Project Service Accounts

Cloud Manager will no longer support Automation, Backup, and Monitoring for MongoDB 3.6 and 4.0 after August 30th, 2024. Please upgrade your MongoDB deployment or migrate to Atlas.

OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.: The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.

Base URL: https://cloud.mongodb.com/api/public/v1.0

Use the /groups/{PROJECT-ID}/serviceAccounts resource to view, create, assign, update, or delete Service Accounts within the specified Cloud Manager project.

Permissions

To use these endpoints, grant the following roles to a Project service account or user in your Organization:

Role	Possible Action
Any role in the Project	Retrieve Project service accounts.
`Project Owner` or `Project User Admin`	Create or update a Project service account, or unassign an Organization service account from a Project. Create or delete a service account secret.
`Organization Owner`	Assign an Organization service account to a Project.

Endpoints

Method	Endpoint	Description
`GET`	/groups/{PROJECT-ID}/serviceAccounts	Get all service accounts assigned to one project with ID `{PROJECT-ID}`.
`GET`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}	Get one service account identified with `{CLIENT-ID}` for the Project identified with `{PROJECT-ID}`.
`POST`	/groups/{PROJECT-ID}/serviceAccounts	Create a service account and assign it to the Project identified with `{PROJECT-ID}`.
`POST`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}:invite	Assign one existing Organization service account identified with `{CLIENT-ID}` to one Project with ID `{PROJECT-ID}`.
`PATCH`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}	Update one service account identified with `{CLIENT-ID}` for the Project identified with `{PROJECT-ID}`.
`DELETE`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}	Remove the service account identified with `{CLIENT-ID}` from the Project identified with `{PROJECT-ID}`. Note that the service account will still exist in the Organization, and any existing credentials will remain active until expired or manually revoked.
`POST`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}/secrets/	Create a secret for the Project service account identified with `{PROJECT-ID}` and `{CLIENT-ID}`.
`DELETE`	/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}/secrets/{SECRET-ID}	Delete the service account secret identified with `{CLIENT-ID}` and `{SECRET-ID}`.

Back

Delete

Get All