All Collections
GRC
What's New - Feature Releases
GRC API
Service account management
Service account management

A service account is a specialized computer identity designed for automated processes and applications, rather than human users.

Christine Wong avatar
Written by Christine Wong
Updated over a week ago

To integrate any application with Ansarada GRC APIs (Application Programming Interfaces), you need authorization credentials that identify the application to Ansarada Identity OAuth 2.0 server. Administrators can create and manage these authorization credentials, also known as a service account, for your Ansarada GRC Site.

Add a service account

ℹ️ Note: Each site can have up to 10 service accounts.

  1. Navigate to Maintenance, under General, select Service Accounts.

  2. Click Add service account.

  3. Enter a name for this service account and set permissions.

  4. Please note that the Client Secret is shown only once while adding the service account. Make sure to save a copy of your Client ID and Client Secret securely for future use.

Edit a service account

  1. On the Service account management page, find the service account you want to edit.

  2. Click the Item menu on the right of the service account and choose Edit.

  3. On the Service account details, make the necessary edits

  4. After making your edits, click Save Changes.

FAQ 🤔

What is Client ID and Client Secret?

Answer: Client ID and Client Secret are credentials used for authentication when an application interacts with a service or system via APIs. These credentials help ensure secure and authorized communication between an application and the API it wants to use.

Client ID is a unique identifier assigned to an application when it registers to use an API. It acts like a username for the application. The API provider uses the Client ID to recognize and verify the application when it makes API requests.

Client Secret is a confidential key, like a password, associated with the API Client ID. It's used to establish the application's identity and to prove its authenticity when making API requests. The Client Secret should be kept secure and not shared openly, as it serves as an additional layer of security to prevent unauthorized access to the API.

What if you can't find or forget your Client Secret?

Answer: You will need to either delete and create a new service account or contact the GRC Support team via email ([email protected]) to submit a request for retrieving your Client Secret.


What happens when you delete an existing service account?

Answer: Deleting a service account results in the loss of access to the authorized database. Once deleted, a service account cannot be restored.

What levels of permissions can a service account have?

Answer: There are three levels: No access, Can view and Can edit. As of the current release, you can only grant No access and Can view permissions.

Are the permissions for service account management aligned with Security Groups?

(For example, if users can view the Risk module, can they also extract Risk data without a service account?)

Answer: The permissions for service account are independent and do not rely on the settings in Security Groups.

Which modules can a service account access?

Answer: In the current release, service accounts can access only the Risk, Events and Registers modules. 🔜 Please stay tuned for updates on additional module access. 🔜

Does the service account management appear in the audit trail to monitor changes in account permissions?

Answer: 🔜 The audit trail feature is not available in the current release, but rest assured, more updates are on the way. Stay tuned! 🔜

Did this answer your question?