Support for Service Accounts | Voters

Support for Service Accounts

acknowledged

Drew DiPalma

Enable the creation of a Service Account that doesn't require an active email address or associated user identity and can be managed by Admin users. This Service Account should be able to generate an API Token which allows for job submission.

April 15, 2024

Drew DiPalma

Merged in a post:

Generating API key for service account to discriminate jobs from automation processes or from users

Mattia

Summary
A client would like to use a service account for generating an API access key. However with SSO enabled logging in with the service account is problematic -- i.e. can't bypass the login process to enter service account credentials.
A possibility would be to generate an API access token that is not tied to a specific individual and to easily determine when workflows are launched by an individual vs. automation processes.
Intended outcome
- The user would be able to easily determine when workflows are launched by a person or by an automation process without adding much overhead to their daily runtime
How will it work
- A workaround: create in th Tower organisation a fictional user representing the service account and configure Tower with both with SSO and email sign-in as you are suggesting in the above comment.
Customer research
 [links to existing issues and pieces of info]
- #179

June 15, 2024

Drew DiPalma

marked this post as

acknowledged