Service Account Recommended Roles

Hello Community,

I’m just looking for some good base recommendations around leveraging a Pager Duty Service Account as we connect and integrate our different platforms/apps/etc…

What is the recommended base role for a service account? For example, with FreshDesk, we’re required to have an account on both sides of the integration.

I’m guessing global admin, but that seems a bit too powerful. We’re attempting to ride the razors edge of maintaining least necessary privilege without having to manually configure the account in various teams, etc…

Any thoughts?

It really comes down to what you need to do and the scope of that (global, team, etc). If you don’t need to create/update/delete anything in terms of a configuration, then Admin or Manager may not be needed. If you need to only get incident information, then you can get by with only an observer role. If you need to create/update incidents across all teams, you might need a responder role. Team-based roles allow you to scope things down to only things related to that team for an extra level of control.

Hopefully, granular and scoped roles and permissions (even for API tokens) will be available in the near future.

Thanks Doug. Yeah, the early vision is more of the traditional “service account” use case. Just need an account for Pager Duty that we can leverage to manage integrations, and isn’t attached to a real human that might leave the platform taking associated configurations with them.