search

Apono Service Account

Learn how to create and manage service account API tokens

Service account API tokens enable secure, account-level access to the Admin API for automations, scripts, and CI/CD integrations. Unlike personal tokens, service account tokens are not tied to an individual user and are designed for long-lived access.

Service account tokens have the following characteristics:

  • Account-Level Access: Not associated with a specific user; permissions are defined by assigned roles

  • Role-Based Permissions: Scoped using global role-based access control roles (Admin, Power User, Deployment, Viewer)

  • Editable Metadata: Description and scoped roles can be updated after creation

hashtag
Prerequisites

Item
Description

Apono UI Credentials

Username and password to access the Apono UI

Admin Role

Apono role with full access to all features and functionalities

hashtag
Create a service account API token

Create API Token page

Follow these steps to create a service account API token:

  1. On the API Tokens Service Accountsarrow-up-right tab, click New Service Account or Create Service Account. The Add Service Account page opens.

  2. Under Create API Token, enter a token Name. The name will identify the token on the Service Accounts tab.

circle-info

The name can only contain lowercase letters, numbers, and underscores.

  1. (Optional) Add a Description explaining how this token will be used.

  2. Choose the Expiration of the token.

Expiration
Description

Unlimited

Non-expiring token

Limited

Time-bound token

Follow these steps:

  1. Choose Limited. The default 30 days option and expiration date will appear in a blue box.

  2. (Optional) Click the expiration to select a different duration.

  1. From the Role dropdown menu, select one or more global RBAC roles.

  2. Click Generate New Token. The token appears.

  3. Under Token, copy the token.

triangle-exclamation

Be sure to copy and securely store this token in a password manager. This is the only time it will be displayed.

  1. Click Done. The new token will appear on the Service Accounts tab.

After creating a service account API token, you can authenticate your queries to the Apono API. We strongly advise against hardcoding tokens in your code. Use environment variables or secret management.

hashtag
Edit a service account API token

Edit Service Account page

Follow these steps to edit a service account API token:

  1. On the API Tokens Service Accountsarrow-up-right tab, in the row of the API token, click ︙> Edit. The Edit Service Account page appears.

  2. Edit the token fields (steps 3, 5).

circle-info

You can only the token's Description and Role.

  1. Click Save Changes. The API token is updated and the Service Accounts tab appears.

hashtag
Delete a service account API token

Deleting an API token is an important security practice when the token is no longer needed.

triangle-exclamation

Before deleting an API token, remove the token from any project, code base, or third-party platform to prevent service disruptions.

Delete confirmation pop-up window

Follow these steps to delete a service account API token:

  1. On the API Tokens Service Accountsarrow-up-right tab, in the row of the API token, click ︙> Delete. A delete confirmation pop-up window appears.

  2. Click Yes. The API token is deleted and the Service Accounts tab appears.

PreviousPersonal API TokensNextSpace Management

Last updated

Was this helpful?