From cae0b4a31b4641913ed35e70500135291a637f90 Mon Sep 17 00:00:00 2001 From: zachary painter <60552605+ZPain8464@users.noreply.github.com> Date: Wed, 6 Mar 2024 14:08:36 -0500 Subject: [PATCH] Updates service accounts page with JWT example (#1289) * adds minor updates to doc * updates service accounts page * fixes precommits * Update content/docs/capabilities/service-accounts.md --- .../service-accounts/add-service-account.png | Bin 0 -> 57463 bytes content/docs/capabilities/service-accounts.md | 69 +++++++++++++++--- 2 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 content/docs/capabilities/img/service-accounts/add-service-account.png diff --git a/content/docs/capabilities/img/service-accounts/add-service-account.png b/content/docs/capabilities/img/service-accounts/add-service-account.png new file mode 100644 index 0000000000000000000000000000000000000000..bbdccdd5bac63fd34409d321998996d759e7bf49 GIT binary patch literal 57463 zcmeFZg|9NMoC2Ovzh`<0pM@D!OXoZ0I$1U&=5&VOI@HFG;Uss+* zXFU7s{K?%PKUR-3Js=>6BFIX-S95!^pZeU>taCPSsrJwu@3pIIU{2@TLj#g;%+J5! zF>1Vj`Mu4nRzB)AO2_q1Zmx(YCv!xvPeOBu2gYa(}<*UoU-@B%|({6^gRz6)VIISDc#B+xlo-J=Vrh!z3@?Cr2ZIh;{S)dC+~hL-IJ+ z`2B%c25R3X4`PpaV(Qq4_CM&7;f<1kcPxi=@NSyTvDaNesdX|1)9^@F$9M%vz;Imo*)nkgpA zD_}I8XogGv#>N01pDJY8Hf>@(%z@Rcm*`oXeuwloDjzq$3tfIu_$RxKEU{#KBb}b@ z)e1*FcP9#Vww&ikb=-NeVQ)4p6uHS~!k;eV9sC73=(hun;OX1p*4FJJA}xzw-z{47 zkUy26{faSETPA*Wvq9zb@xQwN1957uVqgkdKmS_io7Me5^TUr`0}o3`(*<%R@NDQK zPP88 z9Z@m3MoeD6DO)j7?J=Mcr!{luanO5j8rIxJ{j2GhP-b)V@wR2^Zxs6_N?A6M)Tz%x zyI9X6fIf!jS7{v7^SG#P?f6;uE)Z7K-X{DIL3TH75n(EC9l~A1@k>s7Z2SX-?xDcI zYs1X^ey{j+!9ihgD%Y3^DvPQqF-+%^e3721dN$P0a4_^W=%RV{q628-)nE54B<}kb z)ctbUWI9!-eGz1%)D~k~p_x-$YY@!b=#+`~YIC-VJo#YUm1zH1_cLJEmGqRpr0RVE zsZ&?bg_F*_yO#^J#jSMlun7>yJ>h&lcj%=T%UHzGa8_%@)0;zB9l6*Gy|+BK4-Y#O z7-@D?uBv*i>y_qrDauH!AMy97(afIeKAI;8IRTR`bv{ou;i{h+sR8g({Syw zUl_OjGPe(fbfBXyqTBsJq-2W~F^ z%?FQ>w^&saDkmO3CxYfajsVD8bZq@4-FX(>AJZCKA>d1GlXpxj4tEzDkQJp3mq9|# z{WZ;9=;iH_iSweb`vh(F{)nU0jHGleG2_QKDXeZ--U$i zlPJd#VNdyDAVkxD0c=&xJt>XzQXtp9x4p7Mu9N3DAx#KvKjPfa`;4QGUZ+kKG}nhE zq_y9aGR;bniV0~Ka!FJ9D}HQ< z&U>$EyUE2ALH%16h(mdp3z)!G*g~oyC^Q%Rh&SnSzB682Vr~Plb}~tUS=(rsmkJq7 z%Sr?+V109aD4u(*SJAVn%T$M9>qOQ~r%9$5mMXbAmmEKLtCZ1vmOg9np`_xIm5gw< zJXt_C3*o{6-^>fjh@<`D>IK}?Qz(?Hs^xEqgsU*qBm^bK`Z@LJte`4=+Jo^i5LHhdQ*!yg`WnC^m8Sy2OjL190v8wc>Vh=gb%%H2=qa2K3;|c)Y zJJ^Pp{OdW!2uN#q4QySRsJPV~3tzWl*|->3s7~!