Different users sharing the same account

In some scenarios, different users share the same account, that is, the service account. In those situations, the original identification of the user is lost. A service account is typically used to authenticate the application rather than its users. Any logical users in that application use the same authenticated user. From the service provider's perspective, the different users are actually all the same. This may cause issues, for example when performing traceability and accountability within the service provider(s).

Example scenario

Your organization uses 20 machines that send requests to LN.

You use an authorized app and you have downloaded the credentials for one service account user. The 20 machines are programmed to use the credentials of that user.

In LN, there are no separate user accounts and API identities for the machines.

When the machines send their requests to LN, the credentials of the service account user are used.

The requests sent by a machine do not contain any identification of that machine. Therefore, in LN and in the log data, you can only see that the requests were sent by the service account user. It is not possible to distinguish which request was sent by which machine. All requests sent by the machines are logged as being sent by the LN user of the service user.