This guide will walk you through the necessary steps to set up your Ceridian Dayforce User with appropriate permissions.
To create a connection with Ceridian Dayforce, you have to complete 7 steps.
Create a password policy specific to this integration and Ceridian. You'll need to make sure there is no password expiration or password reset -- each would change the password you initially set for the Ceridian integration and prevent the integration from working.
Name the policy something easy to identify having been created for this Ceridian integration. The screen capture below shows a sample Policy, highlighting key fields.
Create a role specific to this integration and Ceridian. Go to System Admin > Roles and select the Add button. Give the role a name easy to remember as associated with this integration. Make sure to set the Password Policy to the policy you created for this integration in the previous step.
Proceed to the Features section and ensure that HCM Anywhere and Web Services are checked.
Next, from the top of the New Role screen, select the Features tab. Check and expand HCM Anywhere, then check and expand Web Services, then check Explorer, Patch/Post Employee HR Data, and Read Data.
If you require write functionality (e.g., POST /Time-Off), follow these additional steps:
Enable "Web Services Patch/Post Employee Time Off."
Next, while still in the New Role screen, select the Authorizations tab at the top. Check "Can Read" permission for the following Names:
- Employee Contact Information
- Employee Contact Information - Business
- Employee Number
- Employee Own Contact Information
- Employee Own Contact Information - Business
- Employee Personal Information
- Employee Personal Information XrefCode
- Employee Properties
- Employee Status Information
- Employee Work Assignment - Primary Records
- Employee Work Assignment - Secondary Records
- User Information
Next, while still in the New Role screen, select the Web Services Field-Level Access tab at the top. Expand SOAP Services, then expand GetEmployeeXRefCodesResponse, and check XRefCode.
Expand Employee, and check all of the following fields, plus their subfields and any further nested fields. Fields with subfields are indicated with an asterisk (*).
With the role now created, you will need to create a user to be used for this integration. This user, and only this user, should be assigned to the Role you created in the previous steps.
In the System Admin > User area, at the top of the page, select New and fill in the User Name field with the name you choose for this user. We recommend something easy to connect to this integration, like the name of the integration.
Set the user's Culture to "English US" and Numeric Culture to "English US", and create a password in the Password field. You'll need to save this username and password for a later step. Check the Approved box, then assign the role created previously to this user by selecting the Add User Role button.
While still in the New User screen, go to the Location Access tab. Make sure to at least select the highest level Location for your organization. Optionally, you may select only those organizational location you wish to provide access to this integration. The drop down will list the available locations to choose from. If you do select more than one location option, be sure to check "Primary" for one of them. Click the "Save" button to complete the User setup.
Gather your User Name, and Password from the user you just created.
The Company ID can be gathered from your login page.
Enter the credentials into Vault and click save.
Next click on Authorize to finalize the set up.
Your Ceridian Dayforce account is now connected 🎉.