Service accounts are workspace users (i.e. identities) that represent an external system that needs to access Blaxel to operate resources in your workspace.

​
Authentication of service accounts

​
API keys

Service accounts can use API keys to authenticate on Blaxel. These API keys can be created and managed by admins from the service account’s page, in your workspace settings. API keys have an infinite validity duration. sa-api-key.png

​
Client credentials (OAuth 2.0)

Service accounts can also use the client credentials OAuth 2.0 grant type, via their client ID and client secret. A pair client ID / client secret is generated automatically by Blaxel when you create a new service account. sa-create2.png
Make sure to copy the client secret when you create the service account as you will never be able to access it again after you leave the page.

​
Permissions of service accounts

Service accounts can have similar permissions as other users from your team. These permissions are managed by admins in your workspace settings.