---
title: Concur Approvals Access Requirements
excerpt: ''
deprecated: false
hidden: true
metadata:
  title: ''
  description: ''
  robots: index
next:
  description: ''
---
# Authentication

Use this document for instructions on how to get the access setup in place for the Moveworks Expense Approvals integration with Concur.

**Docs for reference:**

1. [https://developer.concur.com/api-reference/authentication/apidoc.html](https://developer.concur.com/api-reference/authentication/apidoc.html#password-grant-)
2. [https://developer.concur.com/api-reference/expense/expense-report/v3.reports.html](https://developer.concur.com/api-reference/expense/expense-report/v3.reports.html)

**Refresh token expiration:**

For security Concur company refresh tokens expire every 6 months & the customer will have to provide Moveworks with the new Company Request Token every 6 months. Moveworks team will then use the new Request Token to generate another valid Refresh token for the next 6 months.

# Method

Moveworks will be authenticating into your Concur system via the **Company Request Token Method**. This lets us generate a 1-time Company Request Token (valid for 24 hours) followed by refreshable access tokens which we’ll use to authenticate any interactions.

**Pre-requisites:** Customer must have access to the Web-Service tool in Concur.

### Process Walkthrough

1. Create a new OAuth 2.0 App with the required scopes.

   1. Navigate to OAuth 2.0 Application Management under Authentication Admin

      ![](https://files.readme.io/1ff0321-Untitled_-_2023-08-22T143932.802.png)
   2. Client Create New App

      ![](https://files.readme.io/8a9530b-Untitled_-_2023-08-22T143934.898.png)
   3. Fill in the following details:
      1. App Name: `Moveworks Integration Application`
      2. App Type: `Client`
      3. App Description: `Moveworks uses this application to provide Concur expenses support into your native chat platform`
      4. Allowed Grants: `refresh_token`, `password`, & `client_credentials`
      5. Allowed Scopes: `openid`, `EXPRPT`, `expense.report.read`, `expense-report.readwrite`, `expense.report.workflowstatus.write`, `identity.user.core.read` & `identity.user.ids.read`
   4. ❗Note down the generated `Client ID` & `Client Secret`

      ![](https://files.readme.io/9e7b982-Untitled_-_2023-08-22T144019.235.png)
2. Create a Company Request Token (which we’ll be using to authenticate into our application created above)

   1. Navigate to Company Request Token under Authentication Admin

      ![](https://files.readme.io/c2bf9be-Untitled_-_2023-08-22T144132.535.png)
   2. Now Paste the `Client ID` into the `App ID` & hit submit.

      ![](https://files.readme.io/a29a529-Untitled_-_2023-08-22T144220.741.png)
   3. ❗Note down the Company UUID & Company Request Token

      ![](https://files.readme.io/1528a01-Untitled_-_2023-08-22T144234.692.png)

**Requirements:** Please share the Client Id, Client Secret, Company UUID & Company Request Token with your Moveworks Customer Success team.