Skip to main content
Procore

Reset the Authentication Key for a Service Account

 Sunset of Traditional Service Accounts

All Traditional Service Accounts will sunset on December 31, 2024.

Traditional Service Accounts were deprecated on December 9, 2021. Beginning October 1, 2024, we will no longer allow the creation of new Traditional Service Accounts. Existing Traditional Service Accounts will continue to function until December 31, 2024.

In accordance with this timeline, developers of data connection applications that currently use Traditional Service Accounts are required to update their applications to use Developer Managed Service Accounts, and customers will be required to install these updated applications before the sunset date. All data connection applications not migrated by the sunset date will cease to function. Any application listed on the Procore App Marketplace that is not using a supported method for accessing the Procore API will be removed by the sunset date. See Migrating Data Connection Applications to Use DMSAs for additional information.

Objective

To reset the client secret for a service account using the Company Admin tool.

Background

Services accounts allow you to support integrations that require the Client Credentials grant flow as defined in the IETF OAuth 2.0 Framework Specification. In this scenario, applications need a way to retrieve an OAuth 2.0 access token outside the context of any specific Procore user. OAuth 2.0 provides the Client Credentials grant type for this purpose. A unique client_id and client_secret is generated when a new service account is created. For information on implementing the Client Credentials grant flow in an application, see OAuth 2.0 Using Client Credentials on our Developer Portal.

Things to Consider

  • Required User Permission:
    • 'Admin' level permissions on the company's Admin tool.
  • Access Considerations:
    • A new service account consists of:
      • client_id. The identifier for the service account.
      • client_secret. The secret is a randomly generated code that will be used by the service account. It is only visible to you at the time the account is created. You may want to note the client_secret and then save it to a secure location should you require it in the future for reference. 
        Important! If for any reason you lose the client_secret, Procore recommends creatng a new service account
      • New service accounts are created without permissions ('None') by default. To change these permissions, see Configure Service Account Permissions.
  • Important Company Directory Considerations:
    • Once you create a service account, the associated email address must not be changed in the company directory. If you modify the service account email address, the service account will no longer be functional.
    • The service account contact cannot be added to more than one company directory (just the one it was created in), or else it will stop working.

Steps

 Important
Please note that resetting the client secret will reset all permissions and project memberships for the selected service account.
  1. Navigate to the Company level Admin tool.
  2. Under 'Company Settings', click Service Accounts.
  3. Locate the service account you want to reset the client secret for and click View.
  4. Click Reset Secret to reset the client secret for the selected service account.

reset-client-secret.png

  1. Click Continue to confirm your action.

reset-client-secret-continue.png