Sailpoint Access Requirements
General Setup
This section covers basic access needs that are required for Moveworks to establish a stable connection to your instance. You will need to provide the following to Moveworks.
- Oauth Client Credentials (See API Client section below)
- Client ID
- Client Secret
- API URL
e.g.https://{{BASE_URL}}/identityiq
Please provide ALL of the above to your Moveworks Customer Success team via encrypted email.
Plugin Installation
Your Moveworks Customer Success Team will share a ZIP file which can be installed as a Sailpoint Plugin in your environment.
- The plugin feature must be enabled in IdentityIQ.
- You must have System Administrator or Plugin Administrator capabilities to install plugins.
- Open the Installed Plugins page by selecting Plugins from the list under the gear icon.
![](https://files.readme.io/8594357-Untitled_-_2023-08-30T104629.939.png)
- Click New to upload the plugin.
![](https://files.readme.io/4ae9d18-Untitled_-_2023-08-30T104619.261.png)
- Click to upload your plugin. A window dialog will appear. You can drag & drop our ZIP file from there.
![](https://files.readme.io/b3e3922-Untitled_-_2023-08-30T104605.163.png)
- Finish the plugin installation following the prompts in your Sailpoint Instance.
Create API Client
Make sure you complete the Plugin Installation process first.
- Create an Identity for Moveworks. We recommend naming the account
svc.moveworks
.
![Home Page → Create Identity](https://files.readme.io/92d1d5f-Untitled_-_2023-08-30T104504.270.png)
Home Page → Create Identity
![Fill out information on Create Identity Page](https://files.readme.io/53141de-Untitled_-_2023-08-30T104507.334.png)
Fill out information on Create Identity Page
- Make sure the new service account has the
Moveworks Approvals Plugin Service Account
user capabilities enabled.
![](https://files.readme.io/ffb2e1e-Untitled_-_2023-08-30T104445.410.png)
- Go to configure API Authentication.
![](https://files.readme.io/5001f18-Untitled_-_2023-08-30T104420.452.png)
- Create a new API Client, setting the Proxy User to our service account.
![](https://files.readme.io/bde0b19-Untitled_-_2023-08-30T104317.237.png)
- Send your
OAuth Client ID
andClient Credentials
to your CSM.
Skill-Specific Access Needs
The Moveworks Plugin grants all the necessary permissions needed to interact with the relevant objects in your Sailpoint instance. There are no further Skill-Specific Access Needs that need to be applied for the integration.
Once you’ve completed the above, speak with your customer success team to complete the implementation.
Updated 5 months ago