Accept all cookies
Cookie settings
×

We use cookies to improve your experience on our site. By using our site, you are agreeing to the collection and use of data as described in our Privacy Policy.

Cookie Settings×
Merge Unified's Workday integrationMerge Agent Handler's Workday MCP server

Connect your AI Agents to Workday in minutes

Merge lets you securely connect your agents to Workday and thousands of tools instantly
Start building for free
Read docs
Workday
Learn more about Merge Agent Handler

Available tools

get_eligible_absence_types

Retrieve eligible absence types for a worker via absenceManagement/v4/workers/{id}/eligibleAbsenceTypes. Returns PTO, sick leave, and other time-off categories the worker can use. Use list_workers to find valid worker IDs.

get_absence_balances

Get absence/PTO balances for a worker via absenceManagement/v4/balances. Returns remaining balances across all absence plans (PTO, sick, etc). Filter by category or effective date. Use list_workers to find valid worker IDs.

list_time_off_entries

List time off entries for a worker via absenceManagement/v4/workers/{id}/timeOffDetails. Returns PTO requests with dates, status, and hours. Filter by date range, status, or time off type. Use list_workers to find valid worker IDs.

get_time_off_entry

Get details of a specific time off entry via absenceManagement/v4/workers/{id}/timeOffDetails/{subId}. Returns full entry details including dates, type, quantity, and status. Use list_time_off_entries to find valid entry IDs.

request_time_off

Submit a time off request via absenceManagement/v4/workers/{id}/requestTimeOff POST. Creates a PTO/sick/leave request with per-day entries. Use get_eligible_absence_types first to find valid time off type IDs.

list_leaves_of_absence

List leaves of absence for a worker via absenceManagement/v4/workers/{id}/leavesOfAbsence. Returns formal leave records (FMLA, parental, medical, etc). Filter by date range, status, or leave type.

get_leave_of_absence

Get details of a specific leave of absence via absenceManagement/v4/workers/{id}/leavesOfAbsence/{subId}. Returns full leave details including type, dates, and status. Use list_leaves_of_absence to find valid leave IDs.

list_custom_object_definitions

List custom object definitions via customObjectDefinition/v1/definitions. Returns definitions with field schemas and metadata. Use to discover available custom object definition IDs.

get_custom_object_definition

Get detailed custom object definition by ID including all field definitions, data types, and validation rules via customObjectDefinition/v1. Use list_custom_object_definitions to find valid IDs.

list_custom_field_types

List available custom field types via customObjectDefinition/v1/fieldTypes. Returns field type definitions that can be used when creating custom object definitions. Use to find valid field type IDs.

get_custom_object_fields

Get fields for a custom object definition via customObjectDefinition/v1/definitions/{id}/fields. Returns all field definitions with their types and constraints. Use list_custom_object_definitions to find valid definition IDs.

create_custom_object_definition

Create a new custom object definition via customObjectDefinition/v1/definitions POST. Provide name, fields, and configuration. Returns created definition with assigned ID. If creation fails, verify name is unique and base object type is valid.

update_custom_object_definition

Update an existing custom object definition via customObjectDefinition/v1/definitions/{id} PUT. Only provided fields are updated. Use list_custom_object_definitions to find valid IDs.

delete_custom_object_definition

Delete a custom object definition permanently via customObjectDefinition/v1/definitions/{id} DELETE. Use list_custom_object_definitions to find valid IDs.

list_employees

Retrieve a paginated list of employees via common/v1/workers. Supports filtering by organization and employment status. Returns worker data including job profiles, personal information, and organizational relationships. If validation fails, use get_employee to verify employee IDs exist.

get_employee

Retrieve employee profile information for a specific employee ID via common/v1/workers/{id}. Returns personal details, job information, organizational hierarchy, and employment status. If employee not found, use list_employees to find valid employee IDs.

update_employee

Update employee information via common/v1/workers/{id} PATCH. Supports position changes, organizational assignments, manager updates, and employment status. Returns updated employee data. If update fails, use list_employees or get_employee to verify IDs.

get_employee_compensation

Retrieve compensation data for a worker via compensation/v2/workers/{id}. Returns compensation scorecard including salary, bonus structures, and pay frequency with effective dates. If access denied, verify permissions with administrator.

