Workday Extend · OAuth Scopes

Workday Extend OAuth Scopes

OAuth 2.0 derived

Workday Extend publishes 9 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Workday Extend API on a user’s behalf.

Tokens are issued from https://{baseUrl}/oauth2/{tenant}/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

AutomationCustom ApplicationsEnterpriseExtensionsHCMHuman Capital ManagementIntegrationOrchestrationPaaS
Scopes: 9 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://{baseUrl}/authorize
Token URL
https://{baseUrl}/oauth2/{tenant}/token
Flows
authorizationCode

Scopes (9)

ScopeDescriptionFlows
customObjects:manage Manage custom object definitions and instances authorizationCode
customObjects:read Read custom object data authorizationCode
extend:apps Manage Extend applications authorizationCode
extend:apps:read Read Extend application data authorizationCode
graph:read Query Workday data through the Graph API authorizationCode
graph:schema Access schema introspection authorizationCode
orchestrate:executions Execute orchestrations authorizationCode
orchestrate:orchestrations Manage orchestrations authorizationCode
orchestrate:orchestrations:read Read orchestration data authorizationCode

Source

OAuth Scopes

workday-extend-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/workday-extend-custom-objects-openapi.yml, openapi/workday-extend-graph-api-openapi.yml,
  openapi/workday-extend-orchestration-openapi.yml, openapi/workday-extend-rest-api-openapi.yml
schemes:
- name: OAuth2
  source: openapi/workday-extend-custom-objects-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{baseUrl}/authorize
    tokenUrl: https://{baseUrl}/oauth2/{tenant}/token
- name: OAuth2
  source: openapi/workday-extend-graph-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{baseUrl}/authorize
    tokenUrl: https://{baseUrl}/oauth2/{tenant}/token
- name: OAuth2
  source: openapi/workday-extend-orchestration-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{baseUrl}/authorize
    tokenUrl: https://{baseUrl}/oauth2/{tenant}/token
- name: OAuth2
  source: openapi/workday-extend-rest-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{baseUrl}/authorize
    tokenUrl: https://{baseUrl}/oauth2/{tenant}/token
scopes:
- scope: customObjects:manage
  description: Manage custom object definitions and instances
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-custom-objects-openapi.yml
- scope: customObjects:read
  description: Read custom object data
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-custom-objects-openapi.yml
- scope: extend:apps
  description: Manage Extend applications
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-rest-api-openapi.yml
- scope: extend:apps:read
  description: Read Extend application data
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-rest-api-openapi.yml
- scope: graph:read
  description: Query Workday data through the Graph API
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-graph-api-openapi.yml
- scope: graph:schema
  description: Access schema introspection
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-graph-api-openapi.yml
- scope: orchestrate:executions
  description: Execute orchestrations
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-orchestration-openapi.yml
- scope: orchestrate:orchestrations
  description: Manage orchestrations
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-orchestration-openapi.yml
- scope: orchestrate:orchestrations:read
  description: Read orchestration data
  flows:
  - authorizationCode
  sources:
  - openapi/workday-extend-orchestration-openapi.yml