Brave Search

Mobile Browser Login Redirect URL: ... Click on the plus (+) icon underneath SAML Identity Providers to add a row, then enter the following: Identity Provider Name: Enter Okta....

Reco

reco.ai › home › hub › workday sso integration with okta: a complete guide

Workday SSO Integration with Okta: A Complete Guide

May 28, 2025 - The IdP (Okta) verifies the user’s identity using corporate login credentials and, if required, multi-factor authentication (MFA). Once authenticated, Okta sends a SAML assertion back to Workday. Workday checks the validity of the assertion and, if everything checks out, grants the user access. ... Identity Provider (IdP): Okta, Azure AD, Ping, etc. ... Today, we will set up Single Sign-On (SSO) integration for Workday.

reddit.com › r/workday › workday > okta sso integration error “invalid user name or password, please try again. note: you may not be able to change or reset your password from workday if your account uses a corporate password."

r/workday on Reddit: Workday > Okta SSO Integration Error “Invalid user name or password, please try again. Note: You may not be able to change or reset your password from Workday if your account uses a corporate password."

August 21, 2024 -

Hello All,

Set up SSO for a workday tenant and pretty straightforward SAML setup instructions provided by Okta. triple checked URLs, issuer ID, certificate on workday side so it cant be that. Assigned a group of test users to the app in Okta and they all receive the error above. Is this an attribute issue where user name attribute sent by Okta does not match any user name in Workday?

Top answer

1 of 5

Could be. Could also be a few other things. I always start with sign on history of the account as that can sometimes give you clues as to what it is before you start going down rabbit holes.

2 of 5

You may have messed up the SAML configuration in the authentication policy.

Okta

okta.com › integrations › workday

Workday | Okta

SWA Secure Web Authentication is a Single Sign On (SSO) system developed by Okta to provide SSO for apps that don't support proprietary federated sign-on methods, SAML or OIDC.

Skyhigh Security

success.skyhighsecurity.com › skyhigh casb › skyhigh casb sanctioned applications › skyhigh casb native sanctioned apps › skyhigh casb for workday

Integrate Workday SSO with Okta and Mobile App via Proxy - Skyhigh Security

April 30, 2024 - Use this procedure to integrate Workday SSO with Okta and the mobile app via the proxy. Log in to your Workday instance as an admin. Then search for the task Edit Tenant Setup - Security.

miniOrange

miniorange.com › workday-single-sign-on-sso

Workday SAML Single Sign On (SSO)

If you want to authenticate via an external Identity Provider (IdP) like Active Directory, Okta, OneLogin, Google, or Apple ID, download the metadata file under External source as IdP.

Netskope

docs.netskope.com › en › configure-a-workday-account-in-okta

Configure a Workday Account in Okta

If you're seeing this message, that means JavaScript has been disabled on your browser, please enable JS to make this app work

Iron Cove Solutions

ironcovesolutions.com › en-US › video › okta-workday-as-a-master

Workday as Master Identity Source with Okta Integration

This powerful combination allows ... while Okta instantly executes access changes across your technology stack. Using Workday as your master identity source delivers several key advantages: Automated integration of authoritative employee data sources · Streamlined onboarding and offboarding processes with zero manual intervention · Automatic account creation and closure in downstream applications · Seamless SSO access assignment ...

Workday

marketplace.workday.com › en-US › apps › 414502 › okta-integration-for-account-provisioning › overview

OKTA Integration for Account Provisioning | Workday Marketplace

Okta and Workday partner to make lifecycle management easier, faster, and safer for you and your company. Okta's pre-built integration unifies HR and IT, using employee data and updates in Workday to inform the user lifecycle across IT systems, including Active Directory, SaaS and on-premises ...

Workday

event.workday.com › flow › workday › devcon24 › cfp › login

Workday | Workday DevCon 2024

Find elsewhere

Google Bing Mojeek

reddit.com › r/okta › workday record creation vs okta onboarding password considerations

r/okta on Reddit: Workday record creation vs Okta Onboarding password considerations

September 22, 2023 -

Wondering what other companies that have their HR system integrated with Okta do in this situation -

We use Workday to manage our employees and at the time of the Workday record creation, the HR team issues the new hire a username and a password to go upload their paperwork into Workday, typically days or weeks ahead of the actual start date.

Fast forward to start date, IT uses the same Workday username BUT issues a different password via Okta, that can now be used as the global credentials for everything, Workday included as that is now behind SSO.

HR wants to better the onboarding experience (and lessen their password reset requests) and give the user only one password to rule them all, at the moment when the Workday record is created.

On Security end, we are not super keen with the idea of giving people access to their apps ahead of the start date, and we use RBAC which means they get all their apps at once.

How is your company approaching this scenario?

Top answer

1 of 5

Let Workday source their Okta accounts and send them account setup emails so they can setup their Okta accounts early. At the same time create a prehire Okta group that you add these prehires to and add that group to an authentication policy which prohibits them from accessing any app besides Workday. This will let them access workday as well as setup things like mfa ahead of onboarding so less time will be wasted during the onboarding session you guys as well.

2 of 5

Following as I have a similar situation and curious how others are handling it. We kick off our email to them to go setup their account 3 days prior to their actual start date. Until then, same thing where they use their HR provided creds for onboarding tasks. It feels clunky and caused a lot of confusion at first. We also provision apps well in advance, but a while back introduced placing them in a group linked to "deny" policies on all apps but Workday and a learning platform. Then, on their actual start date, we have a workflow that pulls them from that group opening up the rest of the apps to them.

Okta

help.okta.com › en-us › content › topics › provisioning › workday › workday-provisioning.htm

Workday Provisioning | Okta Classic Engine

Configure Workday user provisioning for Okta to import Workday users and group memberships and provide end user SSO.

Okta

support.okta.com › help › s › question › 0D51Y00007w8pSBSAY › sso-on-multiple-workday-tenants

SSO on Multiple Workday Tenants

Loading · ×Sorry to interrupt · Refresh

Okta

okta.com › video › workday

Okta liberates Workday IT from password help and app administration | Okta

Okta enables Workday to be more efficient by providing them with an identity management system that eliminates password reset issues.

Published October 15, 2015

Okta

help.okta.com › oie › en-us › content › topics › provisioning › workday › workday-provisioning.htm

Workday Provisioning | Okta Identity Engine

Configure Workday user provisioning for Okta to import Workday users and group memberships and provide end user SSO.

RoboMQ

robomq.io › home › how to create workday okta integration?

Workday Okta Integration Guide for Seamless Integrations

02:32

How to set up Workday Okta Integration to automate onboarding, offboarding, and streamline user access with a step-by-step guide.

Published March 31, 2025

reddit.com › r/workday › sso for workday

r/workday on Reddit: SSO for Workday

October 10, 2024 -

Do you know why with SSO you still need to enter Microsoft credentials rather than accessing Workday the way Outlook or other applications with SSO are being accessed? Is it a Workday restriction (something that could be changed in the Tenant Setup) or if it's a configuration on the SSO Microsoft side?