All Collections
API and integrations
Using a service account to integrate with Google
Using a service account to integrate with Google

Why you should use a service account to connect to google services from Engineering Team avatar
Written by Engineering Team
Updated over a week ago

You may have noticed when setting up an integration with Google that we strongly recommend using a dedicated service account rather than your own users account - but what is a service account, why do you need one, and how do you set one up?

What are service accounts?

Service acccounts, also known as robot accounts, are accounts specifically created to act within a limited capacity and often for a single purpose. They usually have an obvious name that highlights them as a non-human account. Something like incidentio-robot@<yourdomain>.com is usually good!

They are not tied to a single real user and are often created with limited permissions compared to what you would normally allow a user to do.

In the context of the service account is the account you will give us permissions to use or act through for things like creating calendar events, meetings and calls, and post-mortem documents.

Why do I need one?

You might be tempted to just sign in using your own account or another users when you click to set up the integration but there are some very good reasons why you would want to avoid doing so.

When the connection is made and the integration installed it will belong to the user that installed it. If the installing user leaves the organisation or changes their settings this can lead to the integration breaking and needing to be re-installed (and preventing us from doing anything in the mean time!).

In the case of calendars we use the connected users calendar to monitor and create calendar events. If you signed in as yourself we will potentially create calendar events for debriefs in your calendar along with inviting your user to every meeting! You can see why this might start to be inconvenient.

How do I make a service account?

There's a few ways to create new accounts within Google and it might depend a little on what setup you have.

This article covers most of the basics though and is a good starting point for learning more about how to do it.

At a basic level you will need to:

  • create a new account within your organisation

  • name it something obvious and simple that highlights it as a robot account

  • store the details (such as the password / 2fa key) somewhere secure that can be shared with others such as a password manager

Did this answer your question?