Create an API Credential

1. Go to Agent Studio (Classic) > Events > Credentials
2. Click Create:
3. You will be asked to provide a Credential Name
4. You must choose a Credential Type
   1. [Recommended]OAuth 2.0 w/ Client Credentials can be used to generate access tokens here
   2. API Keys can be tested here

📘

Credentials Best Practices

• Credentials are never written to disk, or stored in any way. They are only allowed to be viewed in plain text once on the Credentials Screen. Only the hash of the credential is stored.
• Note: When an account is deactivated or deleted, any associated API keys will stop working.
  • Due to this security measure, Moveworks recommends generating API keys using a dedicated service account rather than an individual employee's user account.
    • Using a service account enhances security by creating a stable, auditable identity for the integration that is not tied to a person’s employment status, mitigating risks from former employees and ensuring the principle of least privilege can be properly applied.

Rotation & Revocation

Expiry Information:

• Secret Expiry: Client IDs, Client Secrets, & API Keys never expire.
• Access Token expiry: Every 60 seconds.

In the event that your credential is exposed or leaked, you can revoke it by clicking trash icon next to your credential.