Brook Preloader

Absence Request Segmentation Made Easy with Workday Segmented Security

Absence Request Segmentation Made Easy with Workday Segmented Security

I can’t count the number of times a client requested that a particular time off was not available to certain users. In the past, our only option to limit usage for specific security groups in Workday was to configure a validation on the Initiation step of the Request Time Off business process. This didn’t provide the best user experience, however, because the security groups (i.e. “Manager”) could still select the Time Off Type in their request; they’d only receive an error once they tried to Submit. The enhancement of Segmented Security gave us the ability to create groups of different types of users instead, putting configuration at a foundational level.

Segmented Security provides organizations with the ability to restrict requests for Leaves and Time Offs to members of specified Segment-Based Security groups. It ensures that each user has the ability to only request the time offs and leaves that the organization deems are “allowed”, providing a positive user experience and reducing the back-and-forth communication to resolve issues. Leave Segment Security has been available for a few years, but the Time Off segment functionality is fairly new. Let’s talk more about why it’s a great feature and how to configure it for yourself!

Benefits of Utilizing Workday’s Segmented Security in Time Off

  • Limiting visibility of time offs to specific groups such as Human Resources or Benefits
  • Only allowing managers the ability to enter a list of specific time offs for their employees
  • Restricting the usage of applicable time offs for users in various countries
    • For example, if regulations differ from country to country, you can configure Workday so that Managers in various jurisdictions have access to different time offs, making the system function optimally for your global workforce.
  • Removing the need for the use of business process validations that previously were required to block users from submitting specific time offs
  • Enabling the ability to restrict the use of Termination Payout and/or Adjustment time offs to applicable users
  • Administrative roles can be added to Time Off Segmented Setup to ensure they retain access to all time offs even if they are not in any segment

Getting Started

The configuration of Segmented Security for Time Off is straightforward and, in many cases, much of it is already Workday-delivered and completed for you. If you went Live after March 2021, segments need to be created. Otherwise, you’ll simply need to review the delivered configuration and make appropriate changes for your organization.

Ensure the domain Time Off Segmented Setup is enabled and activated, then add all applicable Time Off Segment Security Groups. For a detailed explanation of how to correctly configure segmented security for time off, please review the documentation linked here. In addition to details regarding security, it includes information for configuring the applicable business processes.

*Important: Time Off Segmented Security requires an “Opt-In” via the Maintain Feature Opt-Ins task. This means that once you opt in, you cannot opt out.

Time Off Segment Considerations

  • Testing is always a critical part of Workday configuration and this feature is no different. Ensure you are thorough in your review of the feature, testing both for positive and negative results.
  • The security segments were created by Workday in March 2021. Unless clients have kept the segments updated in the past 2 years, there have not been any automatic updates made. The existing segments should be fully reviewed before opting into Segmented Security. The following should be considered:
    • The time offs that are included in each segment. Ensure that they are all in the correct segment(s). If any time offs are in an incorrect segment, move them or create a new one with the correct security group(s) attached.
    • The security groups that are attached to each segment. Ensure that they are in the correct segment. If any security groups are attached to an incorrect segment, move them to the correct one or create a new segment with the time offs that the group should have access to. 
  • Administrators and Partners who have access to additional time off codes will also be able to access those time offs for their own, Employee As Self requests. Workday is working on solutions for this issue to make it possible for more organizations to adopt this functionality!

Utilizing Segmented Security for time off is still an optional opt-in, but as with most Workday enhancements, there may be a time when it will become required. Rather than forcing your team to adopt the feature at that time, why not get ahead and configure it today?

For assistance with this feature or any others within Workday, please get in touch with us at!


  • Christina Duritza

    Christina has been in the Workday ecosystem for 8 years. She joined Kognitiv in 2019 after starting her Workday career on the client side. Christina has spent her time at Kognitiv as a Product Lead focused on supporting clients in the areas of Absence, Time Tracking, Benefits, and HCM.

    View all posts