The Moveworks service interacts with your Okta instance to carry out one or more of the following:
- Identify employees
- Help employees reset passwords
- Unlock locked accounts
- Help employees reset their multi-factor authentication
- Warn employees when their password is about to expire
Note that not all Moveworks+Okta deployments handle all of the tasks mentioned above. In some deployments, password and account issues are handled through Moveworks' direct interaction with Active Directory.
The service account in Okta allows the Moveworks service to fulfill provisioning requests by adding users to groups in Okta. Create a bot service account dedicated to Moveworks and save the API token of this account for Moveworks configuration. Note: Moveworks does not need the credentials of this service account, the token is sufficient for integration.
- Help Desk Admin (Required to Unlock User Account and/or Reset MFA)
- Reports Admin (Required for Account Unlock Detection)
- This account is used for the bot to be able to add users to Okta groups for app provisioning and identifying user attributes when interacting with the bot.
Once you have obtained the credentials, please notify your Customer Success team. They will provide an encrypted method of transferring the information. You may also opt for your preferred method if necessary.
Updated 5 months ago