Automation is only as reliable as the access behind it. APIs make it possible to manage networks programmatically, but when that access is tied to individual users, things break down quickly. Sessions expire, permissions change, and workflows that should run continuously become fragile. As part of ZeroTier’s bedrock commitment to zero-trust principles, systems need a more stable way to authenticate and operate without depending on a person being logged in.
Today, we’re rolling out new capabilities in ZeroTier One accessible via the new Central dashboard, including service accounts, API keys, and plumbing for an upcoming release of webhooks. Together, these updates give users more practical ways to build, automate, and integrate with ZeroTier One.
Service Accounts for Security and Always-On Access
Service accounts are designed for system-level access. Instead of tying automation to an individual user login, customers can create an account meant specifically for software, scripts, and administrative or operational workflows.
That matters for any use case where access or permissions need to persist for a long time. A human’s session may expire, and a person’s role and privileges may change over time. A service account is different. It gives organizations a stable way to connect systems to ZeroTier One without depending on a single employee’s credentials.
This is useful in a range of scenarios. A customer may need to automate how devices are assigned. An MSP or reseller may need a cleaner way to manage multiple customer environments. In both cases, service accounts create a more durable foundation for integration and administration.
Furthermore, beyond their operational use, service accounts improve credential hygiene for automation by providing scoped, auditable, non-human identities that don’t share credentials with human users.
API Keys with Defined Lifetimes
Alongside service accounts, ZeroTier One now offers users the ability to generate API keys. These keys are authorization tokens with a user-defined expiration date, giving users a more controlled and secure way to interact with the API.
A key advantage is flexibility. Customers can define how long a token stays active based on the needs of any particular workflow. That means shorter durations for tighter security or longer durations where a process needs more continuity.
This gives teams more control over how API access is granted and managed. Rather than relying on broader, open-ended access, they can issue credentials with a clear expiration window. That makes API-based workflows easier to manage and easier to secure.
From a security standpoint, auto-expiring keys significantly improve the impact of a potential compromise window or event. For example, if a key is stolen or leaked, its usefulness is limited to the remaining time before expiration. Similarly, because IT and admin teams are already stretched thin, defined key lifetimes reduce manual work by automatically ending access when a project wraps and preventing orphaned accounts.
How Service Accounts and API Keys Fit Together
These two features are closely related, but they solve different problems. Service accounts provide a long-lasting identity for systems that need ongoing access. API keys provide the token-based authorization those systems use to interact with the API.
In practice, that gives customers a cleaner model for automation and enhances security across two vectors. Systems can maintain stable access through a service account, while API keys add more control over duration and usage. It’s a practical setup for customers building integrations that need to be reliable over time.
Coming Soon: Webhooks and More
In addition to these latest roll outs, ZeroTier One is excited to announce the upcoming release of webhooks. Once available, they’ll let users respond to changes in real time instead of repeatedly polling the API for updates.
That will make integrations more efficient and more responsive. For teams building operational workflows around ZeroTier, webhooks will help reduce overhead and make event-driven automation much easier to implement.
Additionally, our penetration test is nearly complete, reinforcing our ongoing commitment to validating and strengthening the security of the ZeroTier platform. This work is part of our ongoing focus on maintaining a secure, dependable platform.
All of these updates give users more flexible ways to manage access, build integrations, and support long-running automation. In addition, all of these updates continue with our mission to offer the highest security SD-WAN platform on the market.
Service accounts and API keys are available now. Want to learn more about ZeroTier or ZeroTier One? Try it for free today.
Want a deeper breakdown of the terminology? Our complete networking and cybersecurity glossary has you covered.