* zeult&AZA)B(2oMuX1-`GM2Admng!Hw#spYke}=b)wJ`>=|? zrQ6u!byqJw@|+?ltD-NQpnrHigXdB&+SBX1J3jN7*bxXnDXC{fR<#*e@jPyOKT7E2 zs|rieI2yZ-MwErEh@tK9Lt!O_J}AVYFmcwHym_7uUIgvK$ zN3fxZMVS?SK!bh+S@OGGUfldQ;lCn?u`|&4+J&Ztu94x#-Kpgn1uQI1y2F&v>UZ9xu#wC@!OGBc}`e9x;R!aEjQ-K7tKvg+eP7h0~*kO;GHj@AF2fw zJ*Ie_5)|h5)i^KEWX^JQ&=_=MZ6+CD^RXQU1Ij1dfA>p}grDp-sD$uRSP}p@_VGaq zTBT;hKHmkS2a5+aBI7^eSiKD#UQi>iEYt-IuLVNGyi-OcmrB+e!A-M zl;R8cUdo>UrcHk8Sz1@RqSMRQ7)vCVoo6T1lTO>Kf+yHkMPBIe1Sd59r1QkJ;UW5<2cpTW#SUF9$! z0L)lqu=Wx^LyC$|BS>0y++y03O;i2g<32S%X8HX2Tbj|B`7@*RSr)FdpX0euzn1Wd zXTxMWVoG~}F(`WT(n?YbL**pToAT0>K(?tPhE?=XBHwL6XWcMNU!iqn>I3%6`= zt@DZ3x}U?0MZ$XW-A{n4_BJ*>3G8N4^-(7GMgk=f>(N7~*QnEp=UcF(gOD0x=vKJr z>JZWGP$!*qSPQQUHC=I~q!m4-_F+kJS#4#YtxIuoPIE9d{ic1thhkhmzZ!ka!JG^|A-6g&C&UL?vUZ@xKD`(KqVTWnDx{-lF zT6NX3P`{oG9jO86vtKk79kwZmly{yXpa!L*bOE_g^ZrwPagBN%I{AV&*CE(gJ$^mC zwsMNB(L8R!xmO`sIA>PlL9ze{GRpbOz;ot}!0wWvo13Ab)iEW6YntrKLuxhm{g}iD z!o24)G08}#&b%Df1>)x(Uq`hcFDFQ#mhmqeELMvyOowZo0k@Y&8-1#Iw{`68O9d?0 zF*{XpQvpvnnHBg?bE^I!f%H#qgad5!7d9yB4flIW7DxpmA<~jGswrnxj~4GRe8OJK zyXY;#cq8bW|)At8Fq8XM?2~!`iIuDMQc0CN(q!IqLZjFWnB;YXzhLr3v7dZA=2n0OuH5Eaf32y^T!sj-@dD>w9n)Z{Ov_wkk{Wmxsl2> z7UF9j_C0XY(+Zj7oxT>4f62hFu?LN${IE3dk{$Po?Q5yudgNO-GqvBu+NcLBh!jAN zUhTy@{po!$H}7Ei=G4$BH3s2N@pswZ`QV`g1va0bEuxwJ@2zC8;h_c>W0{!9#xqqB z83l~g+rSEpaj+d`&+h^SKMz3qBZB#Ww~nu4HHutVn0_dxZ-I{PA^tA@J3Bn+QN8%5 zWrT-F;_whD`Yrj((~zPn(;wWtyt;!a=>Zs>lyRzkaU8itZygmc**k0y%rt-RQV*_7 zC1Y=JZ=+bhYql#7WT0Hz(W|Vn@o6Cw;hN|cy8DbTv1sAs#3P`%c+ksfD(h~nZoDO5 z?}cmK?(RR_qKr$#F(#V2FM{-JFN^at=KTfh-@Bz`bofrLBFcC*@5ydST`&!7wHMHe zc^I0`zRQ|S(n*@n8%mlFYGh_E+1K+$P;GiOfESsxNlmiwY z<&}mTYa!A_ujUOrHmXwG2>+q}eLs;! zvzjUWG9m;dgMyuJ{~$C42$6%123oP~N0UX3sq%4K%GJ3I`#@`ij)IoDQgftxV>;uN%;(BM?VwkX|8LWw| zO+(K+p!lpmQ9R1`gz29=_=62!M2pOsNI1Z9iO|}qN8yb-vAsMYHH1VV!ywld#6_T z-wc6IRVp8?K`pHhAB?WunZqSRbT^5;`~M+je{vfuXfo9Q`uaL9K7OmFa^3cy8uZ`d zj`*}ZseGi=ay-i1hR_B1h2`7-87^A~N{6LX9eLo@ea3#sZ&`^yo*-%qmz;~ZgbV!t z5=9?MB~dYlpe2NVXxo3aK8yR}XKEX4<^A8(B3MP_vRcP#dGa0n_fI{vPm7C-r^d!s zMLf5taeegYei;>bCV;8=sikvInJ5#j+T;v>(=Zfkh*%Mdii$ji^{tEUnNz~vHKVzn ziMG|_sKs6oVw(zXG`_@R`B4-J3IW6uo#G#jlMGTkvon&qfZ*6~fQ@rTz|4^`BNNlW zRaH1n^z2*nRLS2T{|xcy9S;xB+>Z$B{W|YqNQ5C1xAj{)i&c2vNa&V{q<5{aUqP#S z&B;YOmFxOFa$p4{ul@Jzg%9crenoTh;$hwAq^5J3 z;QpVuQ5@I=eTX_(-*XPfjSFq~I$eYT-($ajH|-F3OUd`$mTTiTRgd)cNt>3)W7*tc zQ`KUwmv7K_xK}NKGE#doc*_aM%a#WOZv@=hO>bYQwOCI~siEw;{Y_ykpCTMliRQ~2 zw1$l$I(n**3J;r91wQl1!!}W^}=bTe21Ms;z zXfx5mGnyDs=2P5oSihrSVD(%4klyDj9OYLzHQk3>peu&xA&0=;>*yGI`#ml$*9;-8 z2(@>wq+y7qcKIudyOi3)8u??{$%#Y5)oKW^9i4Z-V%SK}hxg=qEB!KlC3+Qt5AA1d**}#P_widdYSeWe{B!