Service accounts are workspace users (i.e. identities) that represent an external system that needs to access Blaxel to operate resources in your workspace.

โ€‹
Authentication of service accounts

โ€‹
API keys

Service accounts can use API keys to authenticate on Blaxel. These API keys can be created and managed by admins from the service accountโ€™s page, in your workspace settings. API keys have an infinite validity duration. sa-api-key.png

โ€‹
Client credentials (OAuth 2.0)

Service accounts can also use the client credentials OAuth 2.0 grant type, via their client ID and client secret. A pair client ID / client secret is generated automatically by Blaxel when you create a new service account. sa-create2.png
Make sure to copy the client secret when you create the service account as you will never be able to access it again after you leave the page.

โ€‹
Permissions of service accounts

Service accounts can have similar permissions as other users from your team. These permissions are managed by admins in your workspace settings.