***

title: Salesforce Knowledge Access Requirements
excerpt: ''
deprecated: false
hidden: false
metadata:
title: ''
description: ''
robots: index
next:
description: ''
---------------

<Callout intent="warning">
  Use this document for instructions on how to get the access setup in place for the Moveworks integration with Salesforce.

  Authentication method: OAuth 2.0 JWT Bearer Flow for Server-to-Server Integration
</Callout>

## Process Walkthrough

<Callout intent="warning">
  Your Moveworks Customer Success team will setup digital certificate/private key pair as a pre-requisite to this and provide you the generated digital certificate via an encrypted email.
</Callout>

**Create a Connected App** in your Salesforce instance - this allows Moveworks to authorize on behalf of the customer client under the provided scope:

1. Under Setup > App Manager: Click `New Connected App`

2. Fill basic info:
   * Connected App Name: Moveworks\_Server
   * API Name: Moveworks\_Server
   * Contact Email: [support@moveworks.ai](mailto:support@moveworks.ai)

3. Select *enable oAuth settings* under API (Enable oAuth Settings) & add:
   * Callback URL: [https://login.salesforce.com/](https://login.salesforce.com/)

4. Check *Use digital signatures*. Upload the *`salesforce.crt`* that was should have been emailed to you by your customer success team.

5. Add the following OAuth scopes:
   * api
   * refresh\_token, offline\_access

6. Click *Save* & Note down the `Consumer Key` and the `Consumer Secret`

7. After saving Update OAuth Policies, click
   1. *`Manage`> Edit Policies*
   2. In the *OAuth policies* section, change *Permitted Users* to *Admin approved users are pre-authorized*
   3. In the Session policies section, change *Timeout Value* to *24 hours*
   4. Click *Save*

**Create a Permission Set** to interact with the Connected App

1. Navigate to Users > `Permission Sets` & click on New

2. Add `moveworks_connected_app` as the Label & Api Names & click *Save.*

3. Now click on the `moveworks_connected_app` Permission Set and Click Assigned Connected Apps

4. Click *Edit* and add **Moveworks\_Server** to list of Enabled Connected Apps & Click Save

Create **New Service Account** (if it doesn’t exist)

1. Navigate to Users > Users & click on `New User`

2. Enter the following information & click *Save*:
   * Last Name: `Moveworks`
   * Alias: `movedev`
   * Email, Username & Nickname: `moveworks@{{your-domain}}.com`
   * Setup profile as`Standard User`

**Assign our service user the connected app**

1. Navigate to Users > Users & click on our service user account that we just created

2. *Click on Permission Set Assignment and then Edit Assignments*

3. Now add `moveworks_connected_app` to list of Enabled Permission Sets & Click Save

**Share with the Moveworks Customer Success Team:**

* Share the Consumer Key
* Consumer Secret
* Service Account Email