=Ym7%clGd|nPS6=_cLa)E@i$*koad_AUw@b&~ z-o6h%vDyt`KHvMg-*8THU5>HXls?7otG@e2?8TPIeUQoAjzsgO-b$Qw}2X!>3yhe3lKkQ{UBD;fPJbL3Bw0Ym{wlP#^WyH zXIoiLw10MJ1oi0zZQ^P+&}qtmBwrt{JLXW1?v6-us5`i=$$GcaKtncl8?V!Yfi(+L zA=2|dTU{2MHQQsHmwjI7I6GJ0uV8wYRZr>kzcz4NDeKSBC$sOshQOL{bg2>L}q@yoG;B&NWFwvvtp`*mx$z~MXcWa0;memo7W z)*=2qCKG{}e&M5E&s^4{qyq+hJrWD4q8(l?t}#Pq+K7mV_M@c9%0aNEX^`>h$qABk z-9}%haw}CaSZ4kJBTj2uq+U3ra9Mr4bp;b9 zATGLZk)m!?4e~(UY-z-zodG6TwAzojS8(aMeWY@F{ufK6pZcvdor)D}TfZk)Woy5! z-Dqxa{35}1;=UfI4Vm}}Ty;7XV!Y##pxfKX+2{OB`fdcJYV&%_$`{xlYU2j3E<)*D z=D**`O9u?4@YxGRn;M^Ok6s)$z;5o=x9DMQeBc|W+hOmAwcB;@=^(H0lxypA{3`A# zt@g`0xRFxOV@daZs1rIH5%(e{QyyyPUeTs*ya-`!E^B$bhXvqo738Iz+`=Wo1+twL z(xu2+G4Y{eP&csjW-n(na{0YpSbv(yFSe zn()rs`7S{oZuX$Ng{5S!A{rb<2w*>UDMq>jqxH2p>(X=Y!^YF0hk4apg>ukgUH6iS z$ir1Oc5YwO5Z|^pv2|$Z-O}U3bgB6bVJOIBwIlcebY4loK2h1s4$$C2fQ;CCEu@}HaLyl7*`fqz{+l& zdErwBpZvFM(51UgUN5_hGNHxjhg9TV+IYROz>R>iq0?cJr4ZDIhog4PHPYST)(r7b zz2qL5%Lwl~laKb%FXJV)6syuyEC~gJuGue_yuAfBzN_Aqe1{#>EFE?ti3L>1nEMs} zpoXP;o&=LRjl7TRxz*6pvV>DLFV$&G)_|a^fzB(xq;8X_;cQGE>^k_00rZcx4=F0X}4#kGjl$h+PA>^8b&9$-=!xya%p7%pg_CwF^>k8_qm z!4`1+RB})?u9V87g7jU|HK1(X^K=mEDh|Lg7|M`64h?upq_Zlddwem?|EKkmiA6w9 z!B@PR%~d>v%EUBAq1WV{E@v)t!U|I zSBK2J1U9GCYZqUfTZCPlONU)Npq@`njLbE|MscNekLMXC&fYR#4AKvU?26fnfT-QQ zhZHYMswR1us(-3nUmW0vxjb@nUo7MW*;Q88uvDVEFxiSoU!6SkpI;oEbEiUT>UWUx zJfZN+vWjh~pq52QsRjT_#x=kqV3Wkn>!L?*g+{Dy6qw4}Rw7^$5c_>&)_`7PwiB0s zCMzlYGfXK=%Bl@{&y%rh!#iO{l3)cx|u)Hxy|+@!fum;Sw|Bjg{iZAgX+9*D`Te^%R4og zDiRMp$(uB6ZG}0zy>5OMsAlz-=)#?i51-{r^Z@AR#mzoz=k$B~g_rz&W-a5=Gs!Hr zu!ovTrP=F*m5cTtbfDvh*|hVy7KR#YrBs{qN`aD`nPY*QXcd=1t8w7`sw8Bg^|)JW z<)LvadRJ+BDp^E|dB&*QP&ilfp2mdRWJ)kv?JKPDREhk?4Q|*yMj=aHx3hw$1LMhp zx8QT^Ws&=d5CVpFwE^44V=0)VtP@TyX{)@JuI`?RUt)W- zb=xy;mwhd$Wp>y;Tw_AKA8(f~8kX)^GNq3iV9nN-QXF<4u%d#8h#S)0s(cMH{X*G+ zyhtZiZWb;j=$#I}NF;Tc`Q!puqfm!_X8dG7e9@iNG1}vIj0sbS*ug+}lyCrA=9BCw z3j^~kIE`NbkDK9B#L(+Hht%_^)j)zuFVPDzv;F?P*15jxg4w>~UU3c4)9`>WH!_&2 zvd|>RuTH5kyyb3#wJ9T;#K7}d(y)ufdo`HeL#3OK6X@1s#nsAKJ8PbN?Mb;Qe6{?{ zdzfOo&L(##GyOB0;B3PIB>6F>wdAM*gIu_ATo{mI+kD+d=_TunoR!jA_KrO5qr^M2 z>jBPTH(So(ww8x;)^;f4pN^)F0&d1=or}lP&tf;i9n4^Q4ma}lbDZ68;2V#??N8(v zot(Yp;2qAo&CLxSn3zB00kWa*x4wOSa?p>Nw7(H(p)0B0%v|po1#E`bw{H4BHtZ;K z&UKDF4Z)ie(o}=iq;t>aU%v#DZ-f9_RHbK3Y9?n+FWI&~Xx?@XZ5*bUxs3C1!ZZ7o zz*=j6Qs>b(w`+^4MK&5C=)~Gaib|@B?kc+X%s<$m!1kHNeW!7K+`{4vw&6JEw0R%~ zi8*!GtC^UZ=^H_2ScgWDs1CRi;*OFBFWsOv?CBXDhgXOZke7HGr$^?K&Y5J-fZRN#2h$&xI!{j=5E7fgU4&n;r3QVwb))scg`B9ZZ1H^KVJ!6 zy&xjqaVuSuSd?l|n^}rT`z+!