get_employee_benefits

Retrieve eligible absence types for a worker via absenceManagement/v4/workers/{id}/eligibleAbsenceTypes. Returns available absence plan types including PTO, sick leave, and other time-off categories. If access denied, verify permissions with benefits administrator.

request_one_time_payment

Request a one-time payment for a worker via compensation/v2/workers/{id}/requestOneTimePayment POST. This is the only compensation write operation available in the Workday REST API. If request fails, verify worker ID exists and amount/currency are valid.

list_organizations

Retrieve a paginated list of organizations via common/v1/organizations. Returns departments, divisions, cost centers, and reporting hierarchies with filtering by type and active status. Use to discover organization IDs for filtering workers.

get_organization

Retrieve organization details for a specific ID via common/v1/organizations/{id}. Returns hierarchy, management assignments, location, and attributes. If organization not found, use list_organizations to find valid IDs.

list_supervisory_organizations

Retrieve a paginated list of supervisory organizations via common/v1/supervisoryOrganizations. Returns supervisory org hierarchy used for manager-worker relationships and approval chains. Use to find supervisory org IDs for get_organization_workers.

get_organization_workers

Retrieve workers assigned to a supervisory organization via common/v1/supervisoryOrganizations/{id}/workers. Returns employees, contractors, and contingent workers with position details. If organization not found, use list_supervisory_organizations to find valid IDs.

list_pay_groups

Retrieve a paginated list of pay groups via payroll/v2/payGroups. Returns pay group configurations including pay frequency, currency, and associated workers. Use to find pay group IDs for payroll operations.

get_pay_group

Get details for a specific pay group via payroll/v2/payGroups/{id}. Returns pay group configuration, frequency, currency, and member information. Use list_pay_groups to find valid IDs.

get_pay_group_details

Get pay group detail by ID via payroll/v2/payGroupDetails/{id}. Returns processing period schedule, run category, and next period to process. The ID must be a payGroupDetail ID from the payGroupDetails array in list_pay_groups or get_pay_group responses, not a pay group ID.

list_worker_pay_slips

Retrieve a paginated list of pay slips for a specific worker via common/v1/workers/{id}/paySlips. Returns earnings, deductions, tax withholdings, gross pay, and net pay. Requires worker_id from list_workers.

get_worker_pay_slip

Get a specific pay slip for a worker via common/v1/workers/{wid}/paySlips/{id}. Returns complete earnings breakdown, deductions, tax withholdings, gross pay, and net pay. Use list_worker_pay_slips to find valid slip IDs.

create_payroll_input

Submit payroll input data via payroll/v2/payrollInputs POST. Supports supplemental earnings, special deductions, bonus payments, and retroactive pay corrections. If submission fails, verify worker ID and earnings codes via list_pay_components.

list_payroll_inputs

Retrieve a paginated list of payroll inputs via payroll/v2/payrollInputs GET. Returns previously submitted payroll input data including earnings, deductions, and processing status.

list_pay_components

Retrieve available pay components (earnings codes) via payroll/v2/values/payrollInputsGroup/payComponents. Returns earnings code names, categories, and taxability status. Use to find valid codes before submitting payroll data.

list_job_postings

Retrieve a paginated list of job postings via recruiting/v4/jobPostings. Returns posting titles, descriptions, locations, and status. Supports filtering by status. Use to find posting IDs for get_job_posting.

get_job_posting

Retrieve job posting details for a specific ID via recruiting/v4/jobPostings/{id}. Returns complete posting information including title, description, requirements, location, and application instructions. Use list_job_postings to find valid IDs.

list_prospects

Retrieve a paginated list of recruiting prospects via recruiting/v4/prospects. Returns prospect profiles with personal details, source, and recruitment status. Use to find prospect IDs for get_prospect.

get_prospect

Retrieve prospect profile information for a specific ID via recruiting/v4/prospects/{id}. Returns personal details, contact information, resume, and recruitment status. Use list_prospects to find valid IDs.

create_prospect

Create a new recruiting prospect via recruiting/v4/prospects POST. Provide personal information, contact details, and source tracking. Returns created prospect with assigned ID. If creation fails, verify email format and required fields.

list_interviews

Retrieve a paginated list of interviews via recruiting/v4/interviews. Returns interview schedules, candidates, interviewers, and status information. Use to find interview IDs for get_interview and submit_interview_feedback.

