I'm a newbie to workday soap api and I'm trying to figure out how to send a soap request to authenticate using SOAPUI. Any suggestions, would be greatly appreciated.
Workday SOAP API : How to authenticate
44.1k views Asked by Lahiru Rajeew Ananda At
5
There are 5 answers
0
On
Not sure what exactly you are referring to. You authenticate implicitly - there is no separate request. The Workday API documentation is published here. You should read it. When you import the WSDL, for example in a .Net solution, it will give you access to various API classes.
For example, to connect to the Compensation API from an SSIS script task I use the following:
// Instantiate and configure compensation client
CompensationPortClient compClient = // I use custom binding - gives me more control
new CompensationPortClient(CompensationObjectFactory.getWorkdayBinding(),
new EndpointAddress(endpointURL));
compClient.ClientCredentials.UserName.UserName = userName;
compClient.ClientCredentials.UserName.Password = password;
(I created the CompensationObjectFactory to instantiate all the client-side API objects because the process is somewhat formulaic.) Then you can make API calls with the client object, for example, query a one-time award:
Request_OneTime_Payment_RequestType request =
CompensationObjectFactory.getOneTimePaymentRequest(
CompensationObjectFactory.getBusinessProcessParameters(),
CompensationObjectFactory.getOneTimePaymentData(
planId, currency, amount, effDt, emplID, positionID));
Request_OneTime_Payment_ResponseType response =
compClient.Request_OneTime_Payment(request);
0
On
I finally figured this out after debugging a working SOAP UI example by installing wireshark and forcing my request over HTTP!
The previously posted header example did not work for me because it was missing some info. I noticed further that my captured header worked several hours later and I developed a theory that Workday was ignoring everything but username and password. So I tested the following and it worked:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="bogus">
<wsse:Username>user@tenant</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD HERE]</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">bogus</wsse:Nonce>
<wsu:Created>2000-10-02T21:12:28.365Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Best of luck if you are reading this. SOAP is a complete nightmare!
0
On
To add to the responses already here, you may need to also add in your credentials in the SOAP header, like so:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="bogus">
<wsse:Username>[user]@[tenant]</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD HERE]</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">bogus</wsse:Nonce>
<wsu:Created>2000-10-02T21:12:28.365Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Workday APIs use WS-Security for authentication.
Remember that the workday host is multi-tenant. So, you'll use the WSDL endpoint to connect to the correct server, and the user name field will contain both your user name and the tenant on that server.
User name format for SOAP Auth to Workday:
[user-name]@[tenant-name]Example:
youUserName@tenant6Your workday account will need to be in the Integration Developer's group, as well.
You may need to adjust security and permissions beyond that to permit access to certain functional groups and domains which relate to the web service.
If you're using SoapUI, do the following:
Now, you can make a request.