Okta SSO Configuration Guide

Supported features

  • Single Sign-On (OpenID Connect) initiated via Okta


In order to proceed with configuring login with SSO through Okta, you must:

  • Have access to an Okta tenant
  • Be an Okta administrator to that tenant
  • Have the Moveworks bot set up in the Moveworks US Commercial environment. If your bot is going to be hosted in either GovCloud, EU, Canada or Australia, follow this guide instead.

Okta App Configuration Steps

  1. Go to the Okta Admin screen that lets you create Applications.

  2. Click on Browse App Catalog.

  3. Search and select Moveworks.

  4. Add a logo for the Moveworks application:

  5. Click Add integration.

  6. Set the Application Label as Moveworks and click Done.

    Note: Make sure you get your Customer ID from your Customer Success Team before this next step.

  7. Set the Customer_ID in the Sign On tab to be the provided CUSTOMER_ID and click Save.

Handoff to Moveworks

After the above setup is complete, provide the following information to your Customer Success Team.

  1. Go to the Sign On tab.

  2. Share the Client ID , Client secret, and idp_issuer with your Customer Success Engineer. The idp_issuer is not in the Okta settings, but it should be based on your Okta instance name (e.g. If you login at https://example.okta.com, then share that value for your idp_issuer).

Log into My Moveworks

After completing SSO setup, you can login from your okta homepage, or by logging into https://my.moveworks.com and entering your email address.

Once logged in, your session is valid for 1 week. You will be automatically logged out afterwards.