get_interview

Retrieve interview details for a specific ID via recruiting/v4/interviews/{id}. Returns interview schedule, candidate, interviewers, evaluation status, and feedback. Use list_interviews to find valid IDs.

submit_interview_feedback

Submit feedback for an interview via recruiting/v4/interviews/{id}/feedback POST. Provide overall rating, comments, and recommendation. Use list_interviews or get_interview to find valid interview IDs.

list_data_sources

List WQL data sources via wql/v1/dataSources. Returns available data sources that can be queried with WQL. Use to find data source IDs for get_data_source and get_data_source_fields.

get_data_source

Get a specific WQL data source by ID via wql/v1/dataSources/{id}. Returns data source metadata including name, description, and available fields. Use list_data_sources to find valid IDs.

get_data_source_fields

Get fields for a WQL data source via wql/v1/dataSources/{id}/fields. Returns field names, types, and descriptions. Use list_data_sources to find valid data source IDs.

execute_wql_query

Execute a WQL query via wql/v1/data POST. Submit a Workday Query Language query string to retrieve structured data. Returns query results with column definitions. Use list_data_sources and get_data_source_fields to understand available data.

query_wql_data

Query WQL data via wql/v1/data GET with a query string parameter. Returns paginated structured data. Use list_data_sources and get_data_source_fields to build valid queries.

list_time_clock_events

Retrieve time clock events via timeTracking/v4/timeClockEvents. Supports filtering by worker, date range, and status. Returns clock-in/out records with timestamps and approval status. If entries not found, verify worker_id with list_workers.

create_time_clock_event

Create a new time clock event via timeTracking/v4/timeClockEvents POST. Records a clock-in or clock-out for a worker with time type and optional notes. If creation fails, check worker_id exists and date is not in a locked payroll period.

update_time_clock_event

Update an existing time clock event via timeTracking/v4/timeClockEvents/{id} PUT. Modify hours, time type, or notes. If update fails, check event_id exists and entry is not locked/approved.

delete_time_clock_event

Delete a time clock event via timeTracking/v4/timeClockEvents/{id} DELETE. Validates approval status and payroll period locks. If deletion fails, entry may be approved/locked or in a closed payroll period.

get_worker_time_totals

Retrieve time totals for a worker via timeTracking/v4/workers/{id}/timeTotals. Returns aggregated hours including regular, overtime, and time-off summaries. If worker not found, use list_workers to find valid IDs.

submit_time_review

Submit a time review event for a worker via timeTracking/v4/workers/{id}/timeReviewEvents POST. Triggers manager approval workflow for the specified period. If submission fails, check for incomplete entries or locked pay periods.

validate_credential

Validate Workday credentials. Verifies credentials during setup.

list_workers

Retrieve a paginated list of all workers via common/v1/workers. Supports filtering by employment status, worker type, and organization. Returns up to 100 results per request. If validation fails, verify organization IDs with list_organizations.

get_worker

Retrieve worker profile for a specific ID via common/v1/workers/{id}. Returns personal data, employment history, position details, and organizational relationships. If worker not found, use list_workers to find valid worker IDs.

create_worker

Create a new worker via common/v1/workers POST. Provide personal information, employment details, and position assignments. Returns created worker data with assigned worker ID. If creation fails, verify position and organization references exist.

update_worker

Update existing worker via common/v1/workers/{id} PATCH. Supports partial updates to personal details, contact info, employment data, and position. Returns updated worker data. If update fails, verify position and organization references are valid.

delete_worker

Terminate a worker via common/v1/workers/{id} DELETE. Processes employment termination with reason codes and effective dates. Returns termination confirmation. If termination fails, verify worker ID is valid and worker has no pending approvals.

View all tools by creating a free accountSee more tools
Previous
Next

How to set up Merge Agent Handler

Cursor
Claude
Windsurf
VS Code

In an mcp.json file, add the configuration below, and restart Cursor.

Learn more in the official documentation ↗

1{
2  "mcpServers": {
3    "agent-handler": {
4      "url": "https://ah-api-develop.merge.dev/api/v1/tool-packs/{TOOL_PACK_ID}/registered-users/{REGISTERED_USER_ID}/mcp",
5      "headers": {
6        "Authorization": "Bearer yMt*****"
7      }
8    }
9  }
10}
11
Copy Code

Open your Claude Desktop configuration file and add the server configuration below. You'll also need to restart the application for the changes to take effect.

