Give automation its own identity. Scope it to one project. Govern what it can do. Log every action.
Service Accounts
Automated systems need to access Metorial too, but they shouldn't run on a person's login. Service accounts give scripts, pipelines, and backend services their own identity, scoped to what they need and governed like any other actor.
Give automation its own service account instead of sharing a person's credentials. Access stays clear and attributable.
Cover the whole organization or limit a service account to a specific project, sandbox, or environment, with policies to match.
Service accounts run under full access control and audit logging, like any other actor.
What service accounts cover
Give automation its own identity. Scope it to one project. Govern what it can do. Log every action.
Answers to common questions about service accounts and how they fit into governed AI agent infrastructure.