Skip to main content
You may have noticed when setting up a Outlook, Microsoft Teams for online meetings or Sharepoint, that we strongly recommend using a dedicated service account rather than your own user account - but what is a service account, why do you need one, and how do you set one up?

What are service accounts?

Service accounts, also known as robot accounts, are accounts specifically created to act within a limited capacity and often for a single purpose. They usually have an obvious name that highlights them as a non-human account. Something like incidentio-robot@yourdomain.com is usually good! They are not tied to a single real user and are often created with limited permissions compared to what you would normally allow a user to do. In the context of incident.io, the service account is the account you will give us permissions to use or act through for things like creating calendar events (Google Calendar or Outlook), and meetings and calls (Google Meet or Microsoft Teams).

Why do I need one?

You might be tempted to just sign in using your own account or another user’s when you click to set up the integration, but there are some very good reasons why you would want to avoid doing so. When the connection is made and the integration installed, it will belong to the user that installed it . If the installing user leaves the organization or changes their settings, this can lead to the integration breaking and needing to be re-installed (and preventing us from doing anything in the meantime!). In the case of calendars, we use the connected user’s calendar to monitor and create calendar events. If you signed in as yourself, we will potentially create calendar events for debriefs in your calendar, along with inviting your user to every meeting! You can see why this might start to be inconvenient.

What will the service account have access to?

A single account will be used for Outlook Calendar, Microsoft Teams online meetings and Sharepoint. Note: You cannot use separate accounts for each integration. Scopes
  • For Outlook Calendar: we need access to Calendars.ReadWrite , Calendars.ReadWrite.Shared & offline_access
  • For Microsoft Teams online meetings: we need access to OnlineMeetings.ReadWrite & OnlineMeetingArtifact.Read.All
  • For Sharepoint: we need access to Sites.ReadWrite.All & offline_access

How do I make a service account?

At a basic level, you will need to:
  • create a new account within your organization
  • name it something obvious and simple that highlights it as a robot account
  • store the details (such as the password / 2fa key) somewhere secure that can be shared with others, such as a password manager