Skip to main content
All CollectionsAppsConnecting your apps
Create an automation or service account for your business hub
Create an automation or service account for your business hub

This article describes how to create an automation or service account in your app to connect it to your business hub.

Cerby Team avatar
Written by Cerby Team
Updated over 2 weeks ago

Who can use this feature?

  • Workspace Owners, Super Admins, Admins, and Users

  • Supported using the Cerby web app

  • IMPORTANT: If you use local vaults, you must have already set up at least one trusted session on your devices.

Automation or service accounts are a crucial requirement of a business hub. They are the key Cerby uses to access your seat-based and paid social apps for identity and access lifecycle management purposes.

Automation accounts are user accounts configured in your app with enough permissions to manage users, groups, and roles. These accounts are saved in Cerby and associated with a business hub so that the Cerby bot can use them as service accounts to perform the following tasks on your behalf:

  • Check for updates

  • Invite app members

  • Update app members’ roles

  • Remove app members

IMPORTANT: Make sure you create an account with enough management permissions in your app; otherwise, Cerby cannot perform any user and access management tasks.

Cerby recommends having dedicated user accounts not tied to a person or human identity to associate them with a business hub as automation or service accounts. The following are some of the reasons why it is not advised to use personal accounts:

  • Operational continuity: Service accounts are not tied to specific employees, ensuring that integrations remain functional even if personnel changes occur. This stability is crucial for maintaining uninterrupted operations.

  • Enhanced security: By assigning distinct service accounts for integrations, you can enforce precise access controls and permissions, limiting exposure to sensitive data and reducing the risk of unauthorized access.

  • Improved accountability: Dedicated service accounts enable better tracking and auditing of integration activities, as actions can be attributed to specific accounts rather than being obscured by shared user credentials.

  • Simplified maintenance: Service accounts facilitate easier management of credentials and permissions, streamlining the process of updating or rotating passwords without disrupting user access.

This article describes how to create an automation or service account in your app to connect it to your business hub. The following are the different ways in which you can configure the account, depending on your app’s characteristics, user management strategy, and login method:

NOTE: For any configuration, Cerby recommends turning on two-factor authentication (2FA) for the automation or service account with Cerby as an authenticator app.

The following sections describe each configuration.

Placeholder account

A placeholder account (also known as a “ghost account”) is an account added to Cerby for associating it with a Cerby-managed email address and phone number.

As a user with an admin role in your seat-based or paid social app, you can use these login credentials, including a secure password generated by Cerby, to create the app’s user account.

To create and configure a placeholder account, you must complete the following steps:

  1. Log in to your Cerby workspace.

  2. Click the Add item button located at the top right. A drop-down list is displayed.

  3. Select the Account option from the drop-down list. The Add account details dialog box is displayed.

  4. Enter your account information in the corresponding fields:

    • Account label in Cerby: It is the name to assign to your account in Cerby, and it will be displayed on the account card.

    • App name or URL: It is the name of the app or service provider to which the account belongs or the login URL.

      1. Select the corresponding option from the drop-down list after clicking the input field.

    • Username: It is the username you use to log in to your account.

      1. Enter a dummy value because you’ll replace it later with the Cerby-managed email address.

    • Current password: It is the password you use to log in to your account.

      1. Use the Password Generator in the Cerby browser extension to generate a secure password. For instructions, read the article How to generate secure passwords using the Cerby browser extension.

  5. Select the corresponding vault from the Vault drop-down list to add the account to it.

    NOTE: This drop-down list is not displayed if you only have access to one vault.

  6. Click the Add account button. The dialog box closes, and a success message box and the account details page are displayed.

  7. Associate a Cerby-managed email address and phone number with the account. For instructions, see the video How to add a Cerby-managed email or phone number to your account.

    IMPORTANT: After adding the Cerby-managed email address, make sure you update the account details in Cerby. Enter this email address as the value in the Username field.

  8. Create the user account in your app with the login credentials from the Cerby account.

  9. Turn on 2FA for your app’s user account with Cerby as an authenticator app. For instructions, read the article How to turn on 2FA managed by Cerby.

Now you are done. You can connect a business hub for your app.

IdP-provisioned account

An IdP-provisioned account (also known as a federated account) is a user account created and managed by your identity provider (IdP).

These accounts are commonly configured by IT admins. One of the main benefits of this approach is that you can implement stronger authentication and advanced security measures like 2FA, comply with standards, and centralize user data in your IdP.

IMPORTANT: Create an IdP-provisioned account only for seat-based and paid social apps that support the SAML standard for single sign-on (SSO) authentication. If the app doesn't support it, the automation account will not work.

To create and configure an IdP-provisioned account, you must complete the following steps:

  1. Log in to your IdP instance.

  2. Create a user account.

  3. Assign the following apps to the user account in your IdP:

    • The Cerby app

    • The seat-based or paid social app to be managed by this user account

  4. Add this user account to Cerby. For instructions, read the article Add an account.

  5. Turn on 2FA for the user account managed by your IdP with Cerby as an authenticator app. For instructions, read the article How to turn on 2FA managed by Cerby.

Now you are done. You can connect a business hub for your app.

Individual account

An individual account (also known as a profile account) is an account directly created by a user on an app or service provider using their corporate login credentials, such as email address and phone number.

Sometimes, especially in paid social apps, users keep their existing personal accounts to access the apps managed by their organization. In such a case, Cerby recommends creating a new account with corporate login credentials.

To create and configure an individual account, you must complete the following steps:

  1. Add your personal account to Cerby. For instructions, read the article Add an account.

  2. Associate a Cerby-managed email address and phone number with the account. For instructions, see the video How to add a Cerby-managed email or phone number to your account.

    NOTE: Cerby recommends you use the Cerby-managed email address as the value in the Username field.

  3. Turn on 2FA for your app’s user account with Cerby as an authenticator app. For instructions, read the article How to turn on 2FA managed by Cerby.

Now you are done. You can connect a business hub for your app.

Did this answer your question?