University of Wisconsin–Madison
Human Resources

Request to Add or Remove a Workday Security Role Assignment

Security role assignments are requested by designated individuals on each campus who have the Role-Based Access Requester security role. Role requesters can submit requests only for workers/positions in the supervisory organization(s) they support. This request and approval process is done within Workday. Users should avoid requesting roles for themselves unless no other Role-Based Access Requester is available to submit the request.

This article discusses submitting requests for positions that are currently occupied by a worker. For submitting requests for vacant positions, please see Changing Security Roles for a Vacant Position.

  1. Using the search bar in Workday, search for the name of the worker in the search bar and select the correct worker.

  2. In the left-hand sidebar, select Actions.

  3. Hover over Roles, then select Assign Roles to Position/Job.
    Screenshot showing the navigation to Assign Roles to Position/Job by selecting Summary, then Roles, and then clicking on Assign Roles to Position/Job.

  4. On the Assign Roles to Position/Job window, click the Related Actions button next to the correct employee position in the Employee Position for Role Assignment field.

    1. If the worker has multiple positions, make sure you select the correct position.

  5. Hover over Roles, then select Assign Roles – Add/Remove.
    Screenshot showing the Related Actions button appearing within the Position for Role Assignment column. The button appears visually as three horizontal dots.

  6. On the Assign Roles – Add/Remove pop-up window:

    1. Select an Effective Date.

    2. Optional: Select an option for the Copy Role Assignments from field. This allows you to copy security roles from another position. If you select this option, you will be prompted to select the specific roles that you want to copy.

    3. Optional: Check the Remove All Roles for Assignee checkbox to remove all of the roles currently assigned to the position.

    4. Click OK.

  7. On the Assign Roles – Add/Remove window:
    Screenshot showing the Assign Roles panel. There are two selection fields, one for Role Enabled For and another for Role. Additional filed pairs can be added or removed.

    1. Select the (+) to add a row. If you accidentally add a row and need to remove it, click the (-) for the row.

    2. Select an organization in the Role Enabled For column. Since there are many different organizations and organization types (supervisory, academic unit, etc.), instead of searching for an organization by name, we recommend using a search prefix with an organization reference ID. You can find the correct search prefix and a list of common organization reference IDs in the Workday Organization Reference IDs and Type Abbreviations article. If you are unsure what type of organization to choose for a certain role, consult the Simplified HR Security Role Catalog or the UW Security Catalog: Assignable Roles and User Based Groups report in Workday.

    3. Select a security role in the Role column. The available roles are based on what type of organization you selected in the Role Enabled For field. If you are not able to find the desired role, you may need to select a different organization.

    4. If you need to add multiple security roles, repeat steps A-C.

    5. If you want to remove an existing role from the position, select the Remove checkbox.

    6. Enter a comment to justify the request. The comment should provide adequate context about why the user needs the role in order to perform their job responsibilities. If you are requesting a role on your own behalf, please provide additional justification. Role requests submitted without a sufficient justification may be sent back to the requester. 
      1. Example: "This user will be performing pre-employment background checks for new hires in our division, and needs the Background Check Coordinator UW role in order to perform their job responsibilities."
      2. Example (if requesting role for self): "I am requesting this role for myself because the only other role requester for our division is out of the office. I need the Reference Survey Coordinator UW role in order to perform my job responsibilities, which include initiating reference checks for new hires."

    7. Click Submit. Click Save for Later if you are not ready to submit but would like to save your current progress.

      1. Note: If you receive a yellow alert message, it is because a role you requested would create a Separation of Duties (SOD) conflict, where the assignee could perform multiple related functions in violation of checks and balances. Role assignments that create SOD conflicts should not be requested or approved. The Simplified HR Security Role Catalog and the UW Security Catalog: Assignable Roles and User Based Groups report in Workday display the SOD conflicts for each role.

  8. Next steps:

    1. The next approver, usually the assignee's manager, will see the Assign Roles request in their My Tasks. The approver can take actions that include approving, sending back, or adding approvers. If approved, the request will then route to a divisional approver, and finally, will route to a campus approver in the Office of Human Resources (OHR). For more information, please see Review and Approve Role-Based Access Requests.

    2. If a requested role is at the Central Processing, Shared Services, or ERP Administration level of operations, the approval will route to an additional approver at that level of operations.

      1. Consult the Simplified HR Security Role Catalog or the UW Security Catalog: Assignable Roles and User Based Groups report in Workday if unsure of a role's level of operations.

Updated: Nov. 11, 2025
Source URL: https://hr.wisc.edu/hr-guides/for-hr-professionals/request-to-add-or-remove-a-workday-security-role-assignment/

Did you find what you need?