Skip to main content

Connect Workday to Anzenna

Integrate Anzenna with Workday to correlate security events with employee lifecycle data, organizational structure, and workforce information.

Prerequisites

  • Workday administrator access (Integration System Security Group permissions)

  • Anzenna account

  • Ability to create Integration System Users in Workday

  • Permissions to create security groups and assign permissions

Overview

The integration provides:

  • Employee directory and organizational structure

  • User lifecycle tracking (hires, terminations, transfers)

  • Department and location information
  • Manager relationships
  • Custom worker attributes

Step-by-Step Instructions

Part 1: Enable Integration in Anzenna

  1. Log into Anzenna at

    app.anzenna.ai/u/integrations

  2. Find the Workday integration card

  3. Toggle to activate the Workday enrollment option

Part 2: Create Integration System User

  1. Log into Workday as administrator

  2. In the search bar (Workbench), type:
Create Integration System User
  1. Select the task from results

  2. Enter user credentials:

    • Username:anzenna

    • Password: Generate strong password

Save Password

Copy and save the password immediately. You'll need it to complete the Anzenna connection.

  1. Click OK to create the user

Part 3: Create Security Group

  1. In Workday Workbench, search for: 

    Create Security Group

  2. Select the task

  3. Choose Integration System Security Group (Unconstrained)

  4. Enter security group details:

    • Name:anzenna
    • Description: Security group for Anzenna integration

  5. Under Integration System User, add the anzenna user you created

  6. Click OK to create the security group

Part 4: Assign Permissions

  1. In Workbench, search for: 

    Maintain Permissions for Security Group

  2. Select the anzenna security group

  3. Grant Get Only access to the following:

Worker Data:

  • Worker Data: User Profile
  • Worker Data: Public Worker Reports
  • Worker Data: All Positions
  • Worker Data: Organizations

Learning and Development:

  • Learning Records

Staffing:

  • Staffing

Organizational Data:

  • Integration Data
  • Person Data

Reports:

  • Report: Data Source for Custom Reports
  • Report: Worker

  1. Click OK to save permissions

Part 5: Activate Security Policy Changes

  1. In Workbench, search for: 

    Activate Pending Security Policy Changes

  2. Select the task
  3. Review pending changes

  4. Enter a comment (e.g., "Activating Anzenna integration permissions")

  5. Click OK to activate

Activation Timing

Security policy changes typically activate immediately but may take a few minutes to propagate.

Part 6: Create RaaS Report

  1. In Workbench, search for: 

    Create Custom Report

  2. Select Advanced report type

  3. Enter report details:

    • Report Name:Anzenna Sync
    • Report Type:Advanced

Add the following data fields (in order):

  1. user_id
  2. first_name
  3. last_name
  4. preferred_name
  5. email
  6. org_name
  7. department
  8. location
  9. job_title
  10. manager_name
  11. manager_email
  12. hire_date
  13. termination_date
  14. employee_status
  15. employee_type
  16. cost_center
  17. business_unit
  18. custom_field_1 (if applicable)

  1. Configure report settings:

    • Enable As Web Service: Yes
    • Optimized for Performance: Yes

  2. Under Share, assign ownership to the anzenna integration system user

  3. Click OK to create the report

Part 7: Complete Connection in Anzenna

  1. Return to Anzenna > Integrations > Workday

  2. Enter your Workday Tenant ID

    Format: Your tenant name (e.g., acme, company)

  3. Enter Username: 

    anzenna

  4. Paste the password you created in Step 2

  5. Click Save to establish the connection

  6. Verify integration shows as Connected

Verification

  1. Check integration status shows Connected

  2. Wait 30 minutes for initial sync

  3. Navigate to Anzenna's Users dashboard

  4. Verify employee data from Workday is appearing

  5. Check organizational structure is visible

What Data is Collected

Employee Information

  • Employee IDs
  • Names (first, last, preferred)
  • Email addresses
  • Phone numbers
  • Employment status

Organizational Data

  • Departments
  • Locations
  • Business units
  • Cost centers
  • Organizational hierarchy

Job Information

  • Job titles
  • Positions
  • Manager relationships
  • Supervisory structure
  • Employment type

Lifecycle Events

  • Hire dates
  • Termination dates
  • Transfer history
  • Promotion records
  • Status changes

Custom Fields

  • Organization-specific attributes
  • Extension fields
  • Custom worker data

Use Cases

User Attribution

Correlate security events with:

  • Employee department
  • Manager information
  • Location data
  • Employment status

Insider Threat Detection

  • Activity during notice period
  • Post-termination access
  • Transfer to competitor
  • Performance issues correlation

Access Management

  • Onboarding automation
  • Offboarding workflows
  • Role changes
  • Org structure changes

Troubleshooting

Connection Fails

  • Verify Tenant ID is correct

  • Check username is exactly anzenna

  • Ensure password was copied correctly
  • Confirm security group is activated

Integration System User Errors

  • Verify user was created successfully
  • Check user hasn't been disabled
  • Ensure password meets Workday requirements
  • Confirm user has security group membership

Permission Errors

  • Review all Get Only permissions were granted

  • Verify security policy changes were activated

  • Check security group configuration
  • Ensure no conflicting security policies

No Data Syncing

  • Wait 30-60 minutes for initial sync
  • Verify RaaS report was created

  • Check report is assigned to anzenna user

  • Ensure report has web service enabled
  • Review Workday audit logs

RaaS Report Issues

  • Verify all 18 fields are included
  • Check field names match exactly
  • Ensure report is optimized for performance
  • Confirm web service is enabled

Security Considerations

  • Integration System User - Service account isolation

  • Read-only access - Get Only permissions

  • Security group isolation - Dedicated security group

  • Audit logging - All access logged in Workday

  • Password security - Strong password requirements

Best Practices

  1. Service account — Dedicated integration user

  2. Minimal permissions — Only Get Only access

  3. Document password — Store in secure vault

  4. Regular audits — Review permissions quarterly

  5. Monitor initially — Check sync errors in first week

  6. Update RaaS report — Add custom fields as needed

  7. Test thoroughly — Verify data accuracy

Integration Maintenance

Regular Checks

Perform monthly:

  • Verify connection active
  • Check data freshness
  • Review sync timestamps
  • Validate employee counts

Security Group Audits

Quarterly review:

  • Verify permissions unchanged
  • Check security group membership
  • Review access logs
  • Ensure compliance with policies

RaaS Report Updates

When adding custom fields:

  1. Edit Anzenna Sync report
  2. Add new fields
  3. Update data source
  4. Test report output
  5. Sync updates to Anzenna

Password Rotation

If rotating integration password:

  1. Update password in Workday
  2. Update in Anzenna immediately
  3. Test connection
  4. Document change

Workday Editions

The integration works with:

  • Workday HCM
  • Workday Enterprise Management Cloud

Requires appropriate licensing for API access and RaaS reporting.

RaaS (Reporting as a Service)

Workday's RaaS enables:

  • Custom report creation
  • Web service exposure
  • Automated data extraction
  • API-based report access

The Anzenna Sync report uses RaaS for data synchronization.

Need help? Contact

Anzenna Support

for assistance.