Service Accounts

Manage service accounts and their permissions.

Media type

application/json

Endpoints

https://api.eu.cloud.talend.com
URL for the AWS Europe region
https://api.ap.cloud.talend.com
URL for the AWS Asia Pacific region
https://api.us.cloud.talend.com
URL for the AWS United States East region
https://api.au.cloud.talend.com
URL for the AWS Australia region
https://api.us-west.cloud.talend.com
URL for the Azure United States West region

Global security

These security schemes apply to the entire API

Public

Security scheme

This scheme can be referenced across the API

Public

Bearer authentication
Name	Description
Format	Bearer <TOKEN>

Headers
Name	Description	Type	Attributes and examples
Authorization	JWT token	string Required

Get a service account

GET /account/service-accounts/{id}

Get the service account of a given ID.

Request

Path variables
Name	Description	Type	Attributes and examples
id		string Required

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Response

200Status 200

Service account is successfully retrieved.

Body

service account of a given DI is displayed.

ServiceAccount

401Status 401

Bearer token is invalid or missing.

Body

Error

403Status 403

Permissions to read service account information are missing.

404Status 404

Service account is not found.

Body

Error

500Status 500

Body

Error

Delete a service account

DELETE /account/service-accounts/{id}

Delete the service account of a given ID.

Request

Path variables
Name	Description	Type	Attributes and examples
id		string Required

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Response

204Status 204

Service account is successfully deleted.

401Status 401

Bearer token is invalid or missing.

Body

Error

403Status 403

Permissions to delete the service account is missing.

404Status 404

Service account is not found.

Body

Error

500Status 500

Body

Error

Update a service account

PUT /account/service-accounts/{id}

Update the service account of a given account ID. In this update, only the name and the permissions of a service account can be changed.

Request

Path variables
Name	Description	Type	Attributes and examples
id		string Required

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Body

The service account with updates is displayed

ServiceAccount

Response

200Status 200

Service account is successfully updated.

Body

Updated service account is displayed.

ServiceAccount

400Status 400

Invalid request body. The message varies depending on the cause of the bad request. For example, the cause could be a malformed body or invalid permissions passed in the body.

Body

Error

401Status 401

Bearer token is invalid or missing.

Body

Error

403Status 403

Permissions to update the service account are missing.

Body

Error

404Status 404

Service account is not found.

Body

Error

409Status 409

The service account name is already used

Body

Object

Name	Description	Type	Attributes and examples
detail	Error detail	string Optional

Status 409 application/json

{
  "detail": "The service account name is already used"
}

500Status 500

Body

Error

List service accounts

GET /account/service-accounts

List the service accounts in the current tenant.

Request

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Response

200Status 200

Service accounts of the current tenant are retrieved successfully.

Body

service accounts for tenant are listed.

array of ServiceAccount

Datatype details
Type	Description	Attributes and examples
array	service accounts for tenant are listed.
ServiceAccount

401Status 401

Bearer token is invalid or missing.

Body

Error

403Status 403

Permissions to read service accounts are missing.

Body

Error

500Status 500

Body

Error

Create a service account

POST /account/service-accounts

Create a service account in the Talend tenant of the currently authenticated user or entity. The returned service account object contains an OAuth client ID and a secret. This client ID and secret must be stored in a secure way without exposing them to unauthorized parties, because these credentials are required for this service account to get the authentication tokens to access Talend services.

Use cases

Request

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Body

The new service account is displayed.

ServiceAccount

Response

201Status 201

Service account is successfully created.

Headers
Name	Description	Type	Attributes and examples
Location	URL location where new resource can be found.	string Required

Body

The created service account is displayed.

ServiceAccount

400Status 400

Invalid request body. The message vares depending on the cause of the bad request. The cause can be a malformed body or invalid permissions passed in the body.

Body

Error

401Status 401

Invalid bearer token.

Body

Error

403Status 403

Permissions to create a service account are missing or the Talend account license does not allow the service account creation.

Body

Error

409Status 409

The service account name is already used

Body

Object

Name	Description	Type	Attributes and examples
detail	Error detail	string Optional

Status 409 application/json

{
  "detail": "The service account name is already used"
}

500Status 500

Body

Error

Get the available permissions

GET /account/service-accounts/permissions

Get the available permissions for Service Accounts feature

Response

200Status 200

List of available permissions retrieved successfully

Body

array of string

Datatype details
Type	Description	Attributes and examples
array
string

Status 200 application/json

[
      "AUDIT_LOGS_VIEW",
      "TMC_CLUSTER_MANAGEMENT",
      "TMC_ENVIRONMENT_MANAGEMENT",
      "TMC_PIPELINE_MANAGEMENT",
      "TMC_PROMOTION_EXECUTION",
      "TMC_ENGINE_USE",
      "TMC_RUN_PROFILE_MANAGEMENT",
      "TMC_OPERATOR",
      "TMC_GROUP_MANAGEMENT",
      "TMC_ROLE_MANAGEMENT",
      "TMC_USER_MANAGEMENT",
      "TMC_SERVICE_ACCOUNT_MANAGEMENT"
]

401Status 401

Bearer token is invalid or missing.

Get a number of service accounts

GET /account/service-accounts/count

Permissions:

TMC_SERVICE_ACCOUNT_MANAGEMENT
TMC_SUBSCRIPTION_MANAGEMENT

Request

Query parameters
Name	Description	Type	Attributes and examples
talendVersion	API version	string Optional

Headers
Name	Description	Type	Attributes and examples
talend-version	API version	string Optional

Response

200Status 200

Number of existing Service Accounts for tenant

Body

ServiceAccountCount

Status 200 application/json

{
  "count": 2,
  "tenantId": "9133741e-d49d-4cd8-a09e-9791fead2583"
}

401Status 401

Bearer token is invalid or missing.

Body

Error

403Status 403

Permissions required to perform operation are missing

500Status 500

Internal Server Error

Body

Error

A service account represents a non-human user entity which could be a service, a job, a third-party system or alike. This account uses access tokens to authenticate and must have been assigned appropriate permissions to access the Talend services to be used.

Object

OAuth 2 client ID that is internally generated

string Required

Example

657d47e3-c3b4-4999-93c8-05a1670f6d92

secret

OAuth 2 client secret (internally generated and available only upon creation)

string Optional

name

Meaningful name

string Required

Example

mock service account

permissions

array of string Required

Datatype details
Type	Description	Attributes and examples
array	Assigned permissions
string		Example TMC_USER_MANAGEMENT

createdDate

Creation date

datetime Required

lastModifiedDate

Last modification date

datetime Required

lastUsedDate

Last date & time when a token issued for the service account was used to call an API.

datetime Optional

lastUsedApi

Last Talend API that was called with a service account access token issued for this service account.

string Optional

Number of existing Service Accounts for tenant

Object

Name	Description	Type	Attributes and examples
tenantId	Talend Cloud ID of the tenant	string Required
count	Number of existing Service Accounts for tenant	integer Required

Object returned in case the operation of a service account fails.

Object

Name	Description	Type	Attributes and examples
status	HTTP status code	integer Required	Example 400
detail	Human readable error description.	string Required

↑