Documentation Center

Modifying and deleting service accounts

You can modify the settings for Access Management service accounts, including each account's client secrets and roles. In addition, you can delete a service account if it is no longer in use.

Before you begin

Before making changes to service accounts, it is important to know that accounts can be added to Access Management either through the user interface or programmatically using bootstrap files (one per application API). The bootstrap files contain predefined data for the environment, including definitions of applications, roles, and service accounts.

There are different approaches to using the bootstrap, which can affect how and whether you should update the data through the user interface.

  • Scenario A: The bootstrap files are used for a one-time quick setup and then removed from Access Management's configuration. In this scenario, you can update and delete service accounts through the user interface with no special considerations.
  • Scenario B: The bootstrap files are used for initial setup but also kept in place to update the environment each time Access Management restarts. If this is the case, we advise that you make all changes in the bootstrap file rather than in the user interface.
    • If you edit a setting that is also defined in a bootstrap file, the setting will not be overwritten by the bootstrap data. Existing data in defined in the user interface will remain as is.
    • If you delete a service account that is defined in a bootstrap file, you must delete the service account from the bootstrap file and also in the user interface. If you delete a service account only in the user interface, it will return after the next system restart. If you delete the account only in the bootstrap file, it will remain in the user interface.

Procedure

  1. Go to the website for Access Management.
  2. Go to the Service accounts tab to see the list of all existing service accounts.
  3. You can do the following different things with service accounts:
    OptionDescription
    Modify a service accountOpen the service account from the list page and then select Edit.

    Modify the account settings and save your changes.

    You can also manage the client secrets, as needed. For details on how, see the related topic on managing client secrets.

    Delete a service accountOpen the service account from the list page and then select Delete.