Confluence Server Access Needs

Moveworks leverages the Atlassian Confluence Server REST API to access knowledge base articles.

Unlike Confluence Cloud which allows authentication via an API key, your on-premise instance of Confluence Server can only be accessed via HTTPS basic authentication.

Moveworks will require the following access to integrate with Confluence (On-Prem):

Service Account that has read access to the necessary Confluence spaces where end-user knowledge articles reside. These articles will be ingested and surfaced in chat to provide users with useful information and troubleshooting techniques. Please see the following recommendations below when setting up your Confluence service account.

1. Password Verification:
   1. Before providing the credentials to Moveworks, verify the local password of the user. The local password of the Confluence account will always be random at the time of account creation. To know the password with certainty, perform a manual password reset within Confluence.
2. MFA Exception:
   1. Since Confluence On-Prem uses basic authentication, the service account created for Moveworks will need to bypass the MFA with expectation - there are a few ways to handle this:
      • Apply an MFA exception policy for the Moveworks account at your IAM provider settings level
      • If you already allow direct access to Confluence when users are on the office network gateway or when connected via VPN, apply a firewall exception for the Moveworks IP ranges above.
3. Moveworks Agent:
   1. An on-premise Moveworks Agent installation is required to integrate with Confluence On-Prem. With the Moveworks Agent no firewall changes are needed to integrate with Atlassian Server.
   2. If this option does not work for any reason, please contact your Moveworks CS team to discuss alternatives.