Service accounts

Service accounts

Service accounts can be used for services and automations, such as CI/CD or automation scenarios with Lenses CLI


Service accounts require an authentication token in order to be authenticated and they need to belong to at least one group for authorization. Service accounts are commonly used for automations ie. when using Lenses CLI or API, or any other application or service to interact with Lenses.

Service accounts

Required permission 

User Management / ViewAdminEnables user management view for Groups, Users & Service Accounts
User Management / ManageAdminEnables to manage Groups, Users & Service Accounts such as to create, edit, delete, change passwords

To be able to view, create or modify Service Accounts you need to be authorized with the User Management permission.

Access Management & permissions

Create service accounts 

To create a new Service Account, navigate to the Admin and select Users and New Service Account.

Create service account

Authentication token 

You can manually enter the authentication token or autogenerate one. If you select to auto-generate tokens, then you will receive a one time token for this service account. Follow the instructions and copy and store this token. You can now use this token to authenticate via API and CLI.

Auth token

The tokens are not recoverable. You can edit, revoke or delete a Service Account, but you can never retrieve the original token.

To change the token, go to the service account and select Revoke Token

Service account detail
Revoke token

Use Service Accounts 

To use the service account you need to prefix the token with its name separated by a colon. You then include that to the corresponding header.


For a service account named myservice and a token da6bad50-55c8-4ed4-8cad-5ebd54a18e26 then the combination looks like this:


Here is how it looks in postman using the example above:

Service account API use

More resources