Service Accounts
Service Account Feature
This page contains information to assist our customers with utilizing the Service Account feature in RegScale. It describes what it is, why you would use it, the benefits, and provides instructions on getting started. This feature is available to Enterprise Edition (EE) customers.
What is it?
Service accounts make use of long-running secure tokens to allow API access to RegScale. This feature can be used by scripts and external software to programatically access RegScale without the need for usernames and passwords.
Why would you use it?
There are many reasons to use this feature which include:
- Avoids re-authenticating as a pre-step to executing APIs
- Reduces reliance on passwords
What are the benefits?
This feature has multiple benefits for an organization; to include:
- Improved security through a stateless and passwordless authentication and authorization mechanism
- Prevents having to login to refresh tokens and allows jobs that run for longer than the default token's life (i.e. long-running batch jobs)
How do I use it?
Instructions for using this feature are provided below:
- NOTE: You must be an Administrator to use this feature
- Select your username in the top right of the screen
- Select
Setup
and then selectService Accounts
on the left Admin panel - Click the
Create New
button - Enter the duration of the token (the amount of days until it will expire)
- Enter the purpose of the token for auditing purposes
- NOTE: It is recommended that multiple tokens be created when supporting multiple use cases to allow for more discrete monitoring and separation of duties between tokens
Once the token is issued, copy the token to use it externally in the authorization header of your HTTP requests to allow API access.
Example Python Code
# setup request library
import requests
#set the header
jwt = "Bearer " + "Your RegScale Service Account Token Goes Here"
headers = {
'Authorization': jwt
}
#setup API url
url_atl = "https://RegScale.c2lab.com/api/issues/getAll"
#make the call
response = requests.request("GET", url_atl, headers=headers)
Updated about 1 year ago