Guides
DocumentationDeveloperAcademyCommunitySupportLogin

Okta SSO Configuration Guide for Non-US Commercial Regions (OIDC)

Suggest Edits

🚧

This guide is deprecated

Please see our updated Okta Installation Guide (🔗)

Before you begin

Ensure you have Admin Access to your Okta instance.

Ask your Moveworks team for your CUSTOMER_ID: this is your organization's unique identifier which will be used to create branded urls for login.

Okta App Setup Instructions

  1. Go to the screen in Okta that allows you to create Applications.
  2. Click on Create App Integration.
  1. Select OIDC - OpenID Connect in the next screen.

  1. Specify a name for the application.

  2. Add the logo for Moveworks application

  3. Identify the appropriate Sign-in Redirect URI and Login URI for your environment from the table below, replacing the CUSTOMER_ID with the value for your org as provided by your CS Team.

RegionSign-in Redirect URILogin URI
United States (default)https://CUSTOMER_ID.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.moveworks.com
Canadahttps://CUSTOMER_ID.am-ca-central.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-ca-central.moveworks.com
EUhttps://CUSTOMER_ID.am-eu-central.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-eu-central.moveworks.com
Australia / Asia Pacifichttps://CUSTOMER_ID.am-ap-southeast.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-ap-southeast.moveworks.com
Government Secure Cloudhttps://CUSTOMER_ID.moveworksgov.com/login/sso/oidchttps://CUSTOMER_ID.moveworksgov.com
  1. Enter the values as shown below and hit Save.
  1. Go back to General Settings and uncheck Require consent.
  1. In order to allow customer users to login without manually inputting email, set the Initiate login URI from the table below. Reach out to your CS Team if you need {org_name}.
RegionSign-in Redirect URILogin URI
United States (default)https://CUSTOMER_ID.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.moveworks.com
Canadahttps://CUSTOMER_ID.am-ca-central.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-ca-central.moveworks.com
EUhttps://CUSTOMER_ID.am-eu-central.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-eu-central.moveworks.com
Australia / Asia Pacifichttps://CUSTOMER_ID.am-ap-southeast.moveworks.com/login/sso/oidchttps://CUSTOMER_ID.am-ap-southeast.moveworks.com
Government Secure Cloudhttps://CUSTOMER_ID.moveworksgov.com/login/sso/oidchttps://CUSTOMER_ID.moveworksgov.com

Finish the Moveworks side of the integration

After setup is complete, provide the following information to your Customer Success team.

  1. Go to the General tab.
  1. Share the idp_client_id , idp_secret , and idp_issuer with your Customer Success team. The idp_issuer is not in the Okta settings, but it should be based on your Okta instance name (e.g. If you login at https://example.okta.com , then share that value for your idp_issuer ).

Updated 4 months ago