Skip to main content

Ceridian Dayforce

Connector name

agtdayforce

Connector type

This connector consists of a Python script, agtdayforce.py, and a scripted platform definition file, agtdayforce.con, that associates the script with the Python script (agtpython) connector.

Type (UI field value)

Ceridian Dayforce

Connector status / support

Bravura Security-Verified

This connector has been tested and is fully supported by Bravura Security.

Upgrade notes

The Bravura Security-Verified scripted connector was added in Connector Pack 4.7.0.

The Customer-Verified agtdayforce.exe connector was renamed Ceridian Dayforce (Legacy) in Connector Pack 4.7.0.

The agtdayforce.con connector that makes use of agtpython.exe and a Python script should be used instead of the legacy agtdayforce.exe connector. The legacy agtdayforce.exe connector was only able to list a limited set of attributes.

The new agtdayforce.con Python connector offers more flexibility and is able to list attributes by their json path and therefore be able to list more attributes from Dayforce.

The following Bravura Security Fabric operations are supported by Ceridian Dayforce connector:

  • list account attributes

  • List:

    • accounts

    • attributes

For a full list and explanation of each connector operation, see connector operations.

Preparation

Before you can target Ceridian Dayforce, you must set up a target administrator.

Ensure that a user account has been created within Ceridian Dayforce that is an administrative user and has access to list Dayforce users.

Targeting the Ceridian Dayforce system

For each Ceridian Dayforce system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems):

  • Type is Ceridian Dayforce

  • Address uses options described in the table below:

Options marked with a redstar.png are required.

Option

Description

Script file: redstar.png

The pre-set agtdayforce.py script file used by the Dayforce connector.

(key: script)

URL: redstar.png

The domain name URL for the Dayforce server. This is used for API calls other than authentication.

(key: server)

Authentication URL: redstar.png

The domain name URL for the Dayforce authentication server. This is used for API calls that are specifically for authentication.

(key: authServer)

Company ID: redstar.png

The Company ID on the Dayforce server that will be used to target.

(key: companyId)

Expanders to use for listing:

This is a comma-separated list that is used for additional fields to use to query on for details when listing. Example: "WorkAssignments,Contacts".

See here for more information regarding Dayforce API documentation for possible expanders.

(key: expanders)

Numbers of threads to use for listing:

Specifies the number of threads. If no value is specified then three threads are used when listing. Dayforce can scale how many servers they have available for handling API calls so this option will allow to increase the number of threads to make use of them.

However note that Dayforce does aggressively rate limit their API calls and significantly surpassing their rate limits can lead to exponential delays and potentially the server that runs the connector being temporarily IP blocked by Dayforce. See here for more information.

(key: threads)

Trace Logging:

Provides detailed multiline logging for connectors. Default is None. Other options include Low, Medium, and High.

(key: trace)

The full list of target parameters is explained in Target System Options.

Trace logging

The Trace Logging option provides detailed multi-line logging for the connectors and exposes a way to engage trace logging to a file. Trace logging are things that are generally multi-line such as input/output kvg options, http request/response data, and generally verbose data for diagnosing and troubleshooting issues. It provide a simple mechanism to redirect multi-lined information to an output file.

A trace log file is created within the <Program Files path>\Bravura Security\Bravura Security Fabric\Logs\<instance> directory and has a format of trc-<connector-name>-<unix-time>-<process-id>.log.

The Trace Logging option can be found in the advanced section when modifying the target system address configuration page for individual target systems. It can be set to the following values:

None

Default value. Log no trace information and no trace log file is created.

Low

Contains kvgroup data for the Input KVG and for the Output KVG.

Medium

Telemetry data for Http Post/Get request/response data.

High

Not yet used, to be implemented in a future release.

(key: trace)

Handling account attributes

You can view the complete list of attributes that Bravura Security Fabric can manage, including native and pseudo-attributes, using the Manage the system (PSA) module. To do this, select Ceridian Dayforce from the Manage the system > Resources > Account attributes > Target system type menu.

The attributes that are used to list are also currently defined in the agtdayforce.py script file by their json paths, for example:

# json path for attributes we want to list
global jsonPathAttributeMapping
jsonPathAttributeMapping = {
  "DateOfBirth": "$.Data.BirthDate",
  "EmployeeNumber": "$.Data.EmployeeNumber",
  "BusinessEmail": "$.Data.Contacts.Items[?(@.ContactInformationType.LongName =~ 'Business')].ElectronicAddress"
}

Any desired attributes should be added to this section of the script with the attribute's name and the json path to where its value resides in the API call’s output.

For information about the native Ceridian Dayforce attributes managed by Bravura Security Fabric, consult your Ceridian Dayforce documentation.

In this section: