Setting up a Service Account

Updated 1 month ago by Elvis Hovor

TruSTAR's integrations and user management allows users to set-up a service account to utilize when configuring with the TruSTAR API. This practice enables companies to have a dedicated account for affiliated API keys and tracking.

TruSTAR recommends setting up a separate service account for each integration and/or script. This prevents integrations from competing with each other for the per-minute API limit.

Credentialing a Service Account

You must be a company administrator to set up a service account.

To create a dedicated service account, follow the steps below.

  1. Select User Settings on the Navigation Bar, then select Settings from the dropdown menu.
  2. Click Users on the Settings menu.
  3. Click Add User in the Users panel.
  4. Fill out the fields below:
  • Name. TruSTAR suggests creating a name that clearly indicates the purpose of the account. For example, if you are going to use this account with a Splunk integration, you might create an account with first name of Splunk" and last name of "Integration". This will enable you to quickly locate integration accounts, either in the Users panel or when you export the user list to a .csv file.
  • Email address. You cannot use an email address already credentialed on TruSTAR, so either you or your organization's mail administrator must create a new email address. Carrying on with the example above, you might create the email address "trustar_splunk@acme.com"
  • Role: Choose User, not Company Administrator for service accounts.
  • Enclave permissions: Settings here depending on the integration, as each integration may require a different level of permission to be used effectively. TruSTAR recommends checking the documentation for the integration to understand what permissions levels required to access the enclave for that integration. Choices for this setting are
    • No Access
    • View Only: Can only see reports but can not create nor modify data for that enclave
    • Submission Access: Can submit and see data in the enclave but cannot delete or modify data.
    • Full Access: Can read, write, delete, and modify anything in the enclave
  1. Scroll down and click Save User to send the new credentials to the email account you specified in step 4 above.
If you change the email address for a service account is updated, you must regenerate the API keys in the TruSTAR Web App.

Example (Splunk Service Account)

Activity on a service account is counted against your organization's user limit. To discuss increasing this limit, contact your TruSTAR account executive.
To read more on user management, see the Managing Users document.


How Did We Do?