Skip to main content

Documentation Index

Fetch the complete documentation index at: https://conductorone-groman-network-requirements-updates.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Capabilities

ResourceSyncProvision
Accounts
Roles
Groups
Specifically, the connector syncs Clock Device Groups, Document Security Groups, and Pay Adjust Groups. The Dayforce connector supports automatic account provisioning by hiring a new employee, and grants and revokes security-role assignments on existing employees. This connector does not support account deprovisioning. Dayforce employee records are persistent, so C1 disables access by revoking role grants rather than deleting accounts.
Same-day role revokes take effect at end of day. Dayforce ends a role assignment at 23:59 of the day it was granted, so revoking a role on the same day it was granted leaves it active until midnight. The role appears as granted in C1 until the first sync after midnight. For immediate access cut-off, disable the user in the Dayforce IAM admin UI.

Gather Dayforce credentials

Configuring the connector requires you to pass in credentials for Dayforce. Gather these credentials before you move on. Here’s the set of credentials you’ll need when setting up the connector:
  • Username and password for your account or for a service account
  • Dayforce tenant URL
  • Dayforce client namespace

Permissions required for the Dayforce account

Set the following roles and permissions on the account or service account you use for the integration:
1
Navigate to System Admin > Roles.
2
On the Features tab, enable the Read Data subfeature under HCM Anywhere > Web Services.
3
On the Web Services Field-Level Access tab, enable XRefCode (and relevant child nodes for Employee) under RESTful Services > Human Resources > Employee.
4
On the Authorizations tab, set the following:
  • Can Read for Employee Status Information
  • Can Read for Employee Contact Information - Personal and/or Employee Contact Information - Business
  • Can Read for Employee Profile - Security Settings - Roles
  • Can Read for Employee Profile - Security Settings - User Document Security
  • Can Read for Employee Profile - Security Settings - Pay Code Groups
5
Permissions for provisioning: To use account provisioning (hire new employees) and role provisioning (grant/revoke security roles), also enable:
  • Can Add and Can Edit for New Hire / Employee records
  • Can Edit for Employee Profile - Security Settings - Roles
6
Finally, set location access for the user:
  • Navigate to System Admin > User and select the user.
  • Click Location Access > Add Location and select the appropriate location.
Done. Next, move on to the connector configuration instructions.

Configure the Dayforce connector

To complete this task, you’ll need:
  • The Connector Administrator or Super Administrator role in C1
  • Access to the set of Dayforce credentials generated by following the instructions above
Follow these instructions to use a built-in, no-code connector hosted by C1.
1
In C1, navigate to Integrations > Connectors and click Add connector.
2
Search for Dayforce and click Add.
3
Choose how to set up the new Dayforce connector:
  • Add the connector to a currently unmanaged app (select from the list of apps that were discovered in your identity, SSO, or federation provider that aren’t yet managed with C1)
  • Add the connector to a managed app (select from the list of existing managed apps)
  • Create a new managed app
4
Set the owner for this connector. You can manage the connector yourself, or choose someone else from the list of C1 users. Setting multiple owners is allowed.If you choose someone else, C1 will notify the new connector owner by email that their help is needed to complete the setup process.
5
Click Next.
6
Find the Settings area of the page and click Edit.
7
In the Username and Password fields, enter your Dayforce credentials, or those for a service account you’ve created for this integration.
8
Use the Environment dropdown to select the correct environment: Production, Testing, or Configuration.
9
Enter the full URL of your Dayforce tenant in the Dayforce URL field.
10
Enter the Dayforce client namespace in the Client Namespace field.
11
Click Save.
12
The connector’s label changes to Syncing, followed by Connected. You can view the logs to ensure that information is syncing.
Done. Your Dayforce connector is now pulling access data into C1.