Service Accounts and Tokens


UPDATE: Major changes have been made to the way new users are added to the system.

Of particular note:

  • Invitees who are not yet users will be taken to a sign up screen automatically
  • Usernames are no longer required. Users will be asked for their Name and to set a password
  • Wherever username is shown in platform will now display user Names
    • For legacy users, usernames will be displayed. A user may enter their name in the user settings page to update this information.

Please see the release notes here for more information.

Creating a Service Account

Service accounts are associated with tokens to allow data transfer to external sites without being tied to a particular user.

To create a service account, go to "Settings" in the left hand menu and select "Members."


Click the "Add new service account" button in the upper right.

Note: "Name" must not contain spaces or special characters.



Existing service accounts are viewable under the "Service Accounts" tab in the "Members" area.



Creating New Tokens with Service Accounts

All new token creation will require the use of a service account. Follow the directions above to create an account if one does not exist.

To create a token, under "Settings" in the left-hand menu, select "Tokens."


Click the "Add Token" button in the upper right.


Fill in all fields, including selecting the appropriate service account. A public token cannot be created if no service account is selected.


Public Token vs Private Token

When creating a token, the option is given to make it a public or a private token. The difference between these choices is that a Private Token will always authenticate the request regardless of the domain of origin of the request. A Public Token will only authenticate API requests coming from whitelisted domains specified in the Domains attribute. We recommend using a Public Token for publicly-facing web pages so users do not gain unrestricted access to your organization's APIs.

All subdomains for use with Public Tokens must be specified explicitly (e.g., Public Tokens do not support wildcard characters (e.g. https://*

Transferring Token Ownership to a Service Account

Under "Settings" in the right-hand menu, select "Tokens"


From the list of existing tokens, right-click the token and select "Reassign Token".


Tokens my only be reassigned to a service account. Follow the directions at the top of this page to create a service account if one does not exist.



Once all tokens are removed from association with a user, the user may be removed from the org by right-clicking on the user name in the "Members" tab inside the "Members" area.



Share this