Integration Hub DayforceSSO

Steps to configure SAML SSO for Dayforce

About Dayforce

Dayforce (previously known as Ceridian) is a cloud-based human capital management platform that helps organizations manage their workforce through a single, unified system. It offers solutions for payroll, HR, workforce management, talent, and analytics, enabling real-time data access and compliance support.

Prerequisites

  1. The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications.
  2. Log in to Identity360 as an Admin, Super Admin, or Technician with a role that has Application Integration and Single Sign-on permissions.
  3. Navigate to Applications > Application Integration > Create New Application, and select Dayforce from the applications displayed.
    Note: You can also find Dayforce from the search bar located at the top.
  4. Under the General Settings tab, enter the Application Name and Description.
  5. Under the Choose Capabilities tab, choose Single Sign-on and click Continue.
    Identity360 application configuration General SettingsGeneral Settings of SSO configuration for Dayforce.
  6. Under Integration Settings, navigate to the Single Sign On tab and click Metadata Details. Download the metadata file to be uploaded during the configuration of Dayforce in Identity360 by clicking Download from the Metadata field. Copy the Login URL, Logout URL, Entity ID, and Signing Certificate, which needs to be sent to the Dayforce support team.
    Identity360 application configuration Integration SettingsIntegration Settings of SSO configuration for Dayforce.

Dayforce (service provider) configuration steps

Send the downloaded Metadata XML file along with the relevant URLs copied from the in step six of the prerequisites to the Ceridian Dayforce support team. These details are required to correctly configure the SAML SSO connection on both ends.

Identity360 (identity provider) configuration steps

  1. Switch to Identity360's application configuration page.
  2. Enter your Dayforce Customer Namespace. For example, if your Dayforce login URL is https://www.dayforcehcm.com/mydayforce/login.aspx, then, mydayforce is your Customer Namespace.
  3. Enter the Relay State parameter, if necessary.
    Note: Relay State is an optional parameter used with a SAML message to remember where you were or to direct you to a specific page after logging in.
  4. Click Save.
    Identity360 application configurationIntegration Settings of SSO configuration for Dayforce.
  5. To learn how to assign users or groups to one or more applications, refer to this page.

Your users will now be able to sign in to Dayforce through the Identity360 portal.

Note: For Dayforce, both SP-initiated and IdP-initiated flows are supported.

Steps to enable MFA for Dayforce

Setting up MFA for Dayforce using Identity360 involves the following steps:

  1. Set up one or more authenticators for identity verification when users attempt to log in to Dayforce. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
  2. Integrate Dayforce with Identity360 by configuring SSO using the steps listed here.
  3. Now, activate MFA for Dayforce by following the steps mentioned here.

How does MFA for applications work in Identity360?

  SSO Integration flow diagram  

Don't see what you're looking for?

  •  

    Visit our community  

    Post your questions in the forum.

     
  •  

    Request additional resources  

    Send us your requirements.