# Service accounts

A service account is a special type of Appfarm account to represent a non-human user. A service account enables such a user to be authenticated and authorized to access data and run services. Service accounts are used to allow external applications to run a service, for schedules to trigger a service, and for [unauthenticated access](/how-to/authentication-and-access-control/unauthenticated-access.md). The use of a service account ensures automated and anonymous interactions with your solution remain secure and traceable.

A service account can be assigned [roles](/reference/security/roles.md) in the same way that a [user](/reference/security/users.md) can. If a service account will access a service, that access must be granted under **Permissions** > **Services**.

When authentication is required, for example when an external service is calling an API, you can generate [API keys](/reference/security/service-accounts.md#api-keys) for a service account. The API key must then be included as a token when sending the request. If you want to learn how to use API keys when third parties integrate towards Appfarm - please read more [here](/how-to/integrations/integrate-with-external-systems.md#integrate-from-a-third-party-system-to-appfarm).

When an app is configured for unauthenticated access a service account is used to represent the anonymous users. This is required in order to define which [permissions](/reference/security/permissions.md) those users have. The permissions are granted to one or more roles assigned to the service account.

## Properties

<table><thead><tr><th width="191">Property</th><th>Description</th></tr></thead><tbody><tr><td><strong>Name</strong></td><td>Used as a reference across Appfarm Create.</td></tr><tr><td><strong>Roles</strong></td><td>One or more roles to assigned to the service account.</td></tr><tr><td><strong>Description</strong></td><td>A longer description of the service account. For your own reference.</td></tr></tbody></table>

## API keys

Click a service account in the list to view and create API keys for that account.

A key is generated and displayed only once. Appfarm has no way to recover the key for you if you lose it. If a secret key is lost or compromised, you should delete it and generate a new one.

<table><thead><tr><th width="223">Property</th><th>Description</th></tr></thead><tbody><tr><td><strong>Name</strong></td><td>A unique name for the key.</td></tr><tr><td><strong>Expire Date</strong></td><td>A date on which the key will expire. If a date is not set the key will be valid indefinitely.</td></tr><tr><td><strong>Inactivity Expiration</strong></td><td>The duration in seconds that an API key can remain unused before it automatically expires. Minimum value: 3600 seconds (1 hour).</td></tr><tr><td><strong>Services</strong></td><td><p>The <a href="/pages/-MiQRwp6QPjGTWLYBkp-">services</a> the key can access.<br></p><p>Note that the service account for this key must also have a <a href="/pages/-MiQU63VSfRMAmQC-Y_w">role</a> with the required <a href="/pages/cNDriKas8w8Qh8av1nZj">permissions</a> for the services and the data that </p><p>the services are processing.</p></td></tr><tr><td><strong>GraphQL</strong></td><td>Enable access to the solution's <a href="/pages/8EK7u2JpSjG3cHh2cuv5">GraphQL</a> endpoint.</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.appfarm.io/reference/security/service-accounts.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.