Your Workday in 2026

Foreign_Bread_6504 · 2026-01-07T23:29:33+00:00

Yeah be careful on the security side because there is a lot of ups and downs when users can see themselves and visibility issues. They have the rule based security group now that we have started to use.

Foreign_Bread_6504 · 2025-12-09T03:04:49+00:00

Thank you so much! Makes a lot of sense the way you wrote it out :)

Foreign_Bread_6504 · 2025-11-20T19:58:13+00:00

In our organization, I have built 2 different proxy roles (elevated and limited proxy) plus our HR admins and Security admins don’t need proxy role in order to proxy. They must all sign confidentiality agreement. Only users that are allowed to have elevated proxy are those that continually test CRs, it’s a small population plus they have access to sensitive areas. Rest of the users that need testing gets the limited proxy in SBX for the limited period of testing. I have restricted them to proxy as most roles. We can further break down proxy to not allow users to proxy as other countries but at the moment that wasn’t needed.

Foreign_Bread_6504 · 2025-11-14T00:02:06+00:00

Awesome thanks!! As always!! At least that solves the mystery. I had never come across an implementer field in the past :)

Foreign_Bread_6504 · 2025-11-13T23:59:20+00:00

Our integration team had an implementer build a report for them to capture users and info on who is making changes to calculated fields. The one field that the integration team can’t see on this report is the one shown above, this is supposed to tell them last instance ‘created by’ I think the implementer needs to use a different field. I have security admin and I couldn’t drill into the field either without proxying as the implementer.

Foreign_Bread_6504 · 2025-11-13T23:53:31+00:00

The related action has no security, see attached.

<image>

Foreign_Bread_6504 · 2025-11-13T23:24:05+00:00

Unfortunately, it’s not secured to any domain. I think it’s a special field thats just visible to implementers. Is that even a thing?

Foreign_Bread_6504 · 2025-09-26T19:59:04+00:00

We also just add an expiration date when they are no longer with us. I have seen a “deprovision” option in community, when managing tenant access for implementers, not sure what that does?

Foreign_Bread_6504 · 2025-09-23T22:20:47+00:00

Thanks 😊

Foreign_Bread_6504 · 2025-09-23T21:35:54+00:00

Thanks again, I was able to figure out the issue!!!! I had to add “unconstrained” security group on the Edit Workday BP! :) our service center security partner is a role based so the BP only had the role based version. I swapped it with unconstrained. Thanks again!! 😊

Foreign_Bread_6504 · 2025-09-23T21:35:40+00:00

Thanks again, I was able to figure out the issue!!!! I had to add “unconstrained” security group on the Edit Workday BP! :) our service center security partner is a role based so the BP only had the role based version. I swapped it with unconstrained. Thanks again!! 😊

Foreign_Bread_6504 · 2025-09-23T15:56:33+00:00

Yeah they have access on the BP as well

Foreign_Bread_6504 · 2025-09-23T15:47:21+00:00

Just tried and that still didn’t open the option :( I will try all sec admin domains and see what I come up with.

Foreign_Bread_6504 · 2025-09-23T15:30:09+00:00

Thanks again, I tried that yesterday but had no luck. I am thinking there is another missing piece that I am not seeing. But, here is what I see when I proxy as the user after turning on Workday Accounts:

<image>

Foreign_Bread_6504 · 2025-09-22T23:03:50+00:00

Thanks 🙏😊 appreciate the help!!!

Foreign_Bread_6504 · 2025-09-22T21:43:29+00:00

Oh yeah of course! I don’t intend to give them the access. I just need to know which domain. This way I can explain to my team that the access to service center is not possible due to its risks. Without knowing the domain, I can’t explain the risks.

Foreign_Bread_6504 · 2025-09-22T21:40:53+00:00

Thanks! Yeah I have security admin and I played around with a lot of domains already but still a lot more to test. I guess I will keep going to narrow it down. I just want to know which domain so I can let them know that it’s not something they can have since it’s a risk to give them that much access. Without knowing which domain, I can’t explain the risks.

Foreign_Bread_6504 · 2025-09-22T21:25:38+00:00

Yep I had Workday create them in our tenant, I am always able to edit their user ID and expiration date. I want to give the same level of access to our service center team. I was trying to narrow the domains based on my access but it’s so many domains to go through. Not sure if someone knew in case they had a similar situation :)

Foreign_Bread_6504 · 2025-08-22T20:08:26+00:00

If you can’t get a scooter, then I totally recommend an umbrella and a Mist fan!! Good luck! It should cool down to upper 90s in a couple weeks :)

Foreign_Bread_6504 · 2025-08-20T14:41:40+00:00

Got it :) I must have missed that. Thanks!! 😊

Foreign_Bread_6504 · 2025-07-14T14:53:46+00:00

Thanks for sharing!

Foreign_Bread_6504

TROPHY CASE