Service Users

Service users enable you to grant permissions to your automation to access specific operations in the ScaleFT Platform, such as:

  1. Enabling trusted services to be granted access to your infrastructure
  2. Integrating with the ScaleFT API to automatically add users to groups
  3. Retrieving audit events from the ScaleFT API to store in your ELK setup
  4. Building other custom integrations with the ScaleFT API

Service users can be added to a group just like a normal user, and they will be granted permissions the same way. Currently the main difference between a user and service user is how each type of user authenticates.

While users are backed by an Identity Provider(IdP), a service user is given a pair of credentials that are used to generate a short-lived authentication token to be used with the API.

Authentication

In order to authenticate as your service user to the ScaleFT API, you will need to create an API key. The API key is a pair of strings known as the id and secret. You will need both to authenticate, which generates an authentication token that is sent with each request you make.

Follow these steps to create an API key:

1. Nagivate to the details for your service user

2. Confirm the creation of your API key

3. You will be presented with your API key secret. Copy it down to a safe place.

Note: When you create an API key, you will only be able to see the secret once. Store it securely!

Expiring API Keys

Whenever a new API key is created, any existing API keys will be automatically expired in 2 days. You can also immediately expire an API key so it can’t be used anymore.

1. Click the red “Expire” button next to the key you would like to get rid of

2. Confirm the dialog to expire the API key.

Note: Expiring an API key immediately will prevent any requests using a token generated with it from succeeding.