Authentication & Security

Usage

To use the Moveworks API, a password is provided in the request header as Authorization: Bearer {password}.

This credential should be treated and safeguarded similar to any other password. It does not expire. If you need to deactivate (revoke) a credential, please see the section below.

Provisioning

The credentials are generated in an internal user interface that only our customer success teams have access to. When credentials are generated, they are shared securely with customers over encrypted email.

Moveworks does not store the API credentials in any database internally. Raw credentials are never written to disk. It is hashed upon generation and only the hash is stored.

Revocation

Upon request, customer success engineers can revoke your API credential and provision a new one.

In the event that your credential is exposed internally within your organization, contact Moveworks and we will immediately deactivate your credentials.

To do this, in an internal user interface that only our customer success teams have access to, Moveworks identifies the credential that needs to be deactivated and deletes the credential. The team can do this for either a specific credential, or all API credentials.

Copyright © Moveworks 2022. All right reserved.