Create Service Account

curl --request POST \
  --url https://api.dfns.io/auth/service-accounts \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '
{
  "name": "<string>",
  "publicKey": "<string>",
  "permissionId": "<string>",
  "externalId": "<string>",
  "daysValid": 123
}
'

{
  "userInfo": {
    "username": "<string>",
    "name": "<string>",
    "userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
    "kind": "CustomerEmployee",
    "credentialUuid": "<string>",
    "orgId": "<string>",
    "isActive": true,
    "isServiceAccount": true,
    "isRegistered": true,
    "permissionAssignments": [
      {
        "permissionName": "<string>",
        "permissionId": "<string>",
        "assignmentId": "<string>",
        "operations": [
          "<string>"
        ]
      }
    ],
    "permissions": [
      "<string>"
    ]
  },
  "accessTokens": [
    {
      "dateCreated": "<string>",
      "credId": "<string>",
      "isActive": true,
      "kind": "Pat",
      "linkedUserId": "<string>",
      "linkedAppId": "<string>",
      "name": "<string>",
      "orgId": "<string>",
      "permissionAssignments": [
        {
          "permissionName": "<string>",
          "permissionId": "<string>",
          "assignmentId": "<string>",
          "operations": [
            "<string>"
          ]
        }
      ],
      "publicKey": "<string>",
      "tokenId": "<string>",
      "accessToken": "<string>"
    }
  ]
}

POST

auth

service-accounts

Create Service Account

curl --request POST \
  --url https://api.dfns.io/auth/service-accounts \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '
{
  "name": "<string>",
  "publicKey": "<string>",
  "permissionId": "<string>",
  "externalId": "<string>",
  "daysValid": 123
}
'

{
  "userInfo": {
    "username": "<string>",
    "name": "<string>",
    "userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
    "kind": "CustomerEmployee",
    "credentialUuid": "<string>",
    "orgId": "<string>",
    "isActive": true,
    "isServiceAccount": true,
    "isRegistered": true,
    "permissionAssignments": [
      {
        "permissionName": "<string>",
        "permissionId": "<string>",
        "assignmentId": "<string>",
        "operations": [
          "<string>"
        ]
      }
    ],
    "permissions": [
      "<string>"
    ]
  },
  "accessTokens": [
    {
      "dateCreated": "<string>",
      "credId": "<string>",
      "isActive": true,
      "kind": "Pat",
      "linkedUserId": "<string>",
      "linkedAppId": "<string>",
      "name": "<string>",
      "orgId": "<string>",
      "permissionAssignments": [
        {
          "permissionName": "<string>",
          "permissionId": "<string>",
          "assignmentId": "<string>",
          "operations": [
            "<string>"
          ]
        }
      ],
      "publicKey": "<string>",
      "tokenId": "<string>",
      "accessToken": "<string>"
    }
  ]
}

Authentication

✅ Organization User (CustomerEmployee)
❌ Delegated User (EndUser)
❌ Personal Access Token not allowed
❌ Service Account

Required Permissions

Auth:ServiceAccounts:Create: Always required.

Authorizations

Authorization

string

header

required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

X-DFNS-USERACTION

string

header

required

User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows

Body

application/json

name

string

required

Minimum string length: 1

publicKey

string

required

permissionId

string

externalId

string

daysValid

integer

Response

200 - application/json

Success

userInfo

object

required

Show child attributes

userInfo.username

string

required

userInfo.name

string

required

userInfo.userId

string

required

User id.

Required string length: 1 - 64

Example:

"us-6b58p-r53sr-rlrd3l5cj3uc4ome"

userInfo.kind

enum<string>

required

User kind.

Available options:

CustomerEmployee,

EndUser

userInfo.credentialUuid

string

required

userInfo.orgId

string

required

userInfo.isActive

boolean

required

userInfo.isServiceAccount

boolean

required

userInfo.isRegistered

boolean

required

userInfo.permissionAssignments

object[]

required

Show child attributes

userInfo.permissionAssignments.permissionName

string

required

userInfo.permissionAssignments.permissionId

string

required

userInfo.permissionAssignments.assignmentId

string

required

userInfo.permissionAssignments.operations

string[]

userInfo.permissions

string[]

accessTokens

object[]

required

Show child attributes

accessTokens.dateCreated

string

required

accessTokens.credId

string

required

accessTokens.isActive

boolean

required

accessTokens.kind

enum<string>

required

Access token kind.

Available options:

Pat,

ServiceAccount,

Token,

Code,

Recovery,

Temp,

Application

accessTokens.linkedUserId

string

required

accessTokens.linkedAppId

string

required

accessTokens.name

string

required

accessTokens.orgId

string

required

accessTokens.permissionAssignments

object[]

required

Show child attributes

accessTokens.permissionAssignments.permissionName

string

required

accessTokens.permissionAssignments.permissionId

string

required

accessTokens.permissionAssignments.assignmentId

string

required

accessTokens.permissionAssignments.operations

string[]

accessTokens.publicKey

string

required

accessTokens.tokenId

string

required

accessTokens.accessToken

string

List Service Accounts

Get Service Account

⌘I

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

Create Service Account

Authentication

Required Permissions

Authorizations

Body

Response

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

​Authentication

​Required Permissions

Authorizations

Body

Response

Authentication

Required Permissions