Documentation
DocumentationDeveloperAcademyCommunitySupportLogin
Start typing to search…

Configure Provisioning Systems

Overview

The Provisioning System configuration in Moveworks enables automated software access provisioning for your employees. This guide explains how to configure software provisioning integrations, define provisioning strategies, and customize the user experience for software access requests.

What is a Provisioning System?

A provisioning system is the identity and access management platform that Moveworks uses to automatically grant or revoke software access. When a user requests software through Moveworks, the system communicates with your provisioning platform to add the user to the appropriate groups or roles.

✨ Key Point: Moveworks supports three provisioning systems: Okta, Active Directory (LDAP), and Azure AD (MS Graph). You can use any combination of these based on your organization's infrastructure.

Quick Navigation

Supported Provisioning Systems

Moveworks supports three provisioning systems for software access:

SystemConnector Type
OktaOkta Connector
Active DirectoryLDAP/Active Directory (Agent) Connector
Microsoft Entra (Azure AD/MS graph)MS Graph Connector

System Requirements

For Okta:

  • Active Okta tenant with admin access
  • Moveworks Okta connector configured with API permissions
  • Group IDs for software access (alphanumeric format starting with 00g)
  • Permission to add/remove users from groups

For Active Directory (LDAP):

  • On-premise Active Directory or LDAP server
  • Moveworks LDAP (active_directory) connector configured via Moveworks Agent
  • Security group Distinguished Names (full OU path)
  • Service account with permissions to modify group memberships
  • Network connectivity from agent healthy

For Microsoft Entra (Azure AD/MS Graph):

  • Active Microsoft Entra tenant
  • Moveworks MS Graph connector configured
  • Microsoft Graph API permissions: Group.ReadWrite.All, User.Read.All
  • Security group Object IDs or Distinguished Names
  • Admin access to manage groups and users

Configure Connector Settings

Step 1: Select Connector

Specify your "Provisioning System" by selecting the correct connector, such as Okta. This is the system that our application will utilize for software provisioning.

Step 2: Post Provisioning URL

Define the URL that users will be directed to after successful provisioning. Usually, this will be a link to your selected Provisioning System's portal, like Okta. This ensures that users know where to go after they've successfully requested software. E.g. https://companyname.okta.com/login/signout

Updated 19 days ago

What’s Next

Once you are done with setting up of provisioning system, you can go Software catalog for manage specific software provisioning.