Search

Chapter 3. Using service accounts with services

download PDF

The following information briefly describes how to use service accounts with services and the CLIENT_ID and CLIENT_SECRET variables. It is provided as a reference guideline only.

  1. Create a new Service account: Red Hat Hybrid Cloud Console Service accounts
  2. Paste the following information on a terminal, replacing the CLIENT_ID and CLIENT_SECRET variables:

    export HOST='https://sso.redhat.com' CLIENT_ID='<client_id>' CLIENT_SECRET='<client_secret>' SCOPES='openid api.iam.service_accounts'
  3. Get a token for the service account with

    curl "${HOST}/auth/realms/redhat-external/protocol/openid-connect/token" \
            --data-urlencode "grant_type=client_credentials" \
            --data-urlencode "client_id=${CLIENT_ID}" \
            --data-urlencode "client_secret=${CLIENT_SECRET}" \
            --data-urlencode "scope=${SCOPES}"

    If you have jq installed (a command-line JSON processor), you can save the token to an env var:

    export ACCESS_TOKEN=$( \
        curl "${HOST}/auth/realms/redhat-external/protocol/openid-connect/token" \
            --data-urlencode "grant_type=client_credentials" \
            --data-urlencode "client_id=${CLIENT_ID}" \
            --data-urlencode "client_secret=${CLIENT_SECRET}" \
            --data-urlencode "scope=${SCOPES}" \
        | jq -r '.access_token')
  4. Send a request to an application that supports service accounts:

    curl --header "Authorization:Bearer ${ACCESS_TOKEN}" --location "https://console.redhat.com/api/rbac/v1/access/?application=inventory"
  5. The response should be empty, or unprivileged depending on the app. Try adding the service account to an RBAC group, and adding roles to that group. User Access Groups
  6. After roles are added to the service account group, repeat step 3 to grab a fresh token and attempt the request again. You should now have more privileges and get proper responses from applications.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.