Service Accounts must be independent of individual users #2123
Description
Describe the problem to be solved
Context
We are currently using service accounts to run various automation and data workflows (n8n automations, Airflow pipelines, Superset dashboards, etc.).
However, in the current model, service accounts are still attached to individual users. This creates operational and governance challenges for us.
Problem
Our main issue is ownership and lifecycle management.
For example, I contribute as an external contractor. The day I leave the organization, all service accounts associated with my user will need to be reconfigured or migrated. Depending on the number of integrations involved (n8n, Airflow, Superset, APIs, etc.), this can introduce significant IT complexity and operational risk.
More broadly:
- Automations are team-owned, not user-owned
- Workflows should remain stable regardless of individual contributors
- Offboarding a person should not require re-architecting automation systems
The current design tightly couples technical infrastructure to individual identities, which does not align well with collaborative or platform-based environments.
Describe the solution you would like
Service accounts should ideally:
- Be independent from personal user accounts
- Be attached to a team, project, or organizational scope
- Have lifecycle management decoupled from individual employment status
- Support clean ownership transfer without reconfiguration overhead
We are looking for a model that provides:
- Clear governance
- Stable automation ownership
- Reduced operational friction during onboarding/offboarding