Base URL: https://cloud.mongodb.com/api/public/v1.0
Resource
PATCH /groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID} 
Request Path Parameters
| Name | Type | Description | 
|---|---|---|
| 
 | string | Unique identifier for the Project whose service account you want to update. Use the /groups endpoint to retrieve all projects to which the authenticated user has access. | 
| 
 | string | Unique identifier for the service account you want to update. Request the /groups/{PROJECT-ID}/serviceAccounts endpoint to retrieve all service accounts to which the authenticated user has access for the specified project. | 
Request Query Parameters
The following query parameters are optional:
| Name | Type | Description | Default | ||||||
|---|---|---|---|---|---|---|---|---|---|
| pageNum | integer | Page number (1-index based). | 
 | ||||||
| itemsPerPage | integer | Number of items to return per page, up to a maximum of 500. | 
 | ||||||
| pretty | boolean | Indicates whether the response body should be in a prettyprint format. | 
 | ||||||
| envelope | boolean | Indicates whether or not to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or
status code. To remediate this, set  For endpoints that return one result, response body includes: 
 For endpoints that return a list of results, the  | None | 
Request Body Parameters
The body parameter is required.
| Name | Type | Necessity | Description | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 
 | string | Optional | Name of the service account. Accepted characters are  | ||||||||||||||||||||||
| 
 | string | Optional | Description of the service account. Accepted characters are  | ||||||||||||||||||||||
| 
 | string array | Required | List of roles that the service account should be granted. A minimum of one role must be provided. Any roles provided must be valid for the assigned Project: 
 Include all roles that you want this service account to have. Any roles not in this array are removed. | 
Response
| Name | Type | Description | 
|---|---|---|
| 
 | string | Unique identifier for the service account. | 
| 
 | timestamp | Service account creation time. | 
| 
 | string | Name of the service account. | 
| 
 | string | Description of the service account. | 
| 
 | string array | List of roles that the service account has in the project. Project roles include: | 
| 
 | object array | List of service account secrets. | 
| 
 | string | Unique 24-hexadecimal character string that identifies the secret. | 
| 
 | timestamp | Timestamp representing secret creation time. | 
| 
 | timestamp | Timestamp representing secret expiration time. | 
| 
 | timestamp | Timestamp representing last secret usage. | 
| 
 | string | Masked secret that only displays the prefix and last four characters. | 
Example Request
Note
The user who makes the request can be formatted as {PUBLIC-KEY}:{PRIVATE-KEY}.
1 curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \ 2      --header "Accept: application/json" \ 3      --header "Content-Type: application/json" \ 4      --include \ 5      --request PATCH "https://cloud.mongodb.com/api/public/v1.0/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}?pretty=true" \ 6      --data '{ 7          "roles": [ "GROUP_OWNER" ] 8        }' 
Example Response
Response Header
 401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive 
 200 OK Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes} X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion} 
Response Body
1 { 2   "createdAt" : "2024-08-04T01:16:21Z", 3   "description" : "Service account for Cloud Manager users.", 4   "clientId" : "mdb_sa_id_66aed6653e07126244a84cc1", 5   "name" : "Cloud Manager service account", 6   "roles" : [ "GROUP_OWNER" ], 7   "secrets" : [ { 8     "createdAt" : "2024-08-04T01:16:21Z", 9     "expiresAt" : "2024-11-02T01:16:21Z", 10     "lastUsedAt" : "2024-08-24T21:10:35Z", 11     "id" : "66aed6653e07126244a84cc0", 12     "maskedSecretValue" : "mdb_sa_sk_...MeyM" 13   } ] 14 }