$OGg)P*wS&qXXPh!KCA;;@gdYugBQL^^^F75ImcK8 z>~(Idhbuq$sACL==vhIhN7r5gT%2F*(axXmzsnpuY%CMU+T7aW^ODrqmN?Q>VtQC> zhuf#vQd zhDD}!!^pr;uNdr3a2#M%SW^E}-+59!wQWCN23OieR|KxL>jY@*Wt!| z4$~5Mfqp^H!{I*28jZdDq>r(N{3}8l+YqVT$T7gzqc z<#b437?rOi5F|`M37IDb9aP8Ty9TZ0M@lFJUJDZP5l{w~nYTztnLMY$F_}x+Hqty2 zi>yc+F+)=0znC$>rOi42(>;sSczRyhpfLb)czPpf+=T77-*3M%la@kXKb({tH`mTP zJvVi$IkWxzCEzEnvPv>{Q=Pt(=f0rn@PZIDyv3mk2)46Wxfx%F++%6N-oa*chuWRj zuc@Je{-qPrF=tEh+Swh8ZXV&_4Z-*suu?*Cvq}LoZUr)~$6@^6VImUbhogWXSO-F7XcB^Y=pH?l} zU4**8sN0IBP<{$U6jyZH7MEKs)f``6H*Efxem#cPkC#$bSO~OVY(diP55CNg)Eh?G zh3o!m)QGEDtlAl6L*7|@7}reiba?q>?PlOEK$zac_4dH7VHO2)nPz=T(Y7VN#V&My z!w%Uoz;l7taRLXvK8GyzQtzk7Ye0#k8oiFqeJ^PqHzTO`8+~)b8` zuEYXrEGc9z2|B!4QtNWu7+nb^ub zIQ6m~T2AY;GgV&^T7CK8=A_F;>54bjMa+)9F*4{NUli>{w4oR+yO^CxJI44RZ3^!w zj!ov{o2S&fJ{vdK9Wyb?!aJR|jZR~+m#D0bBOw}%=JEP2+W6SLb#-*P-!tDoYZoBn zCgNpjzA|q4<^`G8Rlz2_*tjYzZJtBb$mM^JY%%AiR4biL#gT&B8dBE&2KQz%*ZAxd z{WZEP`rgq9PF%RCq{3fW8VYN~c?3#u`EuC)UU`#{O{>{AwBd2oOFqne)D=BYNQF(z zFX}6De4TIG^5%ZZ%@^w=y5O~|TlI#>f$J2DVKMY2zLcSv^E?;qM5Y4?sMlR?Z$Ox( z{86m*F5tTQTQNZEozLt$*XHZj%vICWt3QR9YoOnTLR?yKH!1zN0ig30{)VC8{>{3~ z;!j}PIBPzY+pclvizETwPX%rwzQwC;%IOU)5PgY&a}fc1uUXk~;7K0P*u(!g=OPxB z8H0*rzx&((bmIhawy`|&kHaBDgk+xeL zLMjS3BMKG`$%cyOGg1Zdp{;52pA3O<#`1iq_>C0z`Hlr~rBGX* zVZ6(@znO*k;~QAQbn7k`L9Qs5p}Ey#a*VU3UgwN0yBqO_7rw_5HF>uJVYJDB3fVT( z>`U8POx(ly!2rty#+6>=eXZ;z+C`O{;J@%)MijWnV2XC`6W)8;_7_pT^ml_CB<(%L zT2}%;Mi+2aWYWb2L645$E4_tVG5R7RZQN_Km9CRFY!j*_Qgsz3)yp-@kW@Y{}3Ep*+8LvuPP96|rP%v@DeL+t*=fA%7@s^(S*Z z?-+!MafQg804i`l>kkCaU#6#3xKkApB--|ur~pcZHU-OIyfaL$ z59-unp6|PneF%o>_6r&STKb%PejW=1*lY+x0Urw4Y*~gxIp=`bJmCgSjfe^2$jQ zpQkQ?*c9nFdca)KcCVDj)5!}YQtx&<5=>7 zC;aU0vD!t2)oqMY&LO*k%R|F4g$rL;fp1wV08y!)?F6hc$I(rP9Y-xJHhX#9WNs4E zb~~I#p?vg21`{B?$96XjK8|7J9H3oRJv}4~w-y;!EE0Wj~hhz53bvul`AT{PGiqO~KF9lG2>TBla)T^s~67B)S7zBE! zexlc7@A9vm;u~FvOE<_H$9!>?9Es+hV=T83i}}ng#jXt{AU?2Pp42_hheAsk(P)O(rPs2sH4dH^IO1O6@FE}#>vjVE43 zS+c~5jU~-?AGM7Bwz84e!UCqY%3n#_@?Ck}y%+K!=e>9q2i_RJ#=rPSL5$e8%#Zf7 z{R{scDXG>AOqw`=(^RCCa*3-uK3(uK!2yyrVGB4}tDRb!y#3H`{Z9V12kRy#d$wO! zTKtH*l!>CHQbOakMCv1(%y1Nb_{sg<_F51aHr8@n)UlvSKzcDZZlPtSo|fu%PO!wv z!GLH8a)JQiKp=92poesSn-6K1n-?viO}VxyZ^S}Z3C$u?5BD>Zt?M^ljm`WzE_S8j z?sI=jKSN0A(xqHtyP`Q5pm~yvXwVxuWV#imH{!0;z}Xmu$`Y%^&%E9TljN;up4y&6 zdzq3D#*H*$6*QjvzV^VEMbL$HI{hqKIQ$g}s047Anjpn9MCORW@bgTBdOz~|HbL$g zE5);XqtG})G|UfNjhscwRSGm?tLNpR@ko?~YWXO|IjlPGc%L01vg6wF2f0~EPWylJ zw!Kl8ir50t)pn#&-?&zlzIldCd9$YN#E%!A$qJYli@LPTXV2chm~5-IOYhiYBu=*3 z=Iy`P=I%I*--j*hD?