Skip to main content
In this part, you learn to configure the Workday connection on watsonx Orchestrate by setting the identity provider as Entra ID.

Before you begin

Setting the connection between Workday and watsonx Orchestrate

You can configure Workday connection in two ways: The configuration with file is the recommended approach.

Configuring the Workday connection with file

Follow the steps to create and import the file:
  1. Create a configuration file and name it as connections.yaml.
  2. Insert the following code into the connections.yaml file.
    YAML
  3. Replace the following values:
    • <workday-app-id> - The ID of the Workday web page that hosts the embedded chat.
    • {tenant-id} - The tenant ID of the Microsoft Entra.
  4. Run the commands to import the connections.yaml file. For more information, see Creating connections.

Configuring the Workday connection with CLI commands

Follow the steps to set the connection:
  1. Enter the following code in the terminal:
    BASH
  2. Replace the following values:
    • <workday-app-id> - The ID of the Workday web page that hosts the embedded chat.
    • <env> - The environment type, draft or live.
    • <token-url> - Token URL provided in your Workday API registration.

Configuring the identity provider as Entra ID

  1. Enter the following code in the terminal:
    BASH
    Note: If you are using IBM Security Verify as your identity provider, you need to specify only the grant_type. You can remove the requested_token_use and requested_token_type from the code.
  2. Replace the following values:
    • <workday-app-id> - The ID of the Workday web page that hosts the embedded chat.
    • <env> - The environment type, draft or live.
    • {tenant-id} - The tenant ID of the Microsoft Entra.
    • <entra-client-id> - The Client ID of the Microsoft Entra.
    • <entra-client-secret> - The Client Secret of the Microsoft Entra.

Importing tool

You need to import your tool with the Workday application to watsonx Orchestrate. You can use the orchestrate tools import command with the --app-id flag to associate the Workday connection with the tool. See the steps:
  1. Run the command according to the tool file type: Python
    BASH
    YAML (OpenAPI tools)
    BASH
  2. Replace the following values:
    • <workday-app-id> - The ID of the Workday web page that hosts the embedded chat.
    • <path-to-file> - The path, name, and extension of the file
For more information, see [Associating a connection to a tool].

Configuring the Workday OAuth credentials

  1. Enter the following code in the terminal:
    BASH
  2. Replace the following values:
    • <workday-app-id> - The ID of the Workday web page that hosts the embedded chat.
    • <env> - The environment type, draft or live.
    • <client-id-workday> - Client ID provided in your Workday API registration.
    • <token-url> - Token URL provided in your Workday API registration.

Adding watsonx Orchestrate web chat to your application

After the configuration is complete, embed the watsonx Orchestrate web chat to your web page or application. For detailed instructions on embedding the web chat, see Enabling Secure Embed Flow. To enable SSO, in addition to the embed instructions, complete the following steps:
  1. Create the createJWT.js and embed.html files. You can use the examples that are provided in the following tabs as templates for each file.
  2. Save these files in your watsonx Orchestrate repository.
JAVASCRIPT
Replace the <wo_tenant_id> and <sso_token> with appropriate information.Run the following commands to retrieve the SSO token
BASH

Testing the integration

To test the integration, sign in and interact with Workday through embedded chat.
  1. Log in to the web page or application that hosts the embedded chat using your own credentials.
  2. Start the watsonx Orchestrate chat widget.
  3. Ask a Workday related query in the embedded chat.

Result

If the SSO authentication is correctly configured, the Workday returns a JSON response with the requested data.

Troubleshooting