What permission to assign to service account?

(0) Share

Report

Posted on by tom555

Hello,

It is a best practice to have a service account in order to run app/flows under same identity which never expires. However would you please share what permission it should have whether system admin or system customizer as a minimum priviledges?

Thanks,

Categories:

Management

Environment

All responses (2)

Answers (0)

tom555 85 on at

Like (0)

Report

Re: What permission to assign to service account?

Thank you @HSheild

How should I decide customizing the security role for SA? do you mean only give permissions on specific entities? There could be a situation where a department sharing a single SA having multiple flows accessing multiple entities in the environment and sometime we do not know which entities they would like to access in future? would not it be too tight by making it dedicated security role for only specific entity then? Or what process you can suggest to resolve the same?

Thanks,
H Sheild 3,000 Most Valuable Professional on at

Like (1)

Report

Re: What permission to assign to service account?

Hi @tom555

Best practices are to follow the "least privilege's" principle, meaning that you should only give the Service Account the necessary permissions to do what it needs to do. It is unlikely that the Service Account will need to customise the system so don't give it System Admin or System Customiser. You may have to create your own Security Role based on what the Service Account needs to do.