Skip to main content

Service Account and Access Types

Zoltán Mikolás
  • Updated

Since the 2025-R1 release, Perfion has introduced improvements to user management. Especially for those working with the Perfion API. These changes help customers manage their license limits more effectively while improving control over how users access Perfion services.

Built-in Service Account for API Access

To avoid using standard user licenses for API access, Perfion has a built-in Service Account user. This account is automatically added since the 2025-R1 upgrade or new installations since then and is used exclusively for API integrations.

Key facts about the Service Account:

  • It is automatically included in every Perfion installation.

  • It cannot be deleted or modified.

  • It is a member of the Administrator group.

  • It does not count against your license limit.

image-20250508-073812.png

User Properties

All user accounts now include a new Access setting that controls how they interact with the system. You’ll find this option in the user’s settings.

Access levels:

  • Clients only: Access to the Perfion client only. Cannot be used for API access.

  • Clients & Service: Full access to both the client and the API.

  • Service only: Used for API access only. No access to the client.

Important rules:

  • The ServiceAccount is locked to "Service only."

  • In new installations, the Admin user is locked to "Clients only."

  • When upgrading existing systems to 2025-R1 or later, all current users are set to "Clients & Service" to maintain compatibility.

  • Users imported from Active Directory will default to "Clients only."

You can view and change the access level of each user (except locked ones) in the User Management section.

image-20250508-074128.png

License

Perfion licenses now exclude the built-in Admin and ServiceAccount users from counting toward your user limit. This ensures you get full use of your purchased licenses.

Example:
If your license includes 3 editor accounts, you can still use the Admin and ServiceAccount users without affecting this limit.

However, custom users with "API Only" access do count toward your license.

Login behaviour

Perfion checks a user's access level during login:

  • Users set to "API only" will be denied access to the Windows client and the Web/Supplier Portal.

  • Users set to "Clients only" can use the API Query Analyzer inside the client, but cannot authenticate through external API calls.

If a user tries to log in through the wrong channel for their access type, an appropriate error message will be displayed.

image-20250507-143955.png

Related articles

Comments

0 comments

Please sign in to leave a comment.