k0rdent AI Docs
Serviceaccounts

Create service account credential

Visibility: public · internal ( OpenAPI Custom Extension: x-visibility )

Generate a new client_secret for a service account. The secret is returned only in this response and cannot be retrieved again. Store it securely.

Only tenant administrators can create credentials.

A maximum of 5 active credentials are allowed per service account. This limit supports zero-downtime rotation: create a new credential, deploy it to your systems, then delete the old one.

If expiresAt is omitted, the organization's default credential lifetime is applied. The value cannot exceed the org-level maximum.

POST
/v1/regions/global/iam/service-accounts/{serviceAccountId}/credentials

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication using OAuth2/OIDC tokens

In: header

Path Parameters

serviceAccountId*string

Service account resource identifier.

Request Body

application/json

expiresAt?string

Requested expiration timestamp. Cannot exceed the org-level maximum credential lifetime. Defaults to org default if omitted.

Formatdate-time

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://api.k0rdent.ai/v1/regions/global/iam/service-accounts/string/credentials" \  -H "Content-Type: application/json" \  -d '{}'
{
  "selfLink": "/v1/iam/service-accounts/sa-pipeline-prod/credentials/cred-001",
  "uid": "07cc67f4-45d6-494b-adac-09b5cbc7e2b5",
  "id": "cred-001",
  "serviceAccountId": "sa-pipeline-prod",
  "status": "active",
  "expiresAt": "2019-08-24T14:15:22Z",
  "createdBy": "user-admin-001",
  "createdAt": "2019-08-24T14:15:22Z",
  "lastUsedAt": "2019-08-24T14:15:22Z",
  "lastUsedIp": "203.0.113.42",
  "clientSecret": "plt_cs_cred-001_x9y8z7w6v5u4..."
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}

How is this guide?

Serviceaccounts

K0rdent Api Serviceaccounts endpoints

Create service account POST

Next Page

On this page

No Headings