Service Accounts and Tokens

Video

UPDATE: Major changes have been made to the way new users are added to the system.

Of particular note:

  • Invitees who are not yet users will be taken to a sign up screen automatically
  • Usernames are no longer required. Users will be asked for their Name and to set a password
  • Wherever username is shown in platform will now display user Names
    • For legacy users, usernames will be displayed. A user may enter their name in the user settings page to update this information.

Please see the release notes here for more information.

Creating a Service Account

Service accounts are associated with tokens to allow data transfer to external sites without being tied to a particular user.

To create a service account, go to "Settings" in the left hand menu and select "Members."

Screen_Shot_2021-06-30_at_9.50.46_AM.png

Click the "Add new service account" button in the upper right.

Note: "Name" must not contain spaces or special characters.

Screen_Shot_2021-06-30_at_9.21.10_AM.png

Screen_Shot_2021-06-30_at_9.21.26_AM.png

Existing service accounts are viewable under the "Service Accounts" tab in the "Members" area.

Screen_Shot_2021-06-30_at_9.21.14_AM.png

 

Creating New Tokens with Service Accounts

All new token creation will require the use of a service account. Follow the directions above to create an account if one does not exist.

To create a token, under "Settings" in the left-hand menu, select "Tokens."

Screen_Shot_2021-06-30_at_9.25.30_AM.png

Click the "Add Token" button in the upper right.

Screen_Shot_2021-06-30_at_9.44.02_AM.png

Fill in all fields, including selecting the appropriate service account. A public token cannot be created if no service account is selected.

Screen_Shot_2021-06-30_at_9.25.38_AM.png

Public Token vs Private Token

When creating a token, the option is given to make it a public or a private token. The difference between these choices is that a Private Token will always authenticate the request regardless of the domain of origin of the request. A Public Token will only authenticate API requests coming from whitelisted domains specified in the Domains attribute. We recommend using a Public Token for publicly-facing web pages so users do not gain unrestricted access to your organization's APIs.

All subdomains for use with Public Tokens must be specified explicitly (e.g. https://subdomain1.yourwebpage.com/, https://subdomain2.yourwebpage.com/). Public Tokens do not support wildcard characters (e.g. https://*.yourwebpage.com/).

Transferring Token Ownership to a Service Account

Under "Settings" in the right-hand menu, select "Tokens"

Screen_Shot_2021-06-30_at_9.25.30_AM.png

From the list of existing tokens, right-click the token and select "Reassign Token".

Screen_Shot_2021-06-30_at_9.23.16_AM.png

Tokens my only be reassigned to a service account. Follow the directions at the top of this page to create a service account if one does not exist.

Screen_Shot_2021-06-30_at_9.47.54_AM_1_.png

NOTE:

Once all tokens are removed from association with a user, the user may be removed from the org by right-clicking on the user name in the "Members" tab inside the "Members" area.

Screen_Shot_2021-06-30_at_9.37.23_AM_1_.png

Video

Share this