>1$9u7haIitx3TqSIgIE$CkWbPfj`*snIOXHSpFW$>qGWs&~ z{#nF;Yfhsizh;7L$i>A>H7~2tXYc`UOS;n8%bob)c8z zwkggQ0cC#SUDkv-% z0cMb=yyUf=zl`?wKSdl8D5XUyDu#(=!hdKu|sZ&%N7g-_vNE!`sNc zXGGQRuisV~Hdu+-+?MZun}H!w(-J( zSTzyRcl3+n)YgpJ5arrkcjw77y%$PgXcSyBu;mJtCBK!nz@QAzvqK2Ph)Jsy=NuP%MrT|q_kH7VcF=3V3-X}%O6`y2~7BCEm?6Yk+R z-lPK21m3gUWE-MG>jx*K;r3#s_%`s>k{~buDMb@B?(rNW;_{_%_# z<0@>T{V_GpVWLz{=Xr2IQ!(-N`3fcX*AIM#S+xQH zarF-)&>cCH1Vh6d`m2ZnQw91WdTy%sY_$*D^ig6+TND%T&m+_C-wNBEdN!ALkqE5b zskm${SO= zm5Zp|w1GkOkxyW$`0p6IPQPcF!KDLfSme>uyTFYtTJc4z(&&iTCIXrm$L{?v)Hp@T z;1|)YHb*0DInTv#SYJOoGHN0kVYa}*!3(pG!E`sDS0;=`3+x8W`RkL1zqWB#4TC3LJZosN3)w=kh0Q_18F$h zyk7WHhQDPL=0e1F2oFp|%CZ{Ioy}LtMiS?73j23Z=9?mFuN}fYaJUcNm5pmtBMXwf zk&_ZvhpX>VCjvcsH);^4SR*cpt5D?{C%_1oke< zd7$oi@^YsKvEAm-(@Ph$*L6RVr`Ep)ZiSi8UizY)@=5Vd)LO}et{BcRS{tTM=!*~^hpf{}T7Kb0k8l$VxsuED$Gf}(cp~oD<#cZu zr%hZN2|FIHZm>I%YZ_Mqi0cogdxJ{+-gDg0cT4%3!X+yE*;9+LAF^Jb6YnpetX6N{ zP$9pUw`6F1D-a6eIBTH&!Ks~alEUZMC>_3bBqg;K)e+MzDmcH@iaP9dj8+PQF!=?Z z3es?#bT$^EqoaG#m`GuVbDz}wQMRG%#U%ckBpmY>vZaUS$u1~1I|-;m?ng82Z@%z@_O6#=I%)3#cjBr?prLTbZbo1tgb0Pz%>%dgdUmi#NYwD?^nhj=a(! zs&{)Prqj5P{YGFku9;>7W?SJ{7=*uHQ5DBpXsA@+tVoEzt0yS8y{DWWFluiz&1;8>^zV)-nj+5?RL}9(b;|RBP-MIeF=`cTDGIQ z3-6d+-dL88gH8t# zc%wOtganUYTKd_p@$_-s1tA|&|@9#UnlFfvQ2`c`_ z6eey|n1V;YW=tDt_e^kn>XTgJ>9m6tc#+YSSDCd^2(l;3U-~k&f9kr z8fd2BHSVgg(q57We`ofqf0cv46D}`+2Dqoaz0hjnF+rCu~(e$2P3;C0y}*Kv^qN zGk|B_PP}3FXCXgnTzKQSW<;5~Seow&dd_}!cK7OrR1bTEl_2U$`=`%17nGzOYHD^X zZ>24fFr5K9aCksXs>__!L1A59opiezCE9?~S{Uz~O~b(^42(p@4==6FUDAuJbw^x! zr@O5NH&bSUO$P804HClrM%4U_i|p@<^5%`h?0|>WMguz@@Old*#PAR(=)IMi- zYh3g(5*89x;>;2C`3Qr9df|l+_-X*(c!nUE4%{?ahM8aq8Y@cEnXRj}2-|exXm={? zs2@HuzmjDoMKmM=tatXJWoNV79N{T9Sq3VQ2bq{8tbUJW2^RHDfK}n<{yDa6i$ELt z@Vm88zvpSPEPil3%-&a?M-_cfDEcPIR#2y$G6o*_KWnD=u!4)!x8j9N6>TkQN~wbz zEK?F&HnH4}c&;frd&p@b;@z=rT$NHK7CzWs{yYR{egu6*VB%&K7YG zKL3)>>Wr4(NLl2FFdCRNCb)He66NQ5i516)ow)N+_2%D_>Vt6JutF^dC~#ib=Ca~K z{2^gV!exh8)_I4Sw z;FCkHhKKbDhL&f-+4Z8>J#0R{L)O(fnnaU({Q5=G6-$1m0oQNbe@6w8P>Vi0CdKux zx=edBT%Ph)fGU#oDWeS!^g{6SqJe-`ZM_y{;^fHG{_^NQR_-}OeIdU(DvRPVet@(- zI}oq!x6&VLYnaIEhaIS%q0#gFzZ%*@s9E+rLR2SmjM z1-&{tIz@GGI0;6ofU)I9RYt~0SewrN;XT76+7SsNrfDvsDFxI2@XZnh@qI4`a^KXH zMtXV~Nmb&we~9SQr|+2pZqpaq>JbBf0IU5>=RPn{{w|IWbXW|dpJtb)vrj`rOK?W= zi|ceM`r`iqv4(?wOoQO)!hl~4+P}5^*GPKQ;po@@Yw~{-`!_P|Ki~f+F#k7Seld84 zYMlMG7r_6Q>hOO?Yw`yUd43+i%*_1I?p&@!