Service accounts are a special type of account used to access apps, pipelines, and solutions, and perform actions in your realm. These accounts are not associated with individual users, but can be used by multiple users to accomplish specific tasks. Create a service account to do things like:
- Manage all Quickbase resources including apps and integrations to avoid needing to transfer ownership when an employee leaves an organization.
- Share ownership of pipelines to collaborate on making changes. Learn more about using service accounts to manage pipelines.
- Eliminate password sharing to increase security.
- Administer your realm to manage access and permissions.
Quickbase service accounts have the same capabilities as user accounts, including the ability to be granted permissions and access to specific apps. They differ in that they can be accessed by multiple assigned users from their user menu. Service accounts can only be signed into directly if using SAML.
In this article
Requirements
You must be a realm admin to convert users to service accounts and view which users have access to service accounts.
Convert a user to a service account
You can convert an existing user account to a service account. This may be useful if you already have user accounts that are shared between employees for managing pipelines or setting up other Quickbase components. Or you can create a new user account for the purpose of converting it to a service account.
After switching to a service account, you will no longer be able to edit profile settings, except for creating and managing user tokens.
To do this:
- Select Quickbase Admin > Manage the realm to access the Admin Console.
- Go to Users.
- Select the user account you’d like to modify.
- Turn on the Use as service account setting.
- Assign up to 20 users to be able to act as the service account.
- Select Apply to save your changes.
An email is sent to realm admins and the service account email address to confirm the change.
If the same user exists in multiple realms, the user is only converted to a service account in the current realm.
Convert a service account to a user account
You have the option to change the account type if you no longer want an account to operate as a service account:
- Select Quickbase Admin > Manage the realm to access the Admin Console.
- Navigate to Users.
- Select the service account you’d like to modify.
- Turn off the Use as service account setting.
- Select Apply to save your changes.
Once you have converted a service account back to a user account, you must set a new password for the user account. To set a new password, select the I forgot my password option when signing in, and follow the steps to create a new password.
Use a service account
Once you have been assigned to a service account, you can switch to use the service account rather than your user account:
- Open the user menu in the top navigation.
- In the Switch accounts section, select the service account you want to use. Any actions you take will now be performed as the service account.
Note: The Switch accounts option is only available on sidebar navigation.
If you are assigned to multiple service accounts, you must log out to switch between them.
Managing tokens using a service account
We recommend following these best practices for token management to increase security in service accounts:
- Admins on business and enterprise plans should turn on the setting to hash user tokens. If a user creates a user token in a service account, any other users with access to the service account can see the token. If the user is removed from the service account, they still have access to the user token. By hashing the user token, you minimize this risk, as once the token is viewed, the user cannot retrieve it again.
- Admins should regularly rotate tokens to prevent unauthorized use.
Service accounts can only authorize API calls with user tokens. This means that they cannot use certain XML APIs that require different authentication methods.
Track activity with audit logs
View service account activity in audit logs:
- Select Quickbase Admin > Manage the realm to access the Admin Console.
- Navigate to Audit Logs.
- Select a start and end date to display logs.
Use the Session ID to trace back the user who performed actions using a service account. Learn more about querying and filtering Audit Logs.
Service accounts are a great way to partner on building in Quickbase and troubleshoot issues. You can assign external partners, like Quickbase staff, to a service account to allow them to help build in your realm. Remember to remove these users from the service account when work is complete for best security practices.