HomeGuidesRecipesAPI Reference
Alation Help Center

Creating an API Service Account

This guide will walk you through on how to create an Alation API Service account regardless if you have SAML, Active Directory, SSO (e.g. Okta), or Alation's native authentication.


Permissions Needed

You will need a Server Admin role to do these steps.

Service Account Permissions

Before creating the service account, make sure you check which APIs by Roles you're accessing and the required Alation role(s). Alation API roles are based on the Alation Catalog roles, e.g. Server Admin, Catalog Admin, and etc.


  1. In a text editor/excel file copy the below template and paste it into the document
[email protected],API Service Account,[email protected],API Service Account,SERVER_ADMIN,PasswordHere
  1. Change the fields to be what you need it to be and save the file

    • user – username. Recommend this be the same as email
    • display_name – The name that users will see in the UI
    • email – email. Recommend this be the same as user but is not required
    • role – The Alation Account role. Check the API by Roles guide to figure out permissions scope. Can be one of the below and IS case sensitive.
      • STEWARD
      • COMPOSER
      • VIEWER
  2. In Alation, go to alationdomain/admin/user_profiles/

  3. Click Drag & Drop or Click to Upload, select the user_profile_template.csv file, and upload it

  1. Alation will update and show a confirmation page that will verify the account that you're about to make. Click confirm
  1. Test creating tokens with that user account and password via RefreshToken api.