Skip to main content
POST
Create Service Account

Authentication

✅ Organization User (CustomerEmployee)
❌ Delegated User (EndUser)
❌ Personal Access Token not allowed
❌ Service Account

Required Permissions

Auth:ServiceAccounts:Create: Always required.

Authorizations

Authorization
string
header
required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION
string
header
required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Body

application/json
name
string
required

Human-readable name of the Service Account.

Minimum string length: 1
publicKey
string
required
Pattern: ^-----BEGIN (RSA )?PUBLIC KEY-----[A-Za-z0-9+/=\n\r\\]+-----END (RSA )?PUBLIC KEY-----\s?$
permissionId
string

ID of the permission (also referred to as "role" in the dashboard).

Required string length: 1 - 64
Pattern: ^pm-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$
Example:

"pm-37vj4-jkr4l-lc9945spfftkne57"

externalId
string

Value that can be used to correlate the entity with an external system.

daysValid
integer

Number of days the service account will be valid for.

Response

200 - application/json

Success

userInfo
object
required
accessTokens
object[]
required
Last modified on July 9, 2026