Dayforce supports the ability to request Dayforce APIs using an access token. When you use an access token to call an API, you aren't required to authenticate using your user name and password. You can obtain an access token by calling the Dayforce identity service API with your Web Services login credentials. The access token can then be used to perform an API request. Using token-based authentication reduces the risk of exposing your login credentials to potential attackers as they're not sent with each API request. The token is valid for a limited amount of time, which reduces the risk of the token being compromised. For these reasons, it is highly recommended that you use token-based authentication.
The following diagram illustrates the process of requesting an access token:
Important: Access tokens cannot be revoked. Hence, they must be handled responsibly.
Token-based authentication is available for Dayforce users that are already configured for Web Services. No additional configuration is required.