Guide Index
Guides HomeMangoApps WebsiteCommunity & SupportBlog & Resources
MangoApps Integrations Guide
MangoApps Integrations Guide
  • 🥭Integrations
  • 🌐Analytics
    • Google Analytics
    • Integration with Tableau
  • 🌐Digital Signage
    • Digital Signage Integrations
    • Integration with Appspace
    • Integration with Monitors AnyWhere
    • Integration with Rise Vision
    • Integration with ScreenCloud
    • Integration with Yodeck
  • 🌐Events
    • Event Integration with Zoom
  • 🌐File Storage and Sharing
    • Integration with Adobe Experience Manager (AEM)
    • Integration with Box
      • Box as the File Storage
      • Box as External Document Repository
    • Integration with Dropbox
    • Integration with Google Drive
    • Integration with NetSuite
    • Integration with SharePoint
      • SharePoint Files and Federated Search
      • SharePoint Widget
  • 🌐HRIS Partner Integrations
    • 🆕HRIS Partner Integrations
    • 🆕Integration with Workday
    • Paylocity Integration
  • 🌐Single Sign-On
    • Single Sign-On Integrations
    • General Protocol Setups
      • Active Directory/LDAP
      • OAuth2.0
        • OAuth2.0 with Open ID Connect
      • SAML
    • SSO Integrations by Provider
      • SSO Integrations for ADP Workforce Now
        • Integration with ADP Workforce Now
      • SSO Integrations for Google Workspace
        • Google Cloud Identity
        • Integration with Google Enterprise using OAUTH 2.0
      • SSO Integrations for Microsoft
        • SCIM Setup for Microsoft Entra ID
        • Integrating Office 365 SSO Using OAuth2.0
        • Active Directory Federation Services
      • SSO Integrations for Okta
        • SCIM Setup for Okta
        • OAuth2.0 Setup for OKTA Using OpenIDConnect
      • SSO Integrations for OneLogin
        • SCIM Setup for OneLogin
      • SSO Integrations for UKG
      • 🆕SSO Integrations for Workday
        • 🆕MangoApps as an SSO Provider for Workday
        • 🆕Workday as an SSO Provider for MangoApps
  • 🌐Shifts & Schedules
    • Integration with Kronos
    • 🆕Integration with PDI Workforce
  • 🌐Widgets
    • Integration with MS Stream
    • Integration with Tagbox
  • 🌐Workspace
    • Integration with AirBrake
    • Integration with Freshdesk
    • Integration with GitHub
    • Integration with Huddle
    • Integration with JIRA
    • Integration with Microsoft Clarity
    • Integration into Microsoft Teams
    • Integration with OC Tanner
    • Integration with Pingdom
    • Integration with Power BI
    • Integration with Salesforce
    • Integration with Slack
      • Integration with Slack for Channel Notifications
    • Integration with Zendesk
  • 🌐ADDITIONAL RESOURCES
    • Submit a Support Ticket
    • Release Notes
Powered by GitBook
On this page
  • Overview
  • Required Roles
  • MangoApps Side Setup
  • Workday Side Setup
  • Testing Considerations
  • Security Considerations
  • End User Experience
  • Rollout Recommendations
  1. Single Sign-On
  2. SSO Integrations by Provider
  3. SSO Integrations for Workday

MangoApps as an SSO Provider for Workday

MangoApps as an SSO provider for Workday (Enterprise Apps)

PreviousSSO Integrations for WorkdayNextWorkday as an SSO Provider for MangoApps

Last updated 2 days ago

Overview

This guide provides step-by-step instructions to configure MangoApps as a Single Sign-On (SSO) provider for Workday. This integration allows users to log in to Workday using their MangoApps credentials, improving security and ease of access.


Required Roles

To perform the setup successfully, you must have the appropriate administrative access in both systems.

  • MangoApps: Admin access to the MangoApps Admin Portal

  • Workday: Administrator privileges to access and edit tenant security settings


MangoApps Side Setup

This section explains how to configure the SSO application within MangoApps.

