Authenticate with a service account

Use Basic or Bearer authentication when accessing APIs with a service account

Read time 1 minute

Last updated a day ago

You can use either Basic or Bearer authentication to access Unity service API endpoints with a service account. In both cases, use a key ID as the client name and the matching secret as the client secret. Don't use the service account name or its UUID to authenticate. All keys that belong to the same service account are interchangeable and resolve to the same service account. Read more about managing keys for a service account.

Bearer token authentication

To use Bearer authentication, first obtain a JWT token for the service account, and then pass it in the

Authorization

header of your API request. To obtain the token, follow the standard OAuth 2.0 Client Credentials flow by sending an HTTP POST request to the Keycloak token endpoint:


https://<SolutionFQDN>/auth/realms/unity/protocol/openid-connect/token

Replace

<SolutionFQDN>

with the fully qualified domain name (FQDN) of the solution.

Example

The following sample request uses cURL to obtain a JWT token:


curl --request POST \--url 'https://<SolutionFQDN>/auth/realms/unity/protocol/openid-connect/token' \--header 'content-type: application/x-www-form-urlencoded' \--data grant_type=client_credentials \--data client_id=<KeyId> \--data client_secret=<Secret>

Replace the

KeyId

and

Secret

strings with the ID and the secret of one of the keys that were created for the service account.

Documentation

Engine

Services

Grow

Industry

Support

Unity Cloud

Get Started

Asset Manager SDKs and services

Unity Cloud

Authenticate with a service account

Bearer token authentication

Example