> ## Documentation Index > Fetch the complete documentation index at: https://docs.versori.com/llms.txt > Use this file to discover all available pages before exploring further. # Create Service Account > CreateServiceAccount creates a new ServiceAccount for the given Organisation. The ServiceAccount will be created with a random client ID and secret, which will be returned in the response. ## OpenAPI ````yaml /openapi/organisations-api-v1.yaml post /organisations/{organisation_id}/service-accounts openapi: 3.1.0 info: title: Organisations API description: >- The Organisations API provides users the ability to manage their organisations. version: v1 servers: - url: https://platform.versori.com/api/organisations/v1 description: Production server - url: http://localhost:8081/v1 description: Localhost security: [] tags: - name: organisations description: > Organisations is the root-level entity for the Versori platform. All resources are scoped under an Organisation, each Organisation has an owner and can have multiple members. - name: signing-keys description: > Signing keys are used to sign JWTs which can be used to authenticate requests to the Versori platform. paths: /organisations/{organisation_id}/service-accounts: parameters: - $ref: '#/components/parameters/organisation_id' post: summary: Create Service Account description: >- CreateServiceAccount creates a new ServiceAccount for the given Organisation. The ServiceAccount will be created with a random client ID and secret, which will be returned in the response. operationId: CreateServiceAccount requestBody: content: application/json: schema: $ref: '#/components/schemas/ServiceAccountCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/ServiceAccount' default: description: Error content: application/json: schema: $ref: '#/components/schemas/Error' components: parameters: organisation_id: name: organisation_id in: path x-go-name: OrganisationID required: true schema: type: string schemas: ServiceAccountCreate: type: object properties: name: description: >- Name is an immutable, lower-cased, human-readable identifier for this service account. It may only contain alphanumeric characters and hyphens, and must start with a letter. It must be unique within the scope of an Organisation. type: string pattern: ^[a-z][a-z0-9-_.]*$ roles: description: >- Roles are the list of role names to be granted to this ServiceAccount at the organisation scope. type: array items: type: string groupIDs: description: >- GroupIDs are the list of group IDs to be added to this ServiceAccount. type: array items: type: string ServiceAccount: description: >- ServiceAccount is a non-user account which can be used to issue access tokens to use against Versori APIs. type: object properties: id: type: string format: ulid x-go-name: ID x-go-type: ulid.ULID x-go-type-import: path: versori.dev/vergo/ulid name: description: >- Name is an immutable, lower-cased, human-readable identifier for this service account. It may only contain alphanumeric characters and hyphens, and must start with a letter. It must be unique within the scope of an Organisation. type: string pattern: ^[a-z][a-z0-9-_.]*$ email: description: >- Email is the email address of the ServiceAccount. This is used to easily identify the ServiceAccount when viewing in the UI or observing logs. The email address is generated from the name, suffixed with `@sa.ORG_SLUG.versori.com`. clientId: type: string clientSecret: type: string roleBindings: description: >- RoleBindings are the list of roles bindings granted to this ServiceAccount. type: array items: $ref: '#/components/schemas/RoleBinding' Error: type: object properties: code: type: string description: Code is a machine-readable error code. message: type: string description: Message is a human-readable error message. cause: type: string x-go-type-skip-optional-pointer: true required: - code - message RoleBinding: description: RoleBinding contains a role and the resource it is bound to. type: object properties: role: $ref: '#/components/schemas/Role' resource: $ref: '#/components/schemas/ResourceReference' Role: description: >- Role encompasses a set of permissions which can be granted to a Member or Group. Roles are currently predefined but may support custom roles in the future. type: object properties: id: type: string format: ulid x-go-name: ID x-go-type: ulid.ULID x-go-type-import: path: versori.dev/vergo/ulid name: description: >- Name is the user-defined name for the role. It must be unique within the scope of an Organisation. type: string permissions: type: array items: $ref: '#/components/schemas/Permission' scopes: description: >- Scope defines which resources the role can be bound to, i.e. "organisation", "switchboard" etc. Resources are hierarchical, meaning that if a role is bound to an Organisation, it will be inherited by all resources owned by that organisation, whereas if it is bound to an individual child resource such as a Switchboard board, it will only apply to that board. type: array items: type: string enum: - organisation - switchboard - connection - hub ResourceReference: description: >- ResourceReference is an abstract overview of a resource in the Versori platform. type: object properties: resourceType: type: string enum: - organisation - switchboard - connection - hub resourceId: type: string name: type: string Permission: description: >- Permission grants granular access to a resource. Permissions are predefined by Versori and cannot be customised. type: object properties: id: description: >- ID is a human-readable identifier for the permission, i.e. switchboard.publish type: string enum: - organisation.read - organisation.edit - organisation.delete - organisation.members.read - organisation.members.invite - organisation.members.edit - organisation.members.delete - organisation.manage_billing - organisation.manage_subscription - switchboard.create - switchboard.read - switchboard.edit - switchboard.publish - switchboard.delete - connection.create - connection.read - connection.edit - connection.delete - hub.create - hub.read - hub.edit - hub.delete - hub.integration.create - hub.integration.read - hub.integration.edit - hub.integration.publish - hub.integration.delete - hub.user.create - hub.user.read - hub.user.edit - hub.user.delete description: description: >- Description is a human-readable description of what the permission grants type: string ````