Go to the service users tab in your settings
Click the orange button showing “New Service User”
Fill in the fields for the service user name and its display name, for example
A pop up showing the service user’s ID and token should show up. Make a note of these values!
Go to the Roles & Permissions tab in your settings
Click the “Add permission group” tile at the top left
In the form that appears fill in the following values:
The name of the group. You can choose whatever you want here or simply name it “Integration Service Users Group”
Select who’s in the group:
Press “Apply” to confirm the permission group creation. A new window will open where you have to configure the correct permissions.
Return to the connection flow and enable the required permissions. Below is a list of all required permissions and the reason they are required for your integration.
Note: You might not have to enable all the permissions listed below. The connection flow will list the required permissions for your integration. We only sync information that is required for your use-case. Some permission allow us to read more than these fields, so we will discard all information that is not required.
Permission | Reason |
---|---|
People - Address | Used to read the address of an employee. |
People - EEO | Used to read ethnicity information of employees. |
People - Home | Used to read gender information, marital status, phone number and emails. |
People - Identification | Used to read employee’s SSNs. |
People - Lifecycle | The minimum requirement for reading employees. Provides basic information on the user. |
People - Payroll | Used to read employment information. |
Time off - Balance | Used to read time-off-balances. |
Time off - See who’s out today | Used to read absence information. |
People - Employees - Add new people to the company | Used to create employees in your instance. |
Requests - Create, edit, and cancel people's requests that haven't been approved yet | Used to create absences for employees in your instance. |