The Well Built Solutions Newsletter

The Well Built Solutions Newsletter
Pages
Well Built Solutions Brainteaser - February 18th, 2025

WELL BUILT SOLUTIONS BRAINTEASER - FEB 18, 2025

Workday configuration brainteaser 🧠⚡️

You’re not able to add a specific user or security group to your custom report’s Report Definition Sharing Options 😖 What’s the issue, and how do you solve it?

Solution:

Workday will ONLY allow you to add users and security groups to the Report Definition Sharing Options IF they have View permission on the Domain Security Policy of the domain that secures the report’s data source and data source filter.

So if you’re unable to add a user or security group to the Report Definition Sharing Options, here’s the fix in 3 steps…

Identify the domain(s) that secures the data source and data source filter. There are a few ways to do this, but here’s your most direct route…
i. Open the report’s data source in a new tab, click on the related actions button, hover over “Security”, and click “View Security”. A list of domains that secure the data source will be shown. Repeat for the data source filter, if applicable.
Carefully provision View access on the domain's Domain Security Policy for the target user and/or security group(s). Here are 2 ways to do this…
i. Grant View access to one of the target user’s current security groups. Ensure that you meticulously assess which other users are in the selected group, as these users will gain access too.
ii. Add the target user to a security group that already has View access. Again, be mindful of any additional access this gives the target user.
Note: Typically, the user or security group needs View access to just ONE of the domains listed in step 1 to gain data source access. There are cases, however, where access to multiple domains may be needed. Start with one, then test!
Review the domain’s “Securable Reporting Items” THOROUGHLY to confirm you’re not granting users or groups access to data that is off limits to them—test, test, TEST to confirm.

✏️ Note:

Having access to the report data source and data source filter alone does NOT guarantee that a user can access a report. They must also… a) Be specified as an authorized user or security group on the report, OR b) The Report Definition Sharing Options must be set to “Share with all authorized users.”
Having access to a report does NOT guarantee that a user can run the report. Once a user has access to a report via the Report Definition Sharing Options, they’ll need access to the data within the report to run it. Constrained, role-based access is often the culprit of issues here.