Make sure Claude is using the Node v20+.

Learn more in the official documentation ↗

1{
2  "mcpServers": {
3    "agent-handler": {
4      "command": "npx",
5      "args": [
6        "-y",
7        "mcp-remote@latest",
8        "https://ah-api-develop.merge.dev/api/v1/tool-packs/{TOOL_PACK_ID}/registered-users/{REGISTERED_USER_ID}/mcp",
9        "--header",
10        "Authorization: Bearer ${AUTH_TOKEN}"
11      ],
12      "env": {
13        "AUTH_TOKEN": "yMt*****"
14      }
15    }
16  }
17}
Copy Code
Copied!

Open your Windsurf MCP configuration file and add the server configuration below.
Click on the refresh button in the top right of the Manage MCP server page or in the top right of the chat box in the box icon.

Learn more in the official documentation ↗

1{
2    "mcpServers": {
3      "agent-handler": {
4        "command": "npx",
5        "args": [
6          "-y",
7          "mcp-remote@latest",
8          "https://ah-api.merge.dev/api/v1/tool-packs/<tool-pack-id>/registered-users/<registered-user-id>/mcp",
9          "--header",
10          "Authorization: Bearer ${AUTH_TOKEN}"
11        ],
12        "env": {
13          "AUTH_TOKEN": "<ah-production-access-key>"
14        }
15      }
16    }
17  }
Copy Code

In Command Palette (Cmd+Shift+P on macOS, Ctrl+Shift+P on Windows), run "MCP: Open User Configuration".

You can then add the configuration below and press "start" right under servers. Enter the auth token when prompted.

Learn more in the official documentation ↗

1{
2  "inputs": [
3    {
4      "type": "promptString",
5      "id": "agent-handler-auth",
6      "description": "Agent Handler AUTH_TOKEN", // "yMt*****" when prompt
7      "password": true
8    }
9  ],
10  "servers": {
11    "agent-handler": {
12      "type": "stdio",
13      "command": "npx",
14      "args": [
15        "-y",
16        "mcp-remote@latest",
17        "https://ah-api-develop.merge.dev/api/v1/tool-packs/{TOOL_PACK_ID}/registered-users/{REGISTERED_USER_ID}/mcp",
18        "--header",
19        "Authorization: Bearer ${input:agent-handler-auth}"
20      ]
21    }
22  }
23}
Copy Code

FAQs on using Merge's Workday  MCP server

FAQs on using Merge's Workday  MCP server

What is a Workday MCP server?

It’s an MCP server that lets you access data and functionality from Workday via tools. Your agents can call these tools to update employee records, retrieve compensation details on a group of employees, and more.

Workday doesn’t currently support an “official” MCP server. But you can access Workday MCP servers with dozens of tools from 3rd-party platforms, like Merge Agent Handler.

What are some common ways to use a Workday MCP server?

Here are some popular use cases:

  • Employee profile lookups: Pull basic employee data for personalization, access checks, or downstream workflows (e.g., “Who is Alex’s manager?”)
  • Onboarding task orchestration: When a new hire is created or starts, trigger cross-system workflows (e.g., create IT/helpdesk tickets) with Workday as the HR source of truth
  • Offboarding automation and access hygiene: When a termination is recorded, coordinate de-provisioning and notify internal stakeholders (e.g., a Slack channel for IT), with Workday events driving the workflow
  • Manager self-serve “HR copilot”: Let managers ask natural-language questions about team changes, start dates, roles, and tenure and get answers grounded in Workday data
  • Workforce analytics and reporting: Generate headcount, attrition, hiring velocity, and department breakdowns by querying Workday worker and employment data

What makes Merge Agent Handler’s Workday MCP server better than alternative Workday MCP servers?

