Skip to main content

Configure Service to Service Authentication

As an Account Manager, you can set up service to service (S2S) authentication to allow backend services and applications to communicate securely without user involvement.

The Service to Service page has three tabs:

Tab Description

Access Tokens

Generate and manage API access tokens for long-term authentication. This tab lists all tokens across all users.

Azure Services

Register and manage services that use Azure Active Directory as their identity provider. Once registered, the service is trusted and its tokens are accepted.

External Services

Register and manage services that use a non-Azure identity provider. Use this if your identity provider issues tokens from a custom issuer URL rather than Azure Active Directory. Setup requires assistance from insightsoftware support.

Generate an Access Token

To generate an access token:

  1. In the side navigation bar, go to Administration > Service to Service.
  2. In the Access Tokens tab, select Generate New Token. The Generate Token dialog appears.
  3. In Token Name, enter a name for the token.
  4. Under Select Targets, select one or more services the token can authenticate against.
  5. Select Generate Token. The token is displayed in the dialog.
  6. Copy the token to a secure location.

Important: Make sure to copy your token before closing the dialog. You won't be able to see it again.

Note: You can also generate tokens from User Settings > Access Tokens, but that page only shows tokens you created. The Access Tokens tab under Service to Service lists all tokens across all users.

Revoke an Access Token

To revoke an access token:

  1. In the side navigation bar, go to Administration > Service to Service.
  2. In the Access Tokens tab, select Revoke next to the token you want to revoke. A confirmation dialog appears.
  3. Select Revoke Token to confirm.

Register an Azure Service

To register a service that uses Azure Active Directory:

  1. In the side navigation bar, go to Administration > Service to Service.
  2. Select the Azure Services tab.
  3. Select Register Service. The Azure Service dialog appears.
  4. Enter the following details:
    • Name: Enter a name for the service.
    • Tenant ID: Enter the tenant ID.
    • Application ID: Enter the application ID.
  5. Under Enable Platform API, select Add Platform API to Azure Tenant to grant the service access to the API. A new browser tab opens for you to complete the configuration.
  6. Sign in to your Azure Active Directory Tenant account with administrator permissions.
  7. Select Accept when prompted for permissions. You are redirected to a success page.
  8. Close the browser tab and return to the previous tab.
  9. Select Register Service.

After you register the service, its tokens are accepted for authentication.

Unregister an Azure Service

To unregister a service:

  1. In the side navigation bar, go to Administration > Service to Service.
  2. Select the Azure Services tab.
  3. Select the service you want to unregister.
  4. Select Unregister Service and confirm when prompted.

Once unregistered, the service no longer appears on the Azure Services tab.

Was this article helpful?

We're sorry to hear that.