Configure the Workday security configuration to enable
single sign-on.
Before you begin
The configuration requires you to provide a certificate
to
sign the SAML message in your Federated Identity Manager. Export your
Federated Identity Manager certificate into a Privacy-Enhanced Message
(PEM) format. See "Exporting a certificate" in the
IBM Tivoli
Federated Identity Manager Configuration Guide.
Procedure
- Navigate to the website of your service provider.
- Open a web browser.
- Enter the URL provided by Workday to access your account. For example, https://www.myworkday.com/<your
company>/login.flex.
- Log in with your Admin account.
- Navigate
to the single sign-on configuration page.
- Click
- Configure the single sign-on settings by providing
the
following information:
- Under SAML
Setup, select the Enable
SAML Authentication option.
- Specify
the following information:
- Identity Provider
ID
- Enter the Federated Identity Manager Login Endpoint URL.
For example, https://idp.example.com/FIM/sps/<federation
name>/saml20/login
- x509
Public Key
- Upload the certificate that you exported at the
beginning of this
task in this field. This certificate must contain the public key from
the key-pair that is used for signing SAML messages in your Federated
Identity Manager.
- Save your settings.