Here are just a few reasons:

  • Enterprise-grade authentication and credential handling: Merge Agent Handler manages the auth and credential lifecycle for third-party tools so developers don’t need to build or maintain integration infrastructure themselves. This allows agents to securely interact with enterprise systems like Workday while maintaining controlled access
  • Connector Studio for customization: Developers can modify existing connectors or create new ones using Connector Studio, enabling custom tools or integrations tailored to their specific agentic use cases. This allows teams to adapt Workday integrations without rebuilding the infrastructure layer
  • Enterprise security with data loss protection (DLP): Agent Handler includes a Security Gateway that scans tool inputs and outputs for sensitive data and provides configurable rules to block, redact, or mask data to prevent misuse
  • Real-time observability: The platform logs every tool call and underlying API request triggered by your AI agents. These logs are fully searchable and enable teams to audit behaviors and debug issues with ease

Can I set custom security rules for Workday tool calls in Merge Agent Handler?

Yes, Merge Agent Handler includes a security gateway with data loss protection (DLP) that scans tool inputs and responses for sensitive information and enforces security policies. These rules can automatically block, redact, or mask sensitive data fields during tool execution.

Here are a few custom rules you can set:

  • Prevent accidental exposure of employee PII in support workflows: If your helpdesk agent pulls a worker profile from Workday, redact or block sensitive fields (e.g., SSNs, passport numbers, birthdates) so they never get copied into a ticket or chat response
  • Enable manager self-serve without turning Workday into “search for everyone”: Allow managers to ask questions about their direct reports, but block broad directory scraping (like “list all employees”) for non-admin identities
  • Ship a compliant employee experience across regions: Apply stricter handling for EU employees or region-specific restrictions, so the same agent can operate globally without violating local requirements
  • Reduce risk in sensitive offboarding conversations: If an agent is asked about “termination reason” or similar sensitive custom fields, require extra justification, redact details, or block the request outright
  • Stop unauthorized employee data changes: Block all Workday write actions by default, then allow only a small approved set of “safe” updates for designated service accounts or workflows

How can I start using Merge Agent Handler’s Workday MCP server?

You can follow these steps:

1. Create an Agent Handler account and sign in.

2. Create (or select) a Registered User for the identity you want to act as. This is the identity boundary Agent Handler uses to scope credentials and audit logs.

3. Add the Workday connector and configure its tool access. Do this in Agent Handler so the tools you need are available to your agent via MCP (and scoped appropriately).

4. Create a Tool Pack that includes Workday. Tool Packs define the set of tools your MCP client will see when it connects.

5. Have the Registered User authenticate to Workday via Merge Link. Agent Handler will prompt for auth if the user isn't connected yet, and store the Workday credentials under that Registered User.

6. Generate your MCP connection config. The MCP endpoint comes in the following form: https://ah-api-develop.merge.dev/api/v1/tool-packs/{TOOL_PACK_ID}/registered-users/{REGISTERED_USER_ID}/mcp

7. Add that MCP server to your MCP client (Claude Desktop, Windsurf, VS Code, Cursor). Use the provided JSON config pattern for your client, and make sure you are on Node v20 if you are using the <code class="blog_inline-code">npx mcp-remote</code> flow.

8. Authenticate the MCP connection with your Agent Handler API key.Your MCP client sends it as <code class="blog_inline-code">Authorization: Bearer ${AUTH_TOKEN}</code> and you can rotate it as needed.

9. Test a few Workday tool calls, then verify in your logs. Run simple prompts first, and confirm the tool calls and underlying requests look correct in Agent Handler’s logs.

10. Add rules before going to production. Set DLP and access-control rules per connector/tool, and optionally by region, to block or redact sensitive HR data.

Explore other MCP servers built and managed by Merge

activecampaign
ActiveCampaign
adobe_pdf_services
Adobe PDF Services
ahrefs
Ahrefs
airtable
Airtable
amadeus
Amadeus
amazon_s3
Amazon S3
amplitude
Amplitude
anaplan
Anaplan
apollo
Apollo
arize
Arize
articulate
Articulate Reach 360
asana
Asana
attio
Attio
aviationstack
Aviationstack
bamboohr
BambooHR
basecamp
Basecamp
biorxiv
bioRxiv
bitbucket
Bitbucket
bitly
Bitly
box
Box
calendly
Calendly
canva
Canva
clickup
ClickUp
clinicaltrials
ClinicalTrials.gov

Ready to try it out?

Whether you're an engineer experimenting with agents or a product manager looking to add tools, you can get started for free now

Start building for free
Get a demo