Skip to main content
Once you have registered in your Dfns org and invited your Users, the next step is to create a Service Account, which you can think of as a machine user. For more details on what service accounts are and when to use them, please refer to service-account-management.
1

Prepare a key pair

Your service account will need its own key pair to sign its requests. The easiest way to create a Public / Private Key pair is from the command line. You can use the commands shown below or see our documentation on key generation:
# Generate RSA Private Key
openssl genrsa -out rsa2048.pem 2048
# Generate the Public Key
openssl pkey -in rsa2048.pem -pubout -out rsa2048.public.pem
2

Create the Service Account

Navigate to Settings > Developers > Service Accounts and click “New Service Account”. Name the Service Account, copy in the public key (including begin/end lines like -----BEGIN PUBLIC KEY-----), click “Create” and 🔑 sign the action with your passkey.
3

Store your Service Account authentication token

The last page shows the masked Service Account JWT. Copy it to a secure location before leaving the page.
The token will not be shown later!
4

Use the Service Account

You now have:
Congratulations! You can now make server-side API calls using your service account. Now start building your app using our TypeScript SDK or Python SDK. For a complete example, see the Service Account sample app.
This service account will next be used to log your customers (end-users) in and let them create their own wallets on your organization in Non-custody 2/2: customer login and delegated wallets