Skip to main content
POST
/
auth
/
service-accounts
Create Service Account
curl --request POST \
  --url https://api.dfns.io/auth/service-accounts \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '{
  "name": "<string>",
  "publicKey": "<string>",
  "permissionId": "<string>",
  "externalId": "<string>",
  "daysValid": 123
}'
{
  "userInfo": {
    "username": "<string>",
    "name": "<string>",
    "userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
    "kind": "CustomerEmployee",
    "credentialUuid": "<string>",
    "orgId": "<string>",
    "permissions": [
      "<string>"
    ],
    "isActive": true,
    "isServiceAccount": true,
    "isRegistered": true,
    "permissionAssignments": [
      {
        "permissionName": "<string>",
        "permissionId": "<string>",
        "assignmentId": "<string>",
        "operations": [
          "<string>"
        ]
      }
    ]
  },
  "accessTokens": [
    {
      "accessToken": "<string>",
      "dateCreated": "<string>",
      "credId": "<string>",
      "isActive": true,
      "kind": "Pat",
      "linkedUserId": "<string>",
      "linkedAppId": "<string>",
      "name": "<string>",
      "orgId": "<string>",
      "permissionAssignments": [
        {
          "permissionName": "<string>",
          "permissionId": "<string>",
          "assignmentId": "<string>",
          "operations": [
            "<string>"
          ]
        }
      ],
      "publicKey": "<string>",
      "tokenId": "<string>"
    }
  ]
}

Authentication

✅ Organization User (CustomerEmployee)
❌ Delegated User (EndUser)
❌ Personal Access Token not allowed
❌ Service Account

Required Permissions

Auth:ServiceAccounts:Create: Always required.

Authorizations

Authorization
string
header
required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION
string
header
required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Body

application/json
name
string
required
Minimum length: 1
publicKey
string
required
permissionId
string
externalId
string
daysValid
integer
Required range: x > 0

Response

200 - application/json

Success

userInfo
object
required
accessTokens
object[]
required
I