We're developing Service Accounts for two primary use cases:

  • Cloud Operations Automation: Service Accounts serve as the machine identity for automation routines. They handle tasks such as managing your Temporal Cloud account, namespaces, certificates, and user identities.

  • Workflow Execution: Service Accounts act as the machine identity for executing and managing workflows from the SDK and Temporal CLI. In this scenario, Service Accounts with API Keys offer an alternative to using mTLS-based authentication for workflow execution.

The initial release of Service Accounts is primarily focused on the Cloud Operations Automation use case.

  • Service Accounts, through their API Keys, can authenticate into Cloud Operation tools such as Terraform, the Cloud Ops API, and tcld.

  • To utilize Service Accounts, API Keys must be enabled for your account.

  • This Service Accounts release reshapes the Global Admin-accessible Settings UI for Users and API Keys, providing a more streamlined user experience.

In the near future, we plan to:

  • Add more functionality to Service Accounts (details can be found in the FAQ section of the documentation).

  • Support API Key authentication from SDKs and the Temporal CLI to cater to the Workflow Execution use case mentioned above.

Reach out to us on the Temporal Community Slack if you want to learn more or participate in the pre-release.