Service Accounts and automation

Service accounts in Jaws Deploy are the recommended authentication mechanism in all automation flows. Whether you call our API directly, use our PowerShell SDK or one of our plugins - Service Accounts are the way to go. You can read more about the concept here.

Creating Service Accounts and API keys

To create a new Service Account and associated API Key:

  • Navigate to settings: Service accounts - Jaws Deploy
  • Click "Create service account" button
  • Fill in the account name and assign required role. E.g. you can limit an account to be able to deploy on specific projects in certain workspaces.
  • The created account appears on the list of all Service Accounts. Note the Service Account's ID listed in the table - this is the login.
  • Click "Manage API keys" for the new account.
  • Click "Create API key".
  • A new dialog appears - provide optional description and click "Create".
  • An API key will appear. Copy this key and keep it secure. This is the account's password.
Important: for security reasons this key cannot be retrieved later. If you loose it, you'll need to create a new one. Upon generation you'll have one-time access to the new key.
API keys can be deactivated and activated again at any later time. They can also be permanently deleted.

Authenticating against the REST API

Whenever calling our API you need to generate proper authentication header and append it to all HTTP calls. This is also outlined in the REST API Reference.

The header value should be Authentication: Bearer <credential> and to generate the <credential> value execute the following logic:

Base64_Encode("{serviceAccountID}:{apiKey}")

Authenticating against SDKs and Plugins

Whenever you need to authenticate towards Jaws Deploy via one of our SDKs or Plugins you'll need to provide:

  • Login: this is the Service Account ID found on the list of all Service Accounts or on the "Edit Service Account" page. This a 36-character, hyphenated string, similar to GUID or UUID. E.g. 12345678-1234-1234-1234-123456789abc
  • API key: this is the long random string obtained directly after creating the API key (it cannot be retrieved later). E.g. 35fcba5ca592b5b2a83eca3e2024b716b32400d7f52e9b95f81a12c82fc83034