Service users

Create a new service user

A service user is a non-human system user. API tokens can be generated from service users and are used to interact with Humanitec’s API on the service user’s behalf.

To create a new service user, you need to be an Administrator or Manager of your organization.

  1. In the service user settings, select Create new service user.
  2. Enter a service username and select a RBAC role . Service users can be assigned roles on all levels (Organization, Application, Environment) just like regular users.
  3. Confirm your selection by selecting Create new service user.

Create service user. See the API documentation for details on this API endoint. Change service user details as required.

humctl api post /orgs/${HUMANITEC_ORG}/users \
    -d '
{
  "name": "My service user",
  "role": "member",
  "type": "service"
}
'

resource "humanitec_user" "service_user" {
  name = "My service user"
  role = "member"
  type = "service"
}

Generate an API token from a service user

To obtain an API token, create a service user with an assigned set of RBAC roles first. Then proceed to generate the API token.

  1. In the service user settings, select the service user you would like to create an API token for.
  2. Select Add new API token and add a token ID and an (optional) description. The RBAC role is inherited from the service user and can not be modified.
  3. You have the option to specify an expiration date for the token. By default, the token has an unlimited duration.
  4. Select Create new API token to generate a new API token.

Obtain the id of the service user, either by using the Web UI or by displaying the list of service users:

humctl api get /orgs/${HUMANITEC_ORG}/users | jq '. | map(. | select(.type=="service"))'

Set the service user ID:

export SERVICE_USER_ID=<id>

Generate the API token. See the API documentation for details on this API endoint. Change token details as required.

humctl api post /users/${SERVICE_USER_ID}/tokens \
  -d '
{
  "description": "My service user token",
  "expires_at": "2030-04-30T19:47:01Z",
  "id": "my-service-user-token",
  "type": "static"
}
'

resource "humanitec_service_user_token" "token" {
  id          = "example-service-token"
  user_id     = humanitec_user.service_user.id
  description = "example token description"
  expires_at  = "2024-04-23T21:59:59.999Z"
}
Top