For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
DeveloperAcademyCommunityStatus
  • Service Management
    • Overview
    • Concierge & Ticketing Capabilities Overview
    • Forms
    • Forms - Integration Specific Guides
    • Live Agent Chat / Handoff
    • Triage
    • Approval Mirroring
    • Ticket Interception
    • Generic Ticketing Integration: Ticket Gateway
  • Administration
    • MyMoveworks
    • Organization Information
    • Roles and Permissions
    • MyMoveworks SSO
  • Moveworks Setup
    • Accessing Moveworks Setup
    • First-Time Login via Magic Link
    • Moveworks Setup Modules
    • Moveworks Setup: Module How To Guides
    • Plugin Management
    • Monitor Alerts
    • Audit Logs
    • DSL Fields Defaults
    • Data Crawling View
    • API Playground
    • Setup Homepage
    • Troubleshooting Hub
    • Security and Privacy Settings
    • Configuration Delete
    • Advanced Config Editor
    • Identity configuration
    • Onboarding Stage
  • Security
    • Security
    • Hyperlink & Button Expiry
    • Attachment Handling
    • Moveworks Subprocessors
  • Provision Management
    • Overview
    • Access Software
    • Access Groups
    • Access Account
  • Access Requirements
    • Overview
    • Update Set Modules
    • Ticketing Systems & ITSMs Access
    • Identity and Access Management Systems Access
      • Active Directory & OpenLDAP Access Requirements
      • Microsoft 365 Access Requirements
      • Okta Access Requirements
      • Okta (MFA, Unlock, Identity) Access Requirements
      • OneLogin Access Requirements
    • Multi-Factor Authentication (MFA) Systems Access
    • Knowledge Access Requirements
    • Email Distribution List Systems Access
    • Facilities Management Access
    • Live Agent Chat Access
    • HR Information System Access
    • Expense Management Access
    • Calendar Management Access
  • Core Platform
    • User Identity
    • Moveworks On-Prem Agent
    • Approvals Engine
    • Entity Catalog
    • Configuration Languages
    • Moveworks Data Objects
    • SIEM
  • Employee Experience Insights
    • Overview
    • Breaking Down the Dashboard
    • Understanding Industry Benchmarks
    • Apps & Services
    • Impact Module
    • EXI Common Use Cases
    • Configure EXI
    • Ticket Backpolling
  • Knowledge Studio
    • Overview
    • Knowledge Studio Configuration
    • AI Powered Recommendations
    • Inspecting & Verifying Sources
    • Publishing Articles
    • Creating Knowledge Articles
    • Resolving IT Tickets Guidance
DeveloperAcademyCommunityStatus
On this page
  • Why do we need access to your Okta instance?
  • Service Account Permissions Needed:
  • What is the account used for
  • Providing the Credentials
Access RequirementsIdentity and Access Management Systems Access

Okta (MFA, Unlock, Identity) Access Requirements

||View as Markdown|
Was this page helpful?
Edit this page
Previous

OneLogin Access Requirements

Next
Built with

Why do we need access to your Okta instance?

The Moveworks service interacts with your Okta instance to carry out one or more of the following:

  • Identify employees
  • Help employees reset passwords
  • Unlock locked accounts
  • Help employees reset their multi-factor authentication
  • Warn employees when their password is about to expire

Note that not all Moveworks+Okta deployments handle all of the tasks mentioned above. In some deployments, password and account issues are handled through Moveworks’ direct interaction with Active Directory.

Service Account Permissions Needed:

The service account in Okta allows the Moveworks service to fulfill provisioning requests by adding users to groups in Okta. Create a bot service account dedicated to Moveworks and save the API token of this account for Moveworks configuration. Note: Moveworks does not need the credentials of this service account, the token is sufficient for integration.

  • Help Desk Admin (Required to Unlock User Account and/or Reset MFA)
  • Reports Admin (Required for Account Unlock Detection)

For more information on what permissions are entailed in each role, please refer to Okta’s documentation.

What is the account used for

  • This account is used for the bot to be able to add users to Okta groups for app provisioning and identifying user attributes when interacting with the bot.

Providing the Credentials

Once you have obtained the credentials, please notify your Customer Success team. They will provide an encrypted method of transferring the information. You may also opt for your preferred method if necessary.