Workday Security · OAuth Scopes

Workday Security OAuth Scopes

OAuth 2.0 derived

Workday Security publishes 3 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Workday Security API on a user’s behalf.

Tokens are issued from https://{host}/ccx/oauth2/{tenant}/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Access ControlAuditAuthenticationComplianceEnterpriseIdentity ManagementPrivacySAMLSecuritySSO
Scopes: 3 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://{host}/authorize
Token URL
https://{host}/ccx/oauth2/{tenant}/token
Flows
authorizationCode

Scopes (3)

ScopeDescriptionFlows
Integration Access to integration resources authorizationCode
System Access to system-level resources authorizationCode
Tenant_Non-Configurable Access to tenant non-configurable resources authorizationCode

Source

OAuth Scopes

workday-security-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/workday-security-authentication-openapi.yml
schemes:
- name: oauth2
  source: openapi/workday-security-authentication-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://{host}/authorize
    tokenUrl: https://{host}/ccx/oauth2/{tenant}/token
  description: OAuth 2.0 authorization code flow for obtaining access tokens to Workday REST
    APIs.
scopes:
- scope: Integration
  description: Access to integration resources
  flows:
  - authorizationCode
  sources:
  - openapi/workday-security-authentication-openapi.yml
- scope: System
  description: Access to system-level resources
  flows:
  - authorizationCode
  sources:
  - openapi/workday-security-authentication-openapi.yml
- scope: Tenant_Non-Configurable
  description: Access to tenant non-configurable resources
  flows:
  - authorizationCode
  sources:
  - openapi/workday-security-authentication-openapi.yml