createServiceAccount
Create a new service account in your organization.
A default access token is issued in the same request — its raw token value is returned
once on the response and cannot be retrieved later. Capture it before navigating away;
if it's lost, revoke the token and issue a new one via createAccessToken.
The new service account has no permissions until you add it to a group. Requires
organization_admin permissions.
Example:
mutation {
createServiceAccount(
organizationId: "my-org"
input: {
name: "ci-deploy-bot"
description: "GitHub Actions deployer"
defaultAccessTokenExpirationInMinutes: 525600
}
) {
result {
id
name
defaultAccessToken { token prefix expiresAt }
}
successful
messages { field message }
}
}
createServiceAccount(
organizationId: ID!
input: CreateServiceAccountInput!
): ServiceAccountWithDefaultAccessTokenPayload
Form Schema
This mutation supports dynamic form generation using JSON Schema.
Loading schema...
Arguments
createServiceAccount.organizationId ● ID! non-null scalar {#organization-id}
Your organization's unique identifier.
createServiceAccount.input ● CreateServiceAccountInput! non-null input {#input}
Create a new service account for programmatic API access. Issues a default access token alongside the service account; the raw token value is returned once and cannot be retrieved later.