Log in to MangoApps as an admin and navigate to Admin Portal > SSO > Application > MangoApps Provisioned Apps

Click the Add Application button and search for Workday.

Click the Add button next to Workday to access the app configurations pop-up menu.

From this menu, fill in the required fields:

  • Workday Application URL: Your Workday Application URL

  • Workday ACS URL: Your Workday Application URL/login-saml.html

  • Entity ID: e.g. http://www.workday.com

  • User Identifier: Select Email, sAMAccountName, or EmployeeID per your requirement

Save the application.

Download the Metadata from the three-dot menu of the configured Workday application to obtain the x509 certificate. This certificate will be used during the Workday portion of this setup.


Workday Side Setup

The following steps outline how to configure Workday to trust MangoApps as its SSO identity provider.

Sign in to Workday with admin privileges.

Navigate to Edit Tenant Setup – Security by searching for it on the home screen and expand the Single Sign-On section.

Under Redirection URLs, click the plus icon and add the following:

  • Login Redirect URL: https://<your mangoapps domain>/saml/08904ab0-343f-0137-0224-2f38cb4aeeeb/auth

  • Logout Redirect URL: https://<your mangoapps domain>/saml/08904ab0-343f-0137-0224-2f38cb4aeeeb/logout

  • Mobile App Login Redirect URL: https://<your mangoapps domain>/saml/08904ab0-343f-0137-0224-2f38cb4aeeeb/auth

  • Mobile Browser Login Redirect URL: https://<your mangoapps domain>/saml/08904ab0-343f-0137-0224-2f38cb4aeeeb/logout

Then, enter an Environment name.

Next, scroll to the SAML Setup section and enable SAML Authentication.

Add a new SAML Identity Provider with the following values:

  • Identity Provider Name: MangoApps

  • Issuer: http://www.workday.com

For the x509 Certificate:

  • Click the horizontal lines icon an select Create x509 Public Key

  • Enter a unique name for your certificate (e.g., MangoApps.cert)

  • Paste the certificate from MangoApps (see MA Side Setup)

After adding the certificate, click OK to save. This will return you to the Edit Tenant Setup - Security screen.

We will need to set a couple more values in order to complete the integration.

Set the following additional values in the Edit Tenant Setup - Security screen:

  • Service Provider ID: http://www.workday.com

  • Enable SP-Initiated SAML Authentication

  • IdP SSO Service URL: http://www.workday.com

  • Enable Always Require IdP Authentication

  • Select ForceAuthn Only

  • Authentication Request Signature Method: SHA256

Click OK to save.


Testing Considerations

After setup, it’s important to test the SSO flow to ensure everything works as expected before rolling it out to end users.

  • Use a test user account that exists in both MangoApps and Workday.

  • Test both SP-initiated login (from Workday) and IdP-initiated login (from MangoApps).

  • Verify the following:

    • Redirection works correctly.

    • User is authenticated using the correct identifier.

    • Access is granted without errors.


Security Considerations

When setting up SSO, ensure your configuration meets your organization’s security requirements.

  • Use SHA256 for signature hashing.

  • Ensure your MangoApps and Workday tenants are using HTTPS.

  • Keep the x509 certificate secure and rotate it periodically.

  • Audit user login activities through MangoApps and Workday logs.


End User Experience

Once SSO is enabled, users can access Workday with their MangoApps credentials.

  • From MangoApps: Users can click the Workday app icon if published on the dashboard or app launcher.

  • From Workday: Users attempting to log in will be redirected to MangoApps for authentication.

  • Mobile Support: Both mobile app and browser-based logins are supported through SSO.


Rollout Recommendations

To ensure a smooth deployment, follow these steps:

  1. Pilot with a small user group to validate the configuration.

  2. Document the login process and provide training resources.

  3. Update all relevant communication channels before rollout.

  4. Monitor login traffic and support tickets during the initial rollout.

  5. Plan for certificate renewal and revalidation schedules.

🌐
🆕
🆕