Stephen Gilmore

➿ Set up multiple Workday SSO providers

Workday June 12th, 2023 3 minute read.

My company has gone through a number of acquisitions and as part of that, ended up in a situation where we have multiple identity providers from these companies and workers who have accounts within each. These licenses are quite expensive, so in an effort to decrease our license count, we are configuring Workday to handle multiple SSO providers so workers don't need licenses with multiple identity providers.

As usual, the process isn't all that well documented on Workday Community, so these are my notes on the setup.

Step 1: Do a test run in sandbox or an impl tenant

...Pretty self explanatory.

Step 2: Backup tenant setup - security configuraiton

Go to Tenant Setup - Security and download/export a PDF and/or Excel file of the configuration for reference in case you need it. For the truly paranoid, email the file to someone else so there's a backup.

Step 3: Configure DISABLED SAML Identity Providers

Configure the identity providers that you'll need and check the box for "disabled" so that they aren't live yet.

Step 4: Create an authentication selector

With the task Manage Authentication Selectors, create a new authentication selector for each identitty provider.

Step 5: Flip the switch!

Turn on the new configuration in Tenant Setup - Security:

  1. Within the redirection URLs section, select the Authentication Selector you created and then save the changes.
  2. Within the SAML Identity Providers section check and uncheck boxes as needed to enable the correct identity providers.

Step 6: Verify

Do these things to verify everything worked Okay: