For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
DeveloperAcademyCommunityStatus
    • Overview
    • API Credentials
    • Errors
    • Legacy & Deprecated APIs
  • Events API
    • Chat Markup
    • Rate Limits
    • Message Delivery
  • (Beta) Conversations API
  • Data API
    • GETList conversations
    • GETList interactions
    • GETList plugins calls
    • GETList Plugin Resources
    • GETList Users
  • Webhook Listeners
  • Content Gateway
    • Overview
    • Integration Strategies
    • Starter Code
    • Verifying Your Build
    • Connecting Your Gateway to Moveworks
    • Authentication
    • How Permissions Work
    • Common Pitfalls
    • Operational Guide
    • Errors
    • Supported MIME Types
  • Legacy Gateways
    • Authentication
    • Response Options
    • Field Types
    • Form Gateway Errors
DeveloperAcademyCommunityStatus
On this page
  • Create an API Credential
  • Token Expiry Details
  • Rotation & Revocation

API Credentials

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Errors

Next
Built with

Create an API Credential

1

Navigate to Credentials

Go to HTTP Connectors > Credentials

2

Click Create

Click Create to start the credential creation process.

Create credential

3

Configure your credential

Provide a Credential Name and choose a Credential Type:

  • OAuth 2.0 w/ Client Credentials (Recommended) — can be used to generate access tokens via the OAuth Token endpoint
  • API Keys — can be tested via the Test Auth endpoint

Credential types

Credentials Best Practices
  • Credentials are never written to disk or stored in any way. They can only be viewed in plain text once on the Credentials screen. Only the hash of the credential is stored.
  • When an account is deactivated or deleted, any associated API keys will stop working.
  • Moveworks recommends generating API keys using a dedicated service account rather than an individual employee’s user account. Using a service account enhances security by creating a stable, auditable identity for the integration that is not tied to a person’s employment status.

Token Expiry Details

Token TypeExpiry
Client IDs, Client Secrets, & API KeysNever expire
Access TokensEvery 60 seconds

Rotation & Revocation

In the event that your credential is exposed or leaked, follow this process for token rotation:

1

Create a new credential

Create a new API key following the steps outlined above.

2

Update your integrations

Update your code or integrations to use the new API key.

3

Delete the old credential

Use the trash icon to delete the previous API key. Selecting delete will permanently invalidate the key.

Delete credential