General Setup

This section covers basic access needs that are required for Moveworks to establish a stable connection to your instance. You will need to provide the following to Moveworks.

• Oauth Client Credentials (See API Client section below)
  • Client ID
  • Client Secret
  • API URL
    e.g. https://{{BASE_URL}}/identityiq

Please provide ALL of the above to your Moveworks Customer Success team via encrypted email.

Plugin Installation

Your Moveworks Customer Success Team will share a ZIP file which can be installed as a Sailpoint Plugin in your environment.

1. The plugin feature must be enabled in IdentityIQ.
2. You must have System Administrator or Plugin Administrator capabilities to install plugins.
3. Open the Installed Plugins page by selecting Plugins from the list under the gear icon.

4. Click New to upload the plugin.

5. Click to upload your plugin. A window dialog will appear. You can drag & drop our ZIP file from there.

6. Finish the plugin installation following the prompts in your Sailpoint Instance.

Create API Client

🚧

Make sure you complete the Plugin Installation process first.

1. Create an Identity for Moveworks. We recommend naming the account svc.moveworks.

2. Make sure the new service account has the Moveworks Approvals Plugin Service Account user capabilities enabled.

3. Go to configure API Authentication.

4. Create a new API Client, setting the Proxy User to our service account.

5. Send your OAuth Client ID and Client Credentials to your CSM.

Skill-Specific Access Needs

The Moveworks Plugin grants all the necessary permissions needed to interact with the relevant objects in your Sailpoint instance. There are no further Skill-Specific Access Needs that need to be applied for the integration.

Once you’ve completed the above, speak with your customer success team to complete the implementation.