Skip to main content
Version: 4.x

Service accounts

To facilitate access control for the use of the PhoenixAI Cloud API and the PhoenixAI Cloud provider on Terraform, PhoenixAI Cloud allows you to access them via service accounts.

Service accounts are independent identities that do not depend on any PhoenixAI members. An application key will be invalid if the member it depends on is removed from the PhoenixAI Cloud account. As for service accounts, changes in members will not affect their access to the services they are integrated with. You can grant privileges to a service account like any member, allowing fine-grained control over privileges.

NOTE

  • Only PhoenixAI members with the Member Management privilege can create service accounts and grant privileges to them.
  • Service accounts can only be used for PhoenixAI Cloud API and PhoenixAI Cloud provider on Terraform. You cannot log in to the PhoenixAI Cloud console with a service account.

Create a service account

Follow these steps to create a service account:

  1. Sign in to the PhoenixAI Cloud console.

  2. In the left-side navigation pane, choose Access Control > Member.

  3. On the Members page, click the Service accounts tab.

  4. On the Service accounts tab, click Create a service account.

  5. In the Generate secret for service account dialog box, enter a name for the service account, and click Generate now.

  6. Copy the Client Secret and Client ID, and click Yes, I have finished it to close the dialog box.

    NOTE

    The Client Secret can be viewed only when the service account is created. Make sure that you copy and save the Client Secret before closing the dialog box.

Assign roles to a service account

  1. Sign in to the PhoenixAI Cloud console.
  2. In the left-side navigation pane, choose Access Control > Member.
  3. On the Members page, click the Service accounts tab.
  4. On the Service accounts tab, click the service account to which you want to assign roles.
  5. On the detail page of the service account, click the Granted roles tab.
  6. On the Granted roles tab, select the role you want to assign from the Assign new role drop-down list, and click Assign.

Use a service account

The usage of a service account is similar to that of an application key.

View a service account

  1. Sign in to the PhoenixAI Cloud console.
  2. In the left-side navigation pane, choose Access Control > Member.
  3. On the Members page, click the Service accounts tab.
  4. On the Service accounts tab, click the service account you want to view.
  5. On the detail page of the service account, view the following information:
FieldDescription
Service account nameThe name of the service account.
Client IDA unique identifier generated within your PhoenixAI cloud account to identify the service account.
Created atThe date and time at which the service account was created.
Created byThe PhoenixAI Cloud member who created the service account.

Remove a service account

  1. Sign in to the PhoenixAI Cloud console.
  2. In the left-side navigation pane, choose Access Control > Member.
  3. On the Members page, click the Service accounts tab.
  4. On the Service accounts tab, click the service account you want to remove.
  5. On the detail page of the service account, click Remove to remove the service account.
  6. In the message that appears, click Confirm.

CAUTION

After you remove a service account, you can no longer use it to access the PhoenixAI Cloud API or the PhoenixAI Cloud provider on Terraform.