Recipe: Obtaining Bearer Tokens for Authentication (OAuth 2.0)

To generate a token, follow these steps:

1. Open the Developer Console
   For Pro HCM: System Configuration > Security > Developer Console
   For Pro WFM: Administation > Developer Console

2. Copy Developer Metadata
   From the Developer Console page, copy the following:

   • Organization (For example: org_c5DJ9CCKN4WUuP98)
   • Generate Token URL (For example: https://welcome-staging-test.ukg.dev)
   • audience (For example: api.ukg.net)

3. Copy Integration Credentials
   Next, copy the following credentials for the desired integration:

   • Client ID
   • Client Secret

4. Gather Additional Fields
   You will also need:

   • Grant Type (currently always client_credentials; other options may be available in the future)

5. Use the UKG OAuth Token API
   With the above values in hand:

   • Organization
   • Generate Token URL
   • Client ID
   • Client Secret
   • Grant Type
   • Audience

   Call the UKG OAuth Token API and enter the required data to obtain the OAuth Bearer Token.

6. Use the OAuth Bearer Token
   Once you have the token:

   • Navigate to the desired API
   • Enter the OAuth Bearer Token into the Authorization header
   • Enter the organization into the global-tenant-id header
   • Run the API