has a description (Case Type Description) attached to each of your Case Types. If you don’t have a description field, please create descriptions for your Case Types.

This is important because both the title and the description of the Case Type are required by our Machine Learning models to determine the correct Case Type based on the query that the user has raised.

How it is used

We use this report to get the list of Case Type and their details from your Workday instance.

Prompt Instructions

Please provide all the prompts (default and additional) as mentioned in the file above since they are crucial for the integration to function.

How to Create & Transfer a Workday Report

Repeat the steps below for EACH report you need to create, which are the Case Retrieval Report and the Case Type Details Report.

Create the Report

1. Download the reports listed above by clicking on the files link under Case Retrieval Report and Case Type Details Retrieval Report.
2. Navigate to the Create Custom Report task.
   
3. Setup the initial report settings.
   
4. Copy over the tabs for Columns, Filter, Prompts, Advanced EXACTLY as shown in the Excel template.
   

🚧

Warning!

Make sure to copy over all tabs EXACTLY. The naming and capitalization are both important.

Authorize & share the report definition

1. Authorize the ISU you created earlier to run the report from the Share tab.
   

2. On the Advanced tab, select the enable as a web service box to enable it for API consumption

   

3. Save the report.

4. From the related actions of the custom report, select Web Service -> View URLs:

   

5. Scroll down to JSON and right click on the hyperlink to select “Copy URL”. Share this URL with your Moveworks Customer Success team.
   

   (Optional) Transfer Ownership of the Report to the ISU

   We recommend doing this so that our ISU has access to report even if a member of your Workday Reports team leaves the company.

   1. Ensure that the ISU has the domain permissions needed to access the business objects referenced & through their data sources. If you need assistance with this, we recommend getting support from your Workday security team.
   2. Transfer the ownership using related actions on the report definition.