Announcements
Hello,
It is a best practice to have a service account in order to run app/flows under same identity which never expires. However would you please share what permission it should have whether system admin or system customizer as a minimum priviledges?
Thanks,
Hi @tom555
Best practices are to follow the "least privilege's" principle, meaning that you should only give the Service Account the necessary permissions to do what it needs to do. It is unlikely that the Service Account will need to customise the system so don't give it System Admin or System Customiser. You may have to create your own Security Role based on what the Service Account needs to do.
Thank you @HSheild
How should I decide customizing the security role for SA? do you mean only give permissions on specific entities? There could be a situation where a department sharing a single SA having multiple flows accessing multiple entities in the environment and sometime we do not know which entities they would like to access in future? would not it be too tight by making it dedicated security role for only specific entity then? Or what process you can suggest to resolve the same?
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
Congratulations to our 2026 Super Users!
Congratulations to our 2025 community superstars!
These are the community rock stars!
Stay up to date on forum activity by subscribing.
WarrenBelz 531 Most Valuable Professional
Haque 261
Kalathiya 221 Super User 2026 Season 1
