Guide Index
Guides HomeMangoApps WebsiteCommunity & SupportBlog & Resources
MangoApps Integrations Guide
MangoApps Integrations Guide
  • 🥭Integrations
  • 🌐Analytics
    • Google Analytics
    • Integration with Tableau
  • 🌐Digital Signage
    • Digital Signage Integrations
    • Integration with Appspace
    • Integration with Monitors AnyWhere
    • Integration with Rise Vision
    • Integration with ScreenCloud
    • Integration with Yodeck
  • 🌐Events
    • Event Integration with Zoom
  • 🌐File Storage and Sharing
    • Integration with Adobe Experience Manager (AEM)
    • Integration with Box
      • Box as the File Storage
      • Box as External Document Repository
    • Integration with Dropbox
    • Integration with Google Drive
    • Integration with NetSuite
    • Integration with SharePoint
      • SharePoint Files and Federated Search
      • SharePoint Widget
  • 🌐HRIS Partner Integrations
    • 🆕HRIS Partner Integrations
    • 🆕Integration with Workday
    • Paylocity Integration
  • 🌐Single Sign-On
    • Single Sign-On Integrations
    • General Protocol Setups
      • Active Directory/LDAP
      • OAuth2.0
        • OAuth2.0 with Open ID Connect
      • SAML
    • SSO Integrations by Provider
      • SSO Integrations for ADP Workforce Now
        • Integration with ADP Workforce Now
      • SSO Integrations for Google Workspace
        • Google Cloud Identity
        • Integration with Google Enterprise using OAUTH 2.0
      • SSO Integrations for Microsoft
        • SCIM Setup for Microsoft Entra ID
        • Integrating Office 365 SSO Using OAuth2.0
        • Active Directory Federation Services
      • SSO Integrations for Okta
        • SCIM Setup for Okta
        • OAuth2.0 Setup for OKTA Using OpenIDConnect
      • SSO Integrations for OneLogin
        • SCIM Setup for OneLogin
      • SSO Integrations for UKG
      • 🆕SSO Integrations for Workday
        • 🆕MangoApps as an SSO Provider for Workday
        • 🆕Workday as an SSO Provider for MangoApps
  • 🌐Shifts & Schedules
    • Integration with Kronos
    • 🆕Integration with PDI Workforce
  • 🌐Widgets
    • Integration with MS Stream
    • Integration with Tagbox
  • 🌐Workspace
    • Integration with AirBrake
    • Integration with Freshdesk
    • Integration with GitHub
    • Integration with Huddle
    • Integration with JIRA
    • Integration with Microsoft Clarity
    • Integration into Microsoft Teams
    • Integration with OC Tanner
    • Integration with Pingdom
    • Integration with Power BI
    • Integration with Salesforce
    • Integration with Slack
      • Integration with Slack for Channel Notifications
    • Integration with Zendesk
  • 🌐ADDITIONAL RESOURCES
    • Submit a Support Ticket
    • Release Notes
Powered by GitBook
On this page
  • Overview
  • Required Roles
  • Workday Side Setup
  • MangoApps Setup
  • Testing Considerations
  • Security Considerations
  • End User Experience
  • Rollout Recommendations
  1. Single Sign-On
  2. SSO Integrations by Provider
  3. SSO Integrations for Workday

Workday as an SSO Provider for MangoApps

Workday as an SSO Provider for MangoApps ( SAML Connection)

PreviousMangoApps as an SSO Provider for WorkdayNextIntegration with Kronos

Last updated 1 day ago

Overview

This guide explains how to configure Workday as a SAML-based Single Sign-On (SSO) provider for MangoApps. Using Workday for SSO eases access, improves security, and simplifies login experiences for your organization.


Required Roles

To successfully complete this integration, you will need access to the following roles:

  • MangoApps Admin Credentials: Required to access and configure the MangoApps SSO settings.

  • Workday Admin Credentials: Required to set up and manage SAML connections within the Workday interface.


Workday Side Setup

Start by configuring the SAML settings in your Workday environment. This setup allows Workday to act as the identity provider for MangoApps.

Login to Workday using your administrator account and search for Create SAML SSO Link.

Select it to access the pop-up window. From this window, click the 3-dash menu and click Create SAML SSO Link.

This will open the Create SAML SSO Link configuration form.

Fill out the form with the following:

  • Name: Descriptive name for your SSO connection.

  • SAML Version: 2.0

  • ACS URL: Copy this URL from the MangoApps Admin Portal (Admin > SSO > Connections > New SSO Connection).

  • Name Identifier: Select based on your user identification method (Email Address, Employee ID, Username, Workday Identifier).

  • Enable “Use Unspecified Name ID Format” (recommended).

  • Recipient: Enter your MangoApps domain URL.

  • Issuer ID: Use http://www.workday.com.

  • Signature Method: SHA256.

  • Message Signing: Select Both Message and Assertion.

Click Save.


Now, we need to retrieve the metadata for the connection for use in the MangoApps Setup.

Search for View SAML SSO Link and select the newly created SSO link.

Click the Okay button. This will bring up the selected link's details screen. Click the three-dot menu in the top navigation bar, then choose SAML SSO Link > Generate Metadata.

Save the SAML Metadata Descriptor — information contained here will be used in the MangoApps setup.

This completes the Workday side of the integration.


MangoApps Setup

After setting up Workday, configure MangoApps to recognize Workday as a valid SSO provider.

Log in to MangoApps Admin Portal.

Navitgate to Admin > SSO > Connections and open the SAML tab. Click the Add SSO Connection button in the top right of the screen.

In the provider dropdown, select Workday.

In the 'Configure Manually' dropdown, enter the following parameters, all of which can be found in the SAML Metadata Descriptor copied from Workday:

  • Issuer URL / Entity ID (from metadata).

  • X.509 Certificate (from metadata).

  • For the SAML 2.0 Endpoint, enter: https://impl.wd12.myworkday.com/mangoapps_dpt1/samlsso/autosubmit/<appid>

    • Replace <appid> with the Application ID found in the Workday metadata URL.


Testing Considerations

Before rolling out SSO to all users:

  • Test the connection with a few test accounts from different departments.

  • Ensure attributes (e.g., Email, Username) match between MangoApps and Workday.

  • Validate correct user mapping and login redirection.

  • Confirm that users not present in Workday are denied access (if desired).


Security Considerations

Security is critical when enabling SSO:

  • Use SHA256 as the signature method for stronger message integrity.

  • Enable both message and assertion signing.

  • Regularly rotate your x509 certificate in line with internal IT policies.

  • Restrict SSO login access based on IP ranges or conditional access policies, if supported.


End User Experience

Once configured, users can access MangoApps by authenticating through Workday:

  • Users will visit your MangoApps login URL.

  • Upon selecting the Workday SSO option, they are redirected to Workday for authentication.

  • After successful login, they are redirected back into the MangoApps platform with secure access.


Rollout Recommendations

For a smooth deployment:

  1. Pilot Group Testing: Start with a small user group to identify any potential issues.

  2. Communicate: Send an internal announcement detailing the new login process.

  3. Training: Provide documentation or video guides on how users can log in via Workday.

  4. Support: Set up a helpdesk line or internal IT support to assist with login issues during the transition.

  5. Gradual Rollout: Transition teams in phases before enforcing mandatory SSO.

🌐
🆕
🆕