_qQ7U({~+-6@@P?GE7WQxAlDa@+DKz zUcIZw^jSlsgrJm2SXkK9`~-kWS4Vd&SvTi@TJwofh_Eifz5Ak!vJBvkAB{1GCr9F- z7jCp0S#nZRqft?5X-$1SKO-w+%~-`p#ef@HGqtXrkAQW=n%MQas|mfBkP|x-RUq z?9RmU7V@b*;96!lDT$~sO&e&ok^0=M-pW*82B%_fWW=b_+Jcxc&D-aimSSB0r=0Si zMU%hMxjopTS{mx=+Gb`sg9+^IpUo$=+$HPCK>=7ZPC6RWKuHOlu5V%`BpPp7P5I?N z{toE1>c9O7T>roY}j zP3Cw0Ics-HT|Z{aK^m8)R$qtn$Fj%jq4Pizb_YM#QWwV{p8rO)e?k5sgYd$@QN9w> z5q;dROkwh)a^?$7tj4HJTuV%hQI4POZG*I`BR#R7*}%J0n_6KR}1Wp8Aa8#Q6L zOGgm)POW(k<=;2{B_^m(E!nvU=g`99ewyjYWVzL8&ow`4X=1G>%Kt-!|D3?d!6TlX!$8ByAMxW-rv3{0we2gHDPM!E!u=x3a)n?a zNtBlL^q@_3qG}Rw(f=hgt9i{$JtVqRRJ~K&MFtxBJR7oA)mIR<0ks61cOo zV*~F`QR~Gl$c0Z?)Rx;?8f+q54;4y5cNaw7-v%##DqO40rwY}@E?AcJ=03dHogSVR1k_Z#Ah}%Ne@EL^<#=iK3hPvZBvJ`eMx6 zT(_=pdrAPi)uBDLA6Shp(B{};H|_8^S(y?9sQBsr5;%9M2$|=nh4lNa7|h!z<-vYd z-|!Vf+9})lQ_oZJ_YVF5^^J&x?N>cqgqY8LTayPI4EEiXD?e6FDYcjZ@F@ijy3KD- zA4H%ofogMIa7cv_SU%a! zRuqp%b4l!>5`OHaNch5jVAT&d_^uBgDHvwXe}Dp;JE4b(cFQ)>n4BE~8*X=I+05VH zF8SJ%3pt4==O^6&WAFsnIRR?KmG_Sy;2T5eSg_WE%+?!Ip(Ysjr^u|U!!zgft_IUR z%ZRIJnl`AchNhtO4;%fjTAfbe@RT`MMU53A#^&@1_+>S-{^Hrk#arbimzT4%o1o`7 zU_%G*DFy3t4tg}-Frs+d+jRamvgY1$XJ(Ry$C5tVtnxJmO^rgJmU+ue$-ok{GDUQK zhKQcuiePqB$V9$Wha|cJpZsT~#X_Z2yG%1<64K>BaSgBzSP$}F3Pk#9x^YzcSP0n> z!TGxMc?rB|iOLF%yQr|ngKFI7viyLusu}*hRLAHGRz^Av5l|Gh*Qq>9?9sbh0jPXf z6JMo%k-Y~It{qeNWMpR0Xsf??)^L6D>ztcsrwQqHp<|Q>P(tr;ViD%D0Y_%cXZiCi zQTbo=CZoID`f~!(Ri!+lq@u%=UI{umhUwe)ISJgQL@mb54i?legt~5^(9^jJR#jqw z_aQ`#+xaoKPR*WqqXv$vPQ{A-tGTx@YxCKwgFaw8Y5)BNy?*^A-xKGfL~#>?VR!vH zQqWF53*f8KZpEj=Z)O^d5Hk&H0gTKR_?93S{RdEj0Fx=ZHW5hq7a%ghetw8FX!!Nw z;N!fONsR&9IL2eY45%~sgPtF5&tk(EEx_ca*!T zW6lK*)!!l&>=aRz7nmv))YuX_-m@LICx4tWr}6kiTpn*anrl_#mI~CJBFU>^yhxe4KwBZ*7?{nRB1nzY68~Mf4A~g{`G8>_Z}9d^3p-a0yZ$MxeRk9 zKPWhO2=!`K039NhBIh_$lh;4V%UnH8Ug~Jj?NCUxpdp)f0;~jI$u$*|9EV3QYP>+N z3{2fZQ&yarPPaIWY}Q*!nG0v@UoPI+ss3Tzvgn30?mXlZt(1u>X<+49&~!cFvjl?Gq8r03zRwEWqIL!|?$U-&9_OMCDc3VvwCi_+q96#Vdg96B-<^HH;q zqAZ4CFNfjxiKuv9cjVPBUB#(Q7hDJ{2O`e!bp-NTDxn8yq`DZCK<3}qmw8B2bk$5Y z_&Qp_V0xA-Z1^{_OGR4kxV_!(Uk>_RiGi)OYkM&N__r0M!iUJMVTyUY-nbt_@Q>l} zcPJ+4jGP-XYJ;b-dLtzT>=3+$Trc8X49gd07eZTX*TozS-D`(R_#Er8b%-0y4g}V( z@Y_gRoIi!Ea4wu%E5;9|%o!WDOK}R@n;g+%R>;iJy_&u>5A7M;xCXWW;(cUCIWwWeX8xHkbO`h5dw63l;N= zc6bMFlqINjkpnTMq-)RnsdRWrUUMO-r{*6}yOZYwag zxFydSBjx(CNh4HdebZ#v?374^vt|m{AhPxSLkOMj3Vse`7zVw0#t}I-Iy8Pi<>=V> ztMRc<8*=}t9pFh*#Q9@3UB0dFc5M2c#~@75(ALmvgmQOkF{?;OFZMpp@g950{r|D| zmSI&jZ4|H|(nv{2b4Zbv?k**y8!74TZt0eilJ15hosvp-cgLYSzI~pzp7{G+*O&kH zIdEpro|!!}_geQ_;~Z61Z#{iH?W4mt{&+|r2P{jCt%Wa~cieJ3cer4^uXlb{FlBV7 zjAL9_UAbo4hv*ix{&|0No+h;RO?