We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Workday Accounts to security group

tpawle
New Contributor III
New Contributor III

We are using the workday RAAS connector to import the Workday accounts and the security groups assigned to these accounts. We have also been able to Import  the Accounts and Security Groups within Workday using reports  "SAV_Accounts "  and "SAV_SecurityGroups".

But currently we are facing the issue while importing the accounts to security group mapping define in RAAS report "SAV_AccountsToSecurityGroups" is not working . 

Not sure why the security groups not assigned to any account. 

Please find below the configuration : 

ACCESS_IMPORT_LIST

Security Group,Tasks And Reports,Organizational Role,Business Process Security Policy,Domain Security Policy

RAAS_MAPPING_JSON

{
"reportUrlMapping": [
{
"accessType": "Security Group",
"url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_SecurityGroups?format=xml",
"mappingUrl": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_AccountsToSecurityGroups?format=xml",
"inc_url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_SecurityGroupsAccounts?format=xml"
}
]
}

3 REPLIES 3

rushikeshvartak
All-Star
All-Star

check below documentation

https://docs.saviyntcloud.com/bundle/WD2-v24x/page/Content/Default-Payloads-for-Connection-Parameter... 

{
  "reportUrlMapping": [
    {
      "accessType": "User",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_Users?format=xml"
    },
    {
      "accessType": "Account",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_Accounts?format=xml"
    },
    {
      "accessType": "Security Group",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_SecurityGroups?format=xml",
      "mappingUrl": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_AccountsToSecurityGroups?format=xml",
      "inc_url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_SecurityGroupsAccounts?format=xml",
      "enable_chunked_retrieval" : 0,
      "locationHierarchyUrl": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_LocationHierarchies",
      "locationHierarchies": [],
      "countryReportUrl": "${BASE_URL}/ccx/service/systemreport2/${TENANT_NAME}/Country_Summary",
      "countryCodes": []
    },
    {
      "accessType": "Domain Security Policy",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_DomainSecurityPermissions?format=xml",
      "inc_url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_Domains?format=xml&Include_Changes_to_Security_Groups=0"
    },
    {
      "accessType": "Business Process Security Policy",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_BusinessProcessPermissions?format=xml",
      "inc_url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_BusinessProcesses?format=xml&Include_Changes_to_Security_Groups=0"
    },
    {
      "accessType": "Organizational Role",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_OrgRolesAccounts?format=xml"
    },
    {
      "accessType": "Tasks And Reports",
      "url": "${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_ReportsTasksGetPut?Include_Inactive=0,${BASE_URL}/ccx/service/customreport2/${TENANT_NAME}/${REPORT_OWNER}/SAV_ReportsTasksViewModify?Include_Inactive=0"
    },
    {
      "accessType": "Organization"
    }
  ],
  "auditReportUrlMapping": [
    {
      "reportName": "userActivity",
      "url": "${BASE_URL}/ccx/service/systemreport2/${TENANT_NAME}/View_User_Activity?format=xml",
      "importDateStep": "6",
      "indexName": "audit",
      "auditDateStart": "${CURRENT_TIMESTAMP_MINUS_24HRS}",
      "ImportMapping": {
        "fileCreateTime": "wd:Request_Time",
        "sourceTranslatedAddress": "wd:IP_Address",
        "requestClientApplication": "wd:User_Agent",
        "suser": "wd:System_Account.wd:Descriptor",
        "filePath": "wd:Task",
        "filePermission": "wd:Activity_Category",
        "duser": "wd:Target.wd:Descriptor",
        "duid": "wd:Target.wd:ID[1].wd:type"
      }
    }
  ]
}

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi @rushikeshvartak , 

Used the same RAAS_MAPPING JSON , we have already imported the users , accounts , security groups using the same JSON . But some how security groups not assigned to any of the account. We have tested the WD report  "SAV_AccountsToSecurityGroups" using the postman and its working as exepcted. 

Other than RAAS_MAPPING JSON ,  is there nay other configuration that we need consider for  accounts to security group mapping ?

Refer https://docs.saviyntcloud.com/bundle/WD2-v24x/page/Content/Default-Payloads-for-Connection-Parameter...


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.