k0rdent AI Docs
Serviceaccounts

Update service account

Visibility: public · internal ( OpenAPI Custom Extension: x-visibility )

Update mutable fields on a service account. Supports changing the display name, description, roles, and status.

Only tenant administrators can update service accounts. Non-admin callers receive 404 to prevent resource enumeration.

Role changes follow the scope-down principle: the calling administrator can only assign roles they themselves hold within the service account's scope.

PATCH
/v1/regions/global/iam/service-accounts/{id}

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication using OAuth2/OIDC tokens

In: header

Path Parameters

id*string

Service account resource identifier.

Request Body

application/json

displayName?string

Updated display name.

Length1 <= length <= 255
description?string

Updated description.

Lengthlength <= 1024
roles?array<string>

Updated role bindings. Each must be a valid org-defined role slug held by the calling administrator within the service account's scope.

status?string

Toggle service account status. When disabled, all credentials are effectively unusable. Can be re-enabled by setting back to active.

Value in"active" | "disabled"

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X PATCH "https://api.k0rdent.ai/v1/regions/global/iam/service-accounts/string" \  -H "Content-Type: application/json" \  -d '{}'
{
  "selfLink": "/v1/iam/service-accounts/sa-pipeline-prod",
  "uid": "07cc67f4-45d6-494b-adac-09b5cbc7e2b5",
  "id": "sa-pipeline-prod",
  "displayName": "Production CI/CD Pipeline",
  "description": "string",
  "clientId": "sa-pipeline-prod@myorg.iam",
  "scope": "project",
  "scopeId": "proj-abc123",
  "roles": [
    "compute.deployer",
    "storage.writer"
  ],
  "status": "active",
  "createdBy": "user-admin-001",
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "activeCredentialCount": 2
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}

{
  "code": "CONFLICT",
  "message": "A resource with id 'my-deploy-key' already exists."
}

{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}
{
  "error": {
    "code": 0,
    "message": "string",
    "details": [
      {}
    ]
  }
}

How is this guide?

Retrieve service account details GET

Previous Page

Providers

K0rdent Api Providers endpoints

On this page

No Headings