`O0FO+}Vfh2;In%%v^@Bp!tJiyqxGMWVicLp8E zCpe=EsdfL zODxx_lz7o3ur3V))%fB)Gn#zBIxe@4crx7boy?uK+WCp2t)=|jl63l2hKnJERRM$- z8)^KrCgL#Aewie80Y{}RDk+PQ+f$O8=_qFV%lWCG z2&VPsdequ3ej-ahD&%x78^`pYi)6fZb55;JUa3Ev$d^0f5=3Vt{{x)40e?3U}e4+VfncI8P;4RL46C)qnRIhibU23x&Y|>-$eLeV&9Y`RyFb1!E*_bv>NQwmn);JmXgdXeI?uq&bb=+XU~b zjiC-l*Pl?8>j0-DZ-o;1^ld^z=C@NXFkde&Lt?%>Auj4JUA$R(NM2Qaa0qW2$KSj;?*0tW_TTBG^pRr1=V7~@>;KgTe~ggm0wo%?%DiltLc}4xl^p| z?yN0$R5u;kb(rX2GGnvwi5Rtde62YU(z5Vrcu~uwV1c=3+b#7u-Qn1>Y|W@O@^cAk zq}5YA-r)^1z&MZeq_YHw`%K+5VEF0E6CR@ONQw4bVB33uV-d^G4tdLA3M zl!uz~&m;sqyXZZxj5*cg_VKtp9a~u@QCGWv=Wsm~e7<|Eq1O5&a(YLTV6k&FgT!e0 zswyOABOt^`C;tFyV?nh|EV$bUjx~3AJY;TK?@R&T&r#_F8a7+Z+~s0=2Tna7!Z$-z zH5$?nr8$M?-0WK_h&VoT?s0!I{6((Ys7dqZX^7vid?4@6(B2uHu9BBXVBx6MGg0=b z1Br#E9ap1u=F-6d{tME&b+0G`y{=wq* zJYPy_s!u40cP9eVIhQc&l$tYmCC7RorrGn>8)wdji2#RFEP5Ryn4i7#{*uqTUdPe3 z*YOQP<{{m}_F!!i>1}@yBA7c1o!>;PEvW92jcIlXUH&BVDsybNw#{YS;ir37HZNJ= zl6xa#<3LoKXGG@wyGE?4`u>cB%j7ee@><p(T$n?1UE_O^w}P2QSLk z6GegyA=2gKI-t{++g=P|jy^G_-JDr(}| z9mr>+FgG{1-1?mY?gNE8YA(+UiaeFsYVY(;F7m|{xhf+f8Hd5sWrU(K8Ke_>(kw|; zghqvyZxgA@^F@xX-`=L*FcRuafS$MX!NbEGWogoYx|;K5n~O1~=9D^S<{xTO@Q#3O zGAPhY=i=KP2rf|TZ1A7y86Ygbrpu~W5PcvAAqd45TwvAzF#hvyW|o4PHjwhU zpIDFq{yl{&bw`4w&ZX_%2M}{T;s_qAD?w9}{pI5AO2!XOr=$$ z)4+`p+LxP(aMhB&U+@J|Aqg!Gz|H>?C<7M_!r!eBhZp+7?f)4U$3XoFG<-{y{)^51 z`$C8jGbZMD-k7rP|2EJ6iucJ-;3z3;o@o^PnNIj)0@enRk*B=RD{B5nVYrA=QlDX} z<^EBD1~DNK)+8AvH_ZQFDgQ3jj~)ZKKde#uKjLlsPylUaOvpb4{pkh%<8d{}fcwAb z;|cl)rh)~7)UQn^yZL8X`5#YHEd<;jCB_N)f1~AJ6#z8w0CcVVZ6N&bg&Fw)_s1pM zfA!}!hF-_K2O7qqh%Eu{ABDjJ_oo+{dh?IAOadBaOVNyu=^ustf23plIy+)gq~ocf z+EjBu_b8po=(3xa1cu6uakVU~1c)mF{@!Xra6E{p$k9f0ptw?ykhJJOa6M2AkDu^r zENVty+ry!a*T9KgFY&aA&F4(H!haM-7K{Wf>*d+7>D1?;G&6^--_ov8MM?#8sWz=< z?>_&Qs*mRQ*ML4p_XGG74?rt_a51eXzY7Z$Btx~=WepA7d5(^@%ZL-x(|5~r{qZzc z41TYo_sSV#3{JfSw4Gv>vQqgyz>7}PI+v4bdKX7Rhv_)5qII5>l<#ak_|Ja715YTv zp9NGv({C<-bok+lw%ffD-m>AJq-hp|?9;VcHZAP>r%cVq{)er1N0)$(m}ymD4j6SK zf^eO8YlS&cd-gEAhqdumfI?ko%0he@skC-X=JDZolSkd8Y7L-s?Hv-hv-AMeakm+! zVUkdlDpcb=_jm`%RFo0hB=WgGxm*n<&HpM#{Zim+!GYf;(7JpM$Y4A0v3NR(_A%lQ z=PyDrddS|&V8+`gds|*_aOV-|B7L3aww3b6(EE0`;P9)GTooXL72K@-Dn#h#*y{7e z{022_M0N2vgq z;i92ba>n1hK4($U0z_I?@vr# zq@*;~Yk+!cu=RQkMawiR$TE_BsuDnvFW-Xb6Gq0F+V00xHH>kzoM(+01O=CaX)ue~ z0Ex_Po3vpNjw&;qaDQoe`OuGYA3*fT;eCH?)MTCtOy%fgvY?*@mX#pLe5gyYqmVyI$%(kP>g;%(S^C^6nLAi z?rbx}F4~PYV+td>*k9%uyFf_Q6{rE(>=zt7yt^y(wvOhKn?<93-b8nvw&>;@ksG+E z<{W{CbEPMN0{!UarLi%^Htu`f)2J1%VF+3q0`RWtaxGvzOo1WH&srVt8_|5jUz;Z} z>vzI+;gCcm^*l%C`-DPY>04n+yPnrjbBbG;-z>dEhUkL#wlf<+BjR{EMnsZ@G$f34tQ{`} zu0QeKY{a*ynL)+=i-Cn`5>$^sCh}zt6+I9=yrYYzNmRy3cjM6+TvH z80T}CDCn4g*D4RF?5i2#`K87o748ATAJ>9raXk`!Zo_+Ot*a;A%GW>L1@!F zdIn9HJVJ9 z(#|um{}WsOgQm&qLk>@f8+`M7*C=3yxA8$gV-#0Ew)UmD5G2Uzyu;asflL7%I)agY z&~=w`1-opx@5eSoRm`jSGISvM>?QmA%SXQ#Xd%!a^WqNd0=5DL_NcyCS%3MVo zuW)c)>&w@A0`EUVE2!UDSNY$=iS0NIND*xHA?!Rl=_Q5O$2L=3W8RKuK5k?l03qKAKU^`MJRBGSIzKRz$2Z7NmPp zerd+P>E-`}d?uO2@Bo-5&IJPzM}UmQ-<-}>#2o=K*=u6&nMA@!_f2y&rA)}^1A1cy zh)L=Ep?)>|7ZXYXo{sZYKQ7j=z{lDCks+eF!2{3MqArw0j>%YkhoCaVx1{HW+mKJL zjzyG9&hu7}oW2*e<_KLV(#h|(yDU0dKiG5!_k1CCSr~=L-N@^KS7%Il^mTj~ zii~1yu2;=ANH%m)&?rNA#3--c-7_{Hi}*yR17aQT%nZw33)@-aq?@}4WWuW*!1!aY z<~M(^%PO#fSF|nPv~0fah_hO6?jLIb)VmL7eNIZ48{FSvqk~N5o<`B1s7hQY=W!v5 zqTE3qbQXQ{2KxZ7J>}dVbD=P&}qZg zH;d+w-1}>OA+9xM9>5u5ju4p(o=Fhm;EjEvc{>%TL1z(N(pc8*~?L9By56S9TWf z`XXBe7*s(-yO)!6z-$B~v=Srw@Gse=0M#-u8Os^#hcYzVG z&8+~Fg*pZ3qnCrfC~#gD*b4ZOu_;WQz^jK<`?(=@ZSW=#&=KF01n!gn ziH40;*(?)d`+l;uwwPBY?W@<}apkZfcU$ibjMQqp*SP$q3 z@W3BtF&3KH2eQ5oh6A3VCftb4UzdGIWK0-`+9)g;5|pQIKN~hb#<)Y-EqIEX34=t&}1FlT%8SuW_nLbNNXdeafS9_W(Dht(OUBnM~ zBPvywUa*mgQ83UNE^T|7Qs!bNn|5W~Pu*f)o%vwJy{7e5$O^+TUA56HJ$`xGC7$P> z=p~^1Onpowh@9X?46VYrGUE$qBrFP(6{l{5>5aCUV=5HeJZJJd)~*)&I#L`;EBe7e z`21L46#>OYZX!FY)DFQCTFkpmBq|LMu_vgE%NVc%!M-&m3M$#)e z*B>?~i2RW&16PFpb_{vG_7w~!zB*i?_IUP(nKxdG{y}eE zAWClnTTfwa2?k9+wB@e2hwSB(wd3`EUzXJeAaEJJzCzdM3!&9ios|&9^MXC$TH8g! zy(=fD^Cva-rrhsh z>mQ>MT-dH!y1*bFS#GQA-y`k^2VF_mo}$u3@cq$I-UlA~v{Sw*27Wou`@ix zS8_X~{c?U9_#1ts$t!I~1LPX7X{1)qS`yV&LA4IP$<I5(5{@2UQ;2c?JN?pUr;*?Ht$DNN zLp=E|lu>V50x)r02-r;9$t=;B-jR458D~%=hJx(|`^Pp(Kw?Q>GN7A8j{~=t1_&4A z>5r907g0v@7}pC=fhO^s%?ux5CUpL_%Jv~aFf-bYSKZdRH%UH|9@&9Dm=+?(5-(sQ z%4W-{_wo;W{p9cO`?aXyvKdnv(e$1-3H--Mh*^Fc;X;Y#5+b#=p7)l3L~J1NiUTdX zIbP)26BzAe%{jE9OJ&XBuG1{)_&NlQHNc$eoFu^kcCiKz^}G&l=XRAI@d;^-Q0DR< zBy`pZ$^xSGghe! zkRpDMH0=)IK~&2ps2KJ#L0qLKY=U&Z&*Oh$y!E^_KTi^?9FwOA;iNkXBs+}~;aZhN z&f&BtX^sm7gLqiV-_6lP9LvF>LnP=FH~cWf>3J5Pk0W8&|GX(wU~xs;1;JjYa^t)+ zQ@+Ir>R1Vx5r#9Uy{7PVlb5_JR-FBAAcRN}`GpPkv;)^^H6{dQ>8AN<_j&(v2flc$ z0v#PiD1EJW4KX?iY?^mrM?FF(UsBucWQC^&OCcs{J_C{j&;8c%QUN;EW;pGNu84xY z-V4Y_E^6%e&Hnd~f!-3UL<^E^fg>U9D_qJ;h4m*LE5ptatWsd&k1|xzJ(>de#vLcF zY#N}xoU2zju5e1(RtwWW=Myblg(wkNiPk=I%Uk{47Kv<`?JikurJP(OHjapO>;0uU z@Jp7F6Yfz(r5Ejluqka=tK_E_E^ype^jCN!OazXuM`k1KC{b1DBEhr>5iZmaw5519 zZT-DFng01S1i@?fpV88@0i?OYUf>3(L4z z(DI6cK=b^K>}vWigd8HbA0NvXHL92Aj-m#)F8QW4XKy$7FD}npBEcte;^5sODl=Z6 zodOJl=DTmqOw19L!>#JYy;qxQM56oX&y`2~gYjUP3@v}XV_0q`sy``IKM}=?z{GOP zA|qg+S-&G4y?z6;9UOrCA|Z1{B_ux!0