Automatically generating service accounts

Note

Service accounts are only available in Package Security Manager version 6.6.5 or later.

Service accounts enable programmatic access to channels by allowing users to generate resource tokens that are not tied to individual user credentials. This decouples access from personal accounts, making it easier to manage automation and integrations securely. Service accounts are especially useful for scenarios where access needs to persist beyond the lifecycle of a user account. For information on managing service accounts, see Service accounts.

Note

Service accounts count as a user against your licence limit!

As an administrator, if you want service accounts to be automatically generated every time a channel is created, complete the following steps:

1. Open Anaconda Prompt (Terminal on macOS/Linux) and connect to your instance of Package Security Manager.

2. Navigate back to the ate-installer-* directory.

3. Using your preferred editor, open the docker-compose.yml file for editing.

4. Add the following environment variable to the repo_api: environment: section:

   REPO_CHANNEL_SERVICE_ACCOUNT_AUTOCREATE=True
   

5. Save your changes and close the file.

6. Apply your environmental changes by running the following commands:

   docker compose up -d
   

Once enabled, a service account named service-account-channel-<CHANNEL_NAME> is automatically created whenever a new channel is established.

Channel service accounts can be managed using the Command Line Interface (CLI) or the Application Programming Interface (API).