Create, view, and delete service accounts
Service accounts are created for automation purposes, such as to authenticate bots that operate on your organization.
Create a service account
Note
Currently, you can't edit a service account. If you need a service account to have Super Admin access, make sure to enable it when creating the service account. By default, service accounts do not have Super Admin enabled.
To create a service account, follow these steps.
On the left navigation pane, click Service Accounts.
Click Create Service Account.
(Optional) Select Super Admin to grant the service account with Super admin access to a namespace or tenant.
Enter a name for the service account, and then click Confirm.
Check service account details
After you have created a service account, you can check the details of the account.
- On the left navigation pane, click Service Accounts. The Service Accounts page displays all of the created service accounts.
The table below describes the details that you can view about the service account.
Item | Description |
---|---|
Name | The name of the service account. |
Pulsar Role Name | This name displays in the Admin Role field when creating a tenant. |
Key File | The key file for the service account. |
Token | The token for the service account. |
Organization | The organization that the service account was created in. |
Create Time | The time when the service account was created. |
Status | The status of the service account. |
Admin | Whether the service account has Super Admin enabled or not. |
... | Click the ellipsis to display the delete icon. |
Get the service account key file or token
Both the key file and the token are used for authentication. Tokens are only valid for seven days. When a token expires, you need to use the key file to generate a new token for authentication. Or, you can directly use the key file for authentication.
Get a key file
To get an OAuth2 credential file of a service account through the StreamNative Console, follow these steps.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, in the Key File column, click the Download icon to download the OAuth2 credential file to your local directory.
The OAuth2 credential file should be something like this:
{ "type": "SN_SERVICE_ACCOUNT", "client_id": "CLIENT_ID", "client_secret": "CLIENT_SECRET", "client_email": "[email protected]", "issuer_url": "https://auth.streamnative.cloud" }
Get a token
Note
- Before getting the token of a service account, verify that the service account is authorized as a superuser or an admin of the tenants and namespaces.
- A token has a system-defined Time-To-Live (TTL) of 7 days. Before a token expires, ensure that you generate a new token for your service account.
To get a token using the StreamNative Console, follow these steps.
On the left navigation pane, click Service Accounts.
In the row of the service account you want to use, in the Token column, click Generate new token, then click the Copy icon to copy the token to your clipboard.
Delete a service account
To delete a service account, follow these steps.
On the left navigation pane, click Service Accounts.
Click the ellipsis at the end of the row of the service account you want to delete, and then select Delete.
On the dialog box asking, Are you sure you want to delete this service account?, click Confirm.