OAuth 2.0 provides third-party applications with access to HTTP services through authorisation and authentication protocol, either on behalf of resource owners or independently granting them permission. In this post we focus on how SoapUI can generate an OAuth 2.0 Access Token that allows restricted access.
1. Overview
2. Prerequisites
3. Establishing an ISU (Integration System User).
4. Installing the Integrations API Client (RESTAPI)
5. Setting Up an Integrations API Client
6. Assigning OAuth Access 2.0 Token using SoapUI
7. Conclusion
Developers can integrate Workday’s platform using its extensive suite of APIs. Workday employs OAuth 2.0, which requires creating an Access Token to secure these interfaces; API requests are authenticated and authorised using this token.
In this tutorial we will walk through how to generate such an Access Token using SoapUI as a powerful web service testing and debugging tool.
Before beginning, ensure the following conditions have been fulfilled:
SOAP UI: [Smart Bear](https://www.soapui.org/) can provide the latest version of SoapUI for download and installation;
Workday Tenant: It offers access to an administrative tenant in Workday.
Workday ISU : An account created specifically for integration is known as a Workday Integration System User (ISU)
Workday API Client: While your registered client for your integration process would be known as Workday API Client.
In Workday, the account dedicated specifically for integration is known as an Integration System User (ISU).
To create one, take these steps:
1. Log into Workday: In order to gain entry to your Workday tenant, provide your administrative credentials.
2. Navigating Your Way to the Security Centre: Click “Security,” followed by “Integration System Users.”
3. Establish a New ISU: Press the “Create Integration System User.” button and input an individual username as well as any necessary details. Afterward, make sure this user can access all functional areas required of them.
4. Save the ISU: Make note of your username and password before saving the updated ISU for future steps. These details are required.
To utilize OAuth 2.0, an API client must first be registered in Workday in order to receive an Access Token generated through this client.
1. Navigating to the API Registration Page: To register API Clients, navigate to “Integrations” and choose “API Clients.”
2. Establish a New API Client: Select “Create API Client,” give your client an appropriate name such as “My RESTAPI Client”, and choose a grant type such as Client Credentials to facilitate communication between servers.
3. Configure Your Client: For specific grant types, set the redirect URI accordingly and grant appropriate scopes – these specify functional domains like core Workday domains that the client can access.
4. Save Your API Client: Take note of both client ID and secret, then save the newly-created API client for future steps. These details will be necessary.
To make your ISU functional, once it has been created you must configure its API client accordingly.
1. Assign an API Client an ISU: Navigating to “Integrations” and then “API Clients,” locate and select your newly established API client before selecting its “Integration System User” section to assign its ISU.
2. Save Your Configuration: Save all changes made to the API client setup.
Once your ISU and API client are set up, SoapUI provides a simple method for creating OAuth 2.0 Access Tokens.
1. Launch SoapUI by opening it and starting a new project.
2. Add a Fresh REST Service: Right-click and choose “New REST Service.” Input your Workday API base URL such as https://your-workday-tenant.com.
3. Create a New Request: It is simple to submit a fresh REST Service request by right-clicking.
This article outlines the procedure for generating an OAuth 2.0 Access Token with SoapUI. An Integration System User (ISU) was established, and an API Client for Integrations (RESTAPI) was registered within our Workday system.
Subsequently, we set SoapUI to produce an OAuth 2.0 Access Token utilising the client credentials grant type. Ultimately, we utilised the access token to retrieve a secured resource within our Workday system.
By adhering to these procedures, you can produce an OAuth 2.0 Access Token and utilise it to access secured services within your Workday system.
Ensure the confidentiality of your client secret and access token to avert unauthorised access to your system.
UppTalk̗ Upp̬Talk UppT̩alk UppT̎alk UppT̂alk UppT̬alk UppTalḳ Up̨pTalk Upp̌Talk
