Service Accounts

Edit online

Service Accounts are machine users that authenticate programmatically. They are intended for server-to-server communication, automated workflows, background jobs, and other machine-driven interactions.

Unlike human users who authenticate with passkeys, a Service Account authenticates by signing API requests with a private key.

Working of service accounts:
  1. Keypair: You generate an asymmetric keypair. The public key is registered with IBM Digital Asset Haven, and you keep the private key to sign your API requests.
  2. Authentication token: When you create the Service Account, IBM Digital Asset Haven provides an authentication token. Include this token in the Authorization header when calling the API.
  3. Permissions: Service Accounts operate like users in that they must have the required permissions to perform actions.