Understand the Relationship Between APIs, Services, and Service Accounts

Service accounts and services are resources that you can manage and use in policies for APIs.

A service account defines the security credentials required to invoke a backend service. A service account can either define Basic Auth or OAuth credentials.

A service is used to represent a backend service. It defines the properties required to invoke a backend service. The main required property of the service is the URL at which a backend service can be invoked. A service can also reference a service account to configure the credentials required to invoke a backend service.

An API references services and service accounts through the policies defining the API. An API policy making outbound calls, such as Service Request and Service Callout, can configure the backend service inline by specifying the URL in the policy itself, or the policy can reference the service resource representing the backend service. The policy can also be configured to reference a service account to configure or override credentials information.

Services and service accounts make it easier to manage changes to the services or the required credentials. Update them in one place and all the policies that reference them update to the new values.