OneLogin Access Requirements
Why do we need access to your OneLogin instance?
The Moveworks service interacts with your OneLogin instance to carry out one or more of the following:
- fulfill employees' software provisioning requests;
- identify employees; and
- help employees reset passwords, unlock locked accounts, help employees reset their multi-factor authentication, and warn employees when their password is about to expire.
Note that not all Moveworks+OneLogin deployments handle all of the tasks mentioned above, and is dependent on customer-specific discovery.
Service Account Needed:
A service account allows the Moveworks service to fulfill provisioning requests by adding users to roles in OneLogin. Create the API credential pair (client ID & client secret) and share with your Moveworks Customer Success team. This account must have the Manage Users permission in OneLogin.
https://developers.onelogin.com/api-docs/1/getting-started/working-with-api-credentials
Share the account credentials with your Moveworks Customer Success Team.
What is the account used for:
- This account is used for the bot to be able to add users to OneLogin roles for Application Provisioning, identifying user attributes, and MFA Reset Functionality.
Updated 10 months ago