Create a Service Account

Objective

To create a service account using the Company Admin tool.

Background

Service accounts allow you to support integrations that require the Client Credentials grant flow as defined in the IETF OAuth 2.0 Framework Specification. In this scenario, applications need a way to retrieve an OAuth 2.0 access token outside the context of any specific Procore user. OAuth 2.0 provides the Client Credentials grant type for this purpose. A unique client_id and client_secret is generated when a new service account is created. For information on implementing the Client Credentials grant flow in an application, see OAuth 2.0 Using Client Credentials on our Developer Portal.

Things to Consider

Steps

  1. Navigate to the Company level Admin tool.
  2. Under 'Company Settings', click Service Accounts.
  3. On the Service Accounts page, click +New.
  4. Specify an 'App Type'. If you will be using this service account with a specific Marketplace App, select the Marketplace option and choose the appropriate App from the dropdown list. Otherwise, select Custom.

create-service-account.png

  1. Enter a Name for your new service account and click Create. The client_id and client_secret for the service account are generated and are available for use in making calls to the Procore API /oauth/token endpoint.
  2. Configure Service Account permissions. Because the service account has no permissions at the company level when it is first created, you must set proper permissions for the service account prior to using it to access the Procore API.
 Important
Bear in mind that although you may be able to generate an OAuth 2.0 access token using a service account without permissions ('None'), this token will not work for making successful calls to the Procore API. Therefore, you must set proper permissions for the service account prior to using it to access the Procore API.

 See Also