Skip to main content
Procore

Configure Service Account Permissions

Objective 

To configure permissions for Service Accounts on the Contact Information page in the company's Directory tool. 

Background 

When you initially create a Service Account, default (read-only) access permissions are set for all company-level tools. However, you can further refine and customize these permissions in order to implement and enforce more stringent security policies. In addition, because the Service Account has default (read-only) permissions at the company level when it it is first created, you must set proper permissions for the Service Account prior to using it to access the Procore API.

 Important
Bear in mind that although you may be able to generate an OAuth 2.0 access token using a Service Account with default (read-only) permissions, this token will not work for making successful calls to the Procore API. Therefore, you must set proper permissions for the Service Account prior to using it to access the Procore API.

Things to Consider

  • Required User Permissions:
    • 'Admin' level permissions on the company's Directory tool.
  • Access Considerations
    • Existing service account permissions are set to 'none' on any new tool added since the service account was created.
    • Be mindful of sensitive data and exercise caution when defining permissions on Service Accounts.
  • Important Company Directory Considerations:
    • Once you create a service account, the associated email address must not be changed in the company directory. If you modify the service account email address, the service account will no longer be functional
    • The service account contact cannot be added to more than one company directory (just the one it was created in), or else it will stop working.

Steps

  1. Log in to Procore and navigate to the company's Directory tool.
  2. In the company Directory, locate the Service Account you want to configure permissions for and click Edit.
  3. On the contact information page for the selected Service Account, scroll down to the permissions matrix.
  4. Configure Service Account access levels by selecting None, Read-Only, Standard, or Admin for each tool in the permissions matrix.
  5. Click Save to update your Service Account with the new permissions settings.
  • Was this article helpful?