Service accounts introduction

Service accounts introduction

Our Control panel now has a new feature, Service accounts. This functionality allows you to create service accounts for your main developer account. From now on, API Keys are considered deprecated, use the Service accounts instead.


A service account is a way to grant access to the Voximplant HTTP API on behalf of your developer account. You can manage the permissions of each service account by assigning one or more roles to it. The following roles are available at the moment:

  • Owner
  • Admin
  • Support
  • Supervisor
  • Developer
  • CallList Manager
  • Accountant
  • Verification
  • Scenarios
  • User Manager
    • User Read
    • User Update
  • ACD Manager
    • ACD Stats
    • ACD Management
  • CallHistory

If a service account has no assigned roles, it has access to the basic HTTP API methods only:

How to use it

Go to the Service accounts section and click Add in the upper right corner. In the dialogue opened, click Add role and specify as many roles as you need. For example, if you want to enable this new account to just start cloud scenarios, add the Scenarios role. Put a short description (if needed), click Generate key, and specify where to save a private key.

Since we don't store the keys, save it securely on your side.
 Next, form a JWT token using RS256. The required fields are:
  • kid – key_id to be specified in the header section
  • iat – start date, it must be a Numeric date value (UNIX timestamp)
  • iss – account_id
  • exp – end date, up to iat+3600 seconds. It must be a Numeric date value (UNIX timestamp)

From now on, you should substitute this token in every HTTP request to the Voximplant HTTP API, e.g.:

curl -H "Authorization: Bearer ${TOKEN}"
Tags:voximplantcontrol panel
B6A24216-9891-45D1-9D1D-E7359CEB8282 Created with sketchtool.


2019-07-17 16:38:12
1) What is "Bearer" in your example ? -H "Authorization: Bearer ${TOKEN}" 2) iat – start date. What format (I tried seconds)? 3) exp – end date, up to iat+3600 seconds. necessarily +3600 ? 4) WHY DO NOT USE LINK FOR THIS PAGE FROM HTTPS://VOXIMPLANT.COM/DOCS/REFERENCES/HTTPAPI/AUTH_PARAMETERS? I got error {"error":{"msg":"Invalid token format.","code":447},"errors":[{"msg":"Invalid token format.","code":447}]} And I don not know how to authorized
2019-09-13 12:31:45

seva, thanks for your comment, it helped us to improve the article a little bit. 1) "Bearer" is one of the possible schemes used for authentication purposes in HTTP. Whereas there are other schemes, it is required to use this one in case of token authentication. See the official articles on this topic:;  2) we've put a clarification here, it should be a UNIX timestamp 3) we've put a clarification here, it should be a UNIX timestamp. As stated, exp should be UP TO iat plus 3600, so the maximum duration of a token could be 1 hour only. Anyway, you're free to set expiration lower than 1 hour, e.g., by specifying exp as iat plus 5 seconds.

Add your comment

Please complete this field.


Sign up for a free Voximplant developer account or talk to our experts