In Workday HCM, the ability to run reports, including Workday-delivered standard reports, is governed by domain security, not by report writer or administrator roles. Domain security controls access to the data itself, and without access to the underlying domains referenced by a report, a user cannot run the report—even if the report is standard and delivered by Workday.
Standard reports are prebuilt and do not require report creation or modification privileges. Therefore, users do not need to be members of the Report Writer or Report Administrator security groups to run them. Those roles are only required for creating, copying, modifying, or administering reports—not for execution.
Additionally, access to a business process is unrelated to report execution. Business process security determines who can initiate or participate in transactions such as Hire or Termination, but it does not control visibility into report data.
Workday evaluates a user’s domain security policies at runtime to determine whether they can access the data objects used in the report. If the user lacks permission to one or more required domains, the report will either fail to run or return incomplete or restricted results. This applies equally to standard and custom reports.
From a Workday Pro HCM best-practice standpoint, ensuring users have the appropriate domain access—typically through role-based or user-based security groups—is the correct way to enable report execution. Report access groups alone are insufficient without the necessary domain permissions.
Therefore, the correct and Workday-verified reason a user cannot run a Workday Standard Report is that the user does not have access to the appropriate domain.
Submit