Workday Security · Capability

Workday Security Workday Audit and Compliance API

Access audit logs, security reports, and compliance data within the Workday platform. Provides programmatic access to audit trail information for security monitoring, regulatory compliance, and governance reporting. Supports retrieval of configuration change history, security policy modifications, and access control audit records for maintaining a complete compliance trail.

Run with Naftiko WorkdaySecurityAPI

What You Can Do

GET
Listauditlogs — Workday Security List audit log entries
/auditLogs
GET
Getauditlogentry — Workday Security Get a specific audit log entry
/auditLogs/{auditLogId}
GET
Listpermissionchanges — Workday Security List security permission changes
/securityAudit/permissionChanges
GET
Listcompliancereports — Workday Security List compliance reports
/complianceReports

MCP Tools

listauditlogs

Workday Security List audit log entries

read-only idempotent
getauditlogentry

Workday Security Get a specific audit log entry

read-only idempotent
listpermissionchanges

Workday Security List security permission changes

read-only idempotent
listcompliancereports

Workday Security List compliance reports

read-only idempotent

Capability Spec

workday-security-capability.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Workday Security Workday Audit and Compliance API
  description: Access audit logs, security reports, and compliance data within the Workday platform. Provides programmatic
    access to audit trail information for security monitoring, regulatory compliance, and governance reporting. Supports retrieval
    of configuration change history, security policy modifications, and access control audit records for maintaining a complete
    compliance trail.
  tags:
  - Workday
  - Security
  - API
  created: '2026-05-06'
  modified: '2026-05-06'
capability:
  consumes:
  - type: http
    namespace: workday-security
    baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1/your-tenant
    description: Workday Security Workday Audit and Compliance API HTTP API.
    authentication:
      type: bearer
      token: '{{WORKDAY_SECURITY_TOKEN}}'
    resources:
    - name: auditlogs
      path: /auditLogs
      operations:
      - name: listauditlogs
        method: GET
        description: Workday Security List audit log entries
        inputParameters:
        - name: fromDateTime
          in: query
          type: string
          description: Start of the date range for filtering audit log entries
        - name: toDateTime
          in: query
          type: string
          description: End of the date range for filtering audit log entries
        - name: eventType
          in: query
          type: string
          description: Filter by the type of audit event
        - name: actor
          in: query
          type: string
          description: Filter by the account that performed the audited action
        - name: target
          in: query
          type: string
          description: Filter by the target resource or object of the audited action
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: auditlogs-auditlogid
      path: /auditLogs/{auditLogId}
      operations:
      - name: getauditlogentry
        method: GET
        description: Workday Security Get a specific audit log entry
        inputParameters:
        - name: auditLogId
          in: path
          type: string
          required: true
          description: Unique identifier of the audit log entry
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: securityaudit-permissionchanges
      path: /securityAudit/permissionChanges
      operations:
      - name: listpermissionchanges
        method: GET
        description: Workday Security List security permission changes
        inputParameters:
        - name: fromDateTime
          in: query
          type: string
          description: Start of the date range for filtering permission changes
        - name: toDateTime
          in: query
          type: string
          description: End of the date range for filtering permission changes
        - name: changeType
          in: query
          type: string
          description: Filter by the type of permission change
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: compliancereports
      path: /complianceReports
      operations:
      - name: listcompliancereports
        method: GET
        description: Workday Security List compliance reports
        inputParameters:
        - name: reportType
          in: query
          type: string
          description: Filter by the type of compliance report
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
  exposes:
  - type: rest
    port: 8080
    namespace: workday-security-rest
    description: REST adapter for Workday Security Workday Audit and Compliance API.
    resources:
    - path: /auditLogs
      name: listauditlogs
      operations:
      - method: GET
        name: listauditlogs
        description: Workday Security List audit log entries
        call: workday-security.listauditlogs
        outputParameters:
        - type: object
          mapping: $.
    - path: /auditLogs/{auditLogId}
      name: getauditlogentry
      operations:
      - method: GET
        name: getauditlogentry
        description: Workday Security Get a specific audit log entry
        call: workday-security.getauditlogentry
        with:
          auditLogId: rest.auditLogId
        outputParameters:
        - type: object
          mapping: $.
    - path: /securityAudit/permissionChanges
      name: listpermissionchanges
      operations:
      - method: GET
        name: listpermissionchanges
        description: Workday Security List security permission changes
        call: workday-security.listpermissionchanges
        outputParameters:
        - type: object
          mapping: $.
    - path: /complianceReports
      name: listcompliancereports
      operations:
      - method: GET
        name: listcompliancereports
        description: Workday Security List compliance reports
        call: workday-security.listcompliancereports
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    port: 9090
    namespace: workday-security-mcp
    transport: http
    description: MCP adapter for Workday Security Workday Audit and Compliance API for AI agent use.
    tools:
    - name: listauditlogs
      description: Workday Security List audit log entries
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: workday-security.listauditlogs
      with:
        fromDateTime: tools.fromDateTime
        toDateTime: tools.toDateTime
        eventType: tools.eventType
        actor: tools.actor
        target: tools.target
      inputParameters:
      - name: fromDateTime
        type: string
        description: Start of the date range for filtering audit log entries
      - name: toDateTime
        type: string
        description: End of the date range for filtering audit log entries
      - name: eventType
        type: string
        description: Filter by the type of audit event
      - name: actor
        type: string
        description: Filter by the account that performed the audited action
      - name: target
        type: string
        description: Filter by the target resource or object of the audited action
      outputParameters:
      - type: object
        mapping: $.
    - name: getauditlogentry
      description: Workday Security Get a specific audit log entry
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: workday-security.getauditlogentry
      with:
        auditLogId: tools.auditLogId
      inputParameters:
      - name: auditLogId
        type: string
        description: Unique identifier of the audit log entry
        required: true
      outputParameters:
      - type: object
        mapping: $.
    - name: listpermissionchanges
      description: Workday Security List security permission changes
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: workday-security.listpermissionchanges
      with:
        fromDateTime: tools.fromDateTime
        toDateTime: tools.toDateTime
        changeType: tools.changeType
      inputParameters:
      - name: fromDateTime
        type: string
        description: Start of the date range for filtering permission changes
      - name: toDateTime
        type: string
        description: End of the date range for filtering permission changes
      - name: changeType
        type: string
        description: Filter by the type of permission change
      outputParameters:
      - type: object
        mapping: $.
    - name: listcompliancereports
      description: Workday Security List compliance reports
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: workday-security.listcompliancereports
      with:
        reportType: tools.reportType
      inputParameters:
      - name: reportType
        type: string
        description: Filter by the type of compliance report
      outputParameters:
      - type: object
        mapping: $.
binds:
- namespace: env
  keys:
    WORKDAY_SECURITY_TOKEN: WORKDAY_SECURITY_TOKEN