If you plan to integrate your CI/CD system, SOOS strongly recommends adding a Service Account user for this purpose, in addition to individual user profiles.

Service Accounts should be used to avoid needing to configure scans using an individual user's API key.  Service Accounts are bound to the company as an entity so there will be no pause in service if an individual user configured to run scans is deactivated.

To create a Service Account:

  • Open the dropdown menu to the right of the User's name in the left navigation menu, select the Users option. 
  • Click the + to add a new Service Account.
  • Add the details of the desired Service Account Name and set the Role to Developer, then click save.

  • When using the Service Account for integrations, select the desired service account from the Account dropdown on the Integrate page to produce an API key associated with that user.  See our article about Rotating API Keys to incorporate this security best-practice into your DevOps.