API Reference
DocumentationDeveloperAcademyCommunitySupportLogin

Authentication

JWT Bearer Token

All Legacy Gateways use JWT Bearer Authentication.

  1. You can generate a private-public key pair.
  2. Add your private key & gateway information as a connector in Moveworks Setup.
  3. Share the public key with your Gateway team.
  4. As part of every request, Moveworks will generate a JWT with the standard set of claims and sign it with the private key. 
    {  
  "iss": "moveworks",  
  "aud": "<https://your.gateway.com">,  
  "iat": "1659540236",  
  "exp": "1659547436"  
}
  5. Moveworks will set the token in the auth header as Authorization: Bearer <token>
  6. Your gateway can then decrypt the token with the public key, verify, and then process our request.

See our starter code for an example.


Additional notes:

  • Maximum TTL for a token is 2hrs
  • We will use ES256 (ECDSA signature algorithm using SHA-256 hash algorithm) or RSA256.