Retrieve an existing service account

Retrieve an existing service account based on its name

Path parameters

name

string required

The internal name of the service account to retrieve

Responses

200 The service account

readonly

boolean required

If true, this object was externally provisioned and cannot be edited

name

string required

Internal name for the service account

trustConfig

object (Static JWKS) | object (Dynamic JWKS) required

Information about how to trust the token for this service account

validationRules

array of string required

List of rules to apply on top of signature verification for the incoming JWT to be trusted

permissions

array of objects (Permission) required

List of permissions to apply for successfully validated JWTs

Array [

value

string required

The permission string, in the Horizon format : :::

filter

string | null

The filter to apply to the permission in the HPQL format

]

roles

array of string required

List of roles to apply for successfully validated JWTs

_id

string (Internal ID)

Object internal ID

iatFutureRestriction

string

Maximum duration in the future the JWT iat claim is allowed to be. Must be set together with iatPastRestriction.

iatPastRestriction

string

Maximum duration in the past the JWT iat claim is allowed to be. Must be set together with iatFutureRestriction.

jwtAllowedClockSkew

string

Allowed clock skew when validating JWT time-based claims.

identifierMapping

string

Template string used to compute the identifier of the principal authenticated by this service account.

401 Authentication error

403 Forbidden action

404 Service account not found

500 Unexpected internal server error

get

/api/v1/security/service-accounts/{name}