Non-interactive Automation Service Account

[andre5oto]

Required Terms

• [X] I agree to follow this project's Code of Conduct
• [X] I have read and accept the Salesforce Program Agreement

What service(s) is this request for?

Identity and Access Management (IAM)

Tell us about what you're trying to solve. What challenges are you facing?

We are considering a service account that can access resources and used for automated processes, services and apps. SSO users will not need to create non-federated user accounts for this purpose.

A service account represents a non-human users that generally has the following characteristics:

• no Dashboard, CLI or other browser-based login
• used to run automated or batch processing
• long-lived access token (e.g., one year)
• runs in the context of a user on your Heroku account with defined permissions including elevated permissions

[andre5oto]

What would make service accounts interesting for our users? How about no MFA for service accounts? Since there would be no interactive logins for these type of accounts, MFA would not be required.