Service accounts

A service account is a special type of Appfarm account to represent a non-human user. A service account enables such a user to be authenticated and authorized to access data and run services. Service accounts are used to allow external applications to run a service, for schedules to trigger a service, and for unauthenticated access. The use of a service account ensures automated and anonymous interactions with your solution remain secure and traceable.

A service account can be assigned roles in the same way that a user can. If a service account will access a service, that access must be granted under Permissions > Services.

When authentication is required, for example when an external service is calling an API, you can generate API keys for a service account. The API key must then be included as a token when sending the request. If you want to learn how to use API keys when third parties integrate towards Appfarm - please read more here.

When an app is configured for unauthenticated access a service account is used to represent the anonymous users. This is required in order to define which permissions those users have. The permissions are granted to one or more roles assigned to the service account.




Used as a reference across Appfarm Create.


One or more roles to assigned to the service account.


A longer description of the service account. For your own reference.

API keys

Click a service account in the list to view and create API keys for that account.

A key is generated and displayed only once. Appfarm has no way to recover the key for you if you lose it. If a secret key is lost or compromised, you should delete it and generate a new one.



A unique name for the key.

Expire Date

A date on which the key will expire. If a date is not set the key will be valid indefinitely.


The services the key can access.

Note that the service account for this key must also have a role with the required permissions for the services and the data that

the services are processing.


Enable access to the solution's GraphQL endpoint.

Last updated