mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 04:04:00 -06:00
Serviceaccounts: Add serviceaccount docs (#41712)
* Adds serviceaccount docs * WIP * wip * Update docs/sources/manage-users/serviceaccount/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Update docs/sources/manage-users/serviceaccount/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Update docs/sources/http_api/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Update docs/sources/http_api/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Update docs/sources/http_api/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * Update docs/sources/http_api/serviceaccount.md Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com> * updates Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
This commit is contained in:
parent
d71cd65dbc
commit
55ce03bd0c
44
docs/sources/http_api/serviceaccount.md
Normal file
44
docs/sources/http_api/serviceaccount.md
Normal file
@ -0,0 +1,44 @@
|
||||
+++
|
||||
title = "Service account HTTP API"
|
||||
description = "Grafana Service account HTTP API"
|
||||
keywords = ["grafana", "http", "documentation", "api", "service account"]
|
||||
aliases = ["/docs/grafana/latest/http_api/serviceaccount/"]
|
||||
+++
|
||||
|
||||
# Service account API
|
||||
|
||||
This API allows you to interact programmatically with the [Service accounts]({{< relref "../manage-users/serviceaccount/_index.md" >}}).
|
||||
|
||||
**> Note:** If you are using Grafana Enterprise and have [Fine-grained access control]({{< relref "../enterprise/access-control/_index.md" >}}) enabled, for some endpoints you need to have relevant permissions. Refer to specific resources to understand what permissions are required.
|
||||
|
||||
## Delete a service account
|
||||
|
||||
`DELETE /api/serviceaccounts/:serviceaccountId`
|
||||
|
||||
#### Required permissions
|
||||
|
||||
For details, see the [introduction]({{< ref "#user-api" >}}).
|
||||
|
||||
| Action | Scope |
|
||||
| ---------------------- | ------------------ |
|
||||
| serviceaccounts:delete | serviceaccounts:\* |
|
||||
|
||||
Deletes the given service account if it exists.
|
||||
|
||||
**Example request**:
|
||||
|
||||
```http
|
||||
DELETE /api/serviceaccounts/1 HTTP/1.1
|
||||
Accept: application/json
|
||||
Content-Type: application/json
|
||||
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
|
||||
```
|
||||
|
||||
**Example response**:
|
||||
|
||||
```http
|
||||
HTTP/1.1 200
|
||||
Content-Type: application/json
|
||||
|
||||
{"message":"Service account deleted"}
|
||||
```
|
11
docs/sources/manage-users/serviceaccount/_index.md
Normal file
11
docs/sources/manage-users/serviceaccount/_index.md
Normal file
@ -0,0 +1,11 @@
|
||||
+++
|
||||
title = "Service accounts"
|
||||
weight = 100
|
||||
+++
|
||||
|
||||
# Service accounts
|
||||
|
||||
A service account represents a Grafana service identity, which are users that are intended for programmatic use either internally for a Grafana feature or through an API key, such as timely reporting, automatic provisioning or systems interacting with Grafana. See [service account] for more information
|
||||
|
||||
- [Service account]({{< relref "serviceaccount.md" >}}) - Describes service account in detail.
|
||||
- [Service account API]({{< relref "../../http_api/serviceaccount.md" >}}) - Manage users or change passwords programmatically.
|
20
docs/sources/manage-users/serviceaccount/serviceaccount.md
Normal file
20
docs/sources/manage-users/serviceaccount/serviceaccount.md
Normal file
@ -0,0 +1,20 @@
|
||||
+++
|
||||
title = "What are service accounts"
|
||||
weight = 200
|
||||
+++
|
||||
|
||||
What are service accounts?
|
||||
|
||||
A service account is a special kind of user used by an application or compute workload, which are users that are intended for programmatic use either internally for a Grafana feature or through an API key. Applications use service accounts to make authorized API calls, authorized as the service account itself.
|
||||
|
||||
For example, all reporting could be setup and run as a service account from your application, and that account can be given permissions to access the resources it needs. This way the service account is the identity of the service, and the service account's permissions control which resources the service can access.
|
||||
|
||||
A service account is identified by its login name, which is unique to the entire suite of organizations. The name is set upon creation of the service account.
|
||||
|
||||
Differences between a service account and a user account
|
||||
Service accounts differ from user accounts in a few key ways:
|
||||
|
||||
- Service accounts do not have passwords, and cannot log in via browsers or cookies.
|
||||
- Service accounts are associated with private/public RSA key-pairs that are used for authentication to Grafana.
|
||||
- You can let other users or service accounts impersonate a service account.
|
||||
- Service accounts lives on a organizational level, but it does not restrict them from acting cross organizational, such as adding or editing user information.
|
Loading…
Reference in New Issue
Block a user