Dutch Analytics - Xenia documentation

Service Users and API Tokens

Service users allow users to create dedicated tokens for programmatic access to the UbiOps API, for example for creating model requests in your own scripts and code. Service users are not able to login to UbiOps.
Users can configure permissions for each service user to limit what it can access by assigning roles just like normal users.

Creating a Service user

Start by going to Users & permissions in the sidebar, then navigate to the API Tokens tab. Here you can click the [+] Add button to create a new service user. You don't have to provide an email address, just the name of the user. Copy the service token from the pop-up and store it somewhere safe, you will never be able to retrieve this token again.


Default roles

Service users have no default roles. You have to create them like any other user.

If a service user token is lost, the token for that service user may be reset. The old token becomes invalid.

Service user permissions


Api tests

If you just want to test things out you can use the project-editor role.

Permissions and roles work just like they do on normal users. See Permissions and roles for more information. The user needs the roles.assignments.create permission to be able to assign roles to service users.

Service users are meant to interact with UbiOps programmatically and are defined on project level. Therefore, they are not allowed to have permissions regarding 'Roles' and 'Users' and they cannot perform actions on 'Organization' level. A user is therefore not able to assign roles that have one or multiple of these permissions.

Updated 8 days ago

Service Users and API Tokens

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.