Skip to main content

Service Accounts

A service account is a special kind of account used by an application instead of by a person. Applications use service accounts to make authorized API calls.

The only use case of a service account is to generate access tokens that can be later used by the Sethealth SDK in order to perform authorized requests, such as uploading data to the server.

import * as sethealth from '@sethealth/core;'
const token = "ACCESS_TOKEN";
sethealth.auth.setAccessToken(token);
Example service-account

On the dashboard, a service account is shown like the one above. As you can see, every service account starts with the prefix "sa" followed by a numeric id and in the end, the team it belongs to. To use a service account you must use the entire id (prefix and suffix included).

Create a service account#

In order to create a service account, go to the dashboard and click the button that says "Create Service Account".

Once the modal appears, the only field needed is the service account's name, likely the application name which is going to use it. Then fill the field in the modal shown below and press Create button to confirm.

Create service-account modal

Then you will have created the service account. Nowadays sethealth has support for python and golang clients.

Using service account#

Once you have created the service account, the following modal will be shown:

service-account-created-modal

In the modal, SETHEALTH_SECRET and SETHEALTH_KEY are enviroment variables you should be accesible from your server-side application. Once the service account credentials are property configured in your server, you can install one of your server clients and generate access token on demand.

Check out the Golang docs

package main
import (
"github.com/sethealth/sethealth-go"
"fmt"
)
func main() {
// Create a new sethealth client with the service account credentials
client := sethealth.New()
// Ask for a short-living access token
token, err := client.GetToken()
fmt.Println("ACCESS TOKEN", token.Token)
}
caution

Once the modal is closed, the SETHEALTH_SECRET will not be accesible again for security reasons.

danger

Never hard-code the service account credentials (API key/secret) in a client-side application. This credentials are long-lived and should be kept secret in your backend.

Generating a testing token#

Pressing the test access token, generates a short-lived access token. It is analogous to calling the method getToken() in the API.

service-account-test-token

This might be helpful when you need to test your application without a backend.

caution

Remember that access tokens must also be kept secret and they are short-lived, you should never hard code an access token into your application, since they expire very offen. Instead, your backend should use the Golang/Python clients to generate them on-demand.

Using an access token#

As mentioned in the sharing data guide, the access token is required by the SDK to upload data to the cloud.

const token = await callMyBackend();
await sethealth.auth.setAccessToken(token);