Identity & Access
Service Account
Also known as: Non-human identity, Application account
Definition
A non-human identity used by an application, script, or service to authenticate to other systems, typically without interactive login.
Examples
- A Kubernetes ServiceAccount used by a pod to call the cluster API with limited RBAC permissions.
- An Azure managed identity that allows a virtual machine to read from Key Vault without storing secrets.
Related terms
Machine Identity
The cryptographic identity of a non-human entity — workload, device, container, or API client — used to authenticate and establish trust with other systems.
Principle of Least Privilege
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.
Privileged Access Management (PAM)
A set of practices and tools that secure, control, monitor, and audit access to accounts and systems with elevated administrative privileges.
Credential Vault
Credential Vault — definition coming soon.
Identity and Access Management (IAM)
A discipline and set of technologies for defining digital identities and controlling which resources each identity may access under which conditions.
OAuth 2.0
An open authorization framework that lets a resource owner grant a third-party application limited, scoped access to an API without sharing credentials.