Update One Organization Service Account

PATCH /api/atlas/v2/orgs/{orgId}/serviceAccounts/{clientId}
Service accounts Digest auth

Updates the specified Service Account in the specified Organization.

Path parameters

  • clientId string Required

    The Client ID of the Service Account.

    Format should match the following pattern: ^mdb_sa_id_[a-fA-F\d]{24}$.

  • orgId string Required

    Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.

    Format should match the following pattern: ^([a-f0-9]{24})$.

Query parameters

  • envelope boolean

    Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

    Default value is false.

  • pretty boolean

    Flag that indicates whether the response body should be in the prettyprint format.

    Default value is false.

    Prettyprint
application/vnd.atlas.2024-08-05+json

Body Required

The new details for the Service Account.

  • description string

    Human readable description for the Service Account.

    Minimum length is 1, maximum length is 250. Format should match the following pattern: ^[\p{L}\p{N}\-_.,' ]*$.

  • name string

    Human-readable name for the Service Account. The name is modifiable and does not have to be unique.

    Minimum length is 1, maximum length is 64. Format should match the following pattern: ^[\p{L}\p{N}\-_.,' ]*$.

  • roles array[string]

    A list of organization-level roles for the Service Account.

    Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, ORG_GROUP_CREATOR, or ORG_OWNER.

Responses

  • 200 application/vnd.atlas.2024-08-05+json

    OK

    Hide response attributes Show response attributes object
    • clientId string

      The Client ID of the Service Account.

      Format should match the following pattern: ^mdb_sa_id_[a-fA-F\d]{24}$.

    • createdAt string(date-time)

      The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

    • description string

      Human readable description for the Service Account.

    • name string

      Human-readable name for the Service Account.

    • roles array[string]

      A list of Organization roles associated with the Service Account.

      Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, ORG_GROUP_CREATOR, or ORG_OWNER.

    • secrets array[object]

      A list of secrets associated with the specified Service Account.

      Hide secrets attributes Show secrets attributes object
      • createdAt string(date-time) Required

        The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

      • expiresAt string(date-time) Required

        The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

      • id string Required

        Unique 24-hexadecimal digit string that identifies the secret.

        Format should match the following pattern: ^([a-f0-9]{24})$.

      • lastUsedAt string(date-time)

        The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

      • maskedSecretValue string

        The masked Service Account secret.

      • secret string

        The secret for the Service Account. It will be returned only the first time after creation.
  • 400 application/json

    Bad Request.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 401 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 403 application/json

    Forbidden.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 404 application/json

    Not Found.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 500 application/json

    Internal Server Error.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
PATCH /api/atlas/v2/orgs/{orgId}/serviceAccounts/{clientId} 
atlas api serviceAccounts updateOrgServiceAccount --help
import (
	"os"
	"context"
	"log"
	sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)

func main() {
	ctx := context.Background()
	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")

	// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth
	client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))

	if err != nil {
		log.Fatalf("Error: %v", err)
	}

	params = &sdk.UpdateOrgServiceAccountApiParams{}
	sdkResp, httpResp, err := client.ServiceAccountsApi.
		UpdateOrgServiceAccountWithParams(ctx, params).
		Execute()
}

curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X PATCH "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/serviceAccounts/{clientId}" \
  -d '{ <Payload> }'
curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
  --digest --include \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X PATCH "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/serviceAccounts/{clientId}" \
  -d '{ <Payload> }'
Request examples 
{
  "description": "string",
  "name": "string",
  "roles": [
    "ORG_MEMBER"
  ]
}
Response examples (200) 
{
  "clientId": "mdb_sa_id_1234567890abcdef12345678",
  "createdAt": "2026-05-04T09:42:00Z",
  "description": "string",
  "name": "string",
  "roles": [
    "ORG_MEMBER"
  ],
  "secrets": [
    {
      "createdAt": "2026-05-04T09:42:00Z",
      "expiresAt": "2026-05-04T09:42:00Z",
      "id": "32b6e34b3d91647abb20e7b8",
      "lastUsedAt": "2026-05-04T09:42:00Z",
      "maskedSecretValue": "mdb_sa_sk_...",
      "secret": "mdb_sa_sk_..."
    }
  ]
}
Response examples (400) 
{
  "error": 400,
  "detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
  "reason": "Bad Request",
  "errorCode": "VALIDATION_ERROR"
}
Response examples (401) 
{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403) 
{
  "error": 403,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Forbidden",
  "errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404) 
{
  "error": 404,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "reason": "Not Found",
  "errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500) 
{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}