Create Service Account
curl --request POST \
--url https://api.dfns.io/auth/service-accounts \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--header 'X-DFNS-USERACTION: <api-key>' \
--data '
{
"name": "<string>",
"publicKey": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"externalId": "<string>",
"daysValid": 123
}
'import requests
url = "https://api.dfns.io/auth/service-accounts"
payload = {
"name": "<string>",
"publicKey": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"externalId": "<string>",
"daysValid": 123
}
headers = {
"Authorization": "Bearer <token>",
"X-DFNS-USERACTION": "<api-key>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {
Authorization: 'Bearer <token>',
'X-DFNS-USERACTION': '<api-key>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
name: '<string>',
publicKey: '<string>',
permissionId: 'pm-37vj4-jkr4l-lc9945spfftkne57',
externalId: '<string>',
daysValid: 123
})
};
fetch('https://api.dfns.io/auth/service-accounts', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.dfns.io/auth/service-accounts",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'name' => '<string>',
'publicKey' => '<string>',
'permissionId' => 'pm-37vj4-jkr4l-lc9945spfftkne57',
'externalId' => '<string>',
'daysValid' => 123
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json",
"X-DFNS-USERACTION: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.dfns.io/auth/service-accounts"
payload := strings.NewReader("{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("X-DFNS-USERACTION", "<api-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.dfns.io/auth/service-accounts")
.header("Authorization", "Bearer <token>")
.header("X-DFNS-USERACTION", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.dfns.io/auth/service-accounts")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["X-DFNS-USERACTION"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}"
response = http.request(request)
puts response.read_body{
"userInfo": {
"username": "<string>",
"name": "<string>",
"userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
"credentialUuid": "<string>",
"isActive": true,
"isServiceAccount": true,
"isRegistered": true,
"permissionAssignments": [
{
"permissionName": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"assignmentId": "as-1vcmc-qrek0-6b4vii9pln60907e",
"operations": [
"<string>"
]
}
],
"orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
"tenantId": "acct-24hka-dhili-9hgvdlvr1ohpibp4",
"permissions": [
"<string>"
]
},
"accessTokens": [
{
"dateCreated": "2023-04-14T20:41:28.715Z",
"credId": "<string>",
"isActive": true,
"linkedUserId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
"linkedAppId": "ap-2a9in-tt2a1-983lho480p35ejd0",
"name": "<string>",
"orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
"permissionAssignments": [
{
"permissionName": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"assignmentId": "as-1vcmc-qrek0-6b4vii9pln60907e",
"operations": [
"<string>"
]
}
],
"publicKey": "<string>",
"tokenId": "to-202a0-cdo33-o65mbt6q758lvvnt",
"accessToken": "<string>"
}
]
}Create Service Account
Create a new Service Account for your organization.
POST
/
auth
/
service-accounts
Create Service Account
curl --request POST \
--url https://api.dfns.io/auth/service-accounts \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--header 'X-DFNS-USERACTION: <api-key>' \
--data '
{
"name": "<string>",
"publicKey": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"externalId": "<string>",
"daysValid": 123
}
'import requests
url = "https://api.dfns.io/auth/service-accounts"
payload = {
"name": "<string>",
"publicKey": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"externalId": "<string>",
"daysValid": 123
}
headers = {
"Authorization": "Bearer <token>",
"X-DFNS-USERACTION": "<api-key>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {
Authorization: 'Bearer <token>',
'X-DFNS-USERACTION': '<api-key>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
name: '<string>',
publicKey: '<string>',
permissionId: 'pm-37vj4-jkr4l-lc9945spfftkne57',
externalId: '<string>',
daysValid: 123
})
};
fetch('https://api.dfns.io/auth/service-accounts', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.dfns.io/auth/service-accounts",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'name' => '<string>',
'publicKey' => '<string>',
'permissionId' => 'pm-37vj4-jkr4l-lc9945spfftkne57',
'externalId' => '<string>',
'daysValid' => 123
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json",
"X-DFNS-USERACTION: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.dfns.io/auth/service-accounts"
payload := strings.NewReader("{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("X-DFNS-USERACTION", "<api-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.dfns.io/auth/service-accounts")
.header("Authorization", "Bearer <token>")
.header("X-DFNS-USERACTION", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.dfns.io/auth/service-accounts")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["X-DFNS-USERACTION"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"name\": \"<string>\",\n \"publicKey\": \"<string>\",\n \"permissionId\": \"pm-37vj4-jkr4l-lc9945spfftkne57\",\n \"externalId\": \"<string>\",\n \"daysValid\": 123\n}"
response = http.request(request)
puts response.read_body{
"userInfo": {
"username": "<string>",
"name": "<string>",
"userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
"credentialUuid": "<string>",
"isActive": true,
"isServiceAccount": true,
"isRegistered": true,
"permissionAssignments": [
{
"permissionName": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"assignmentId": "as-1vcmc-qrek0-6b4vii9pln60907e",
"operations": [
"<string>"
]
}
],
"orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
"tenantId": "acct-24hka-dhili-9hgvdlvr1ohpibp4",
"permissions": [
"<string>"
]
},
"accessTokens": [
{
"dateCreated": "2023-04-14T20:41:28.715Z",
"credId": "<string>",
"isActive": true,
"linkedUserId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
"linkedAppId": "ap-2a9in-tt2a1-983lho480p35ejd0",
"name": "<string>",
"orgId": "or-30tnh-itmjs-s235s5ontr3r23h2",
"permissionAssignments": [
{
"permissionName": "<string>",
"permissionId": "pm-37vj4-jkr4l-lc9945spfftkne57",
"assignmentId": "as-1vcmc-qrek0-6b4vii9pln60907e",
"operations": [
"<string>"
]
}
],
"publicKey": "<string>",
"tokenId": "to-202a0-cdo33-o65mbt6q758lvvnt",
"accessToken": "<string>"
}
]
}Authentication
✅ Organization User (CustomerEmployee)❌ Delegated User (
EndUser)❌ Personal Access Token not allowed
❌ Service Account
Required Permissions
Auth:ServiceAccounts:Create: Always required.Authorizations
Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows
User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows
Body
application/json
Human-readable name of the Service Account.
Minimum string length:
1Pattern:
^-----BEGIN (RSA )?PUBLIC KEY-----[A-Za-z0-9+/=\n\r\\]+-----END (RSA )?PUBLIC KEY-----\s?$ID of the permission (also referred to as "role" in the dashboard).
Required string length:
1 - 64Pattern:
^pm-[a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{14,16}$Example:
"pm-37vj4-jkr4l-lc9945spfftkne57"
Value that can be used to correlate the entity with an external system.
Number of days the service account will be valid for.
Last modified on July 9, 2026
Was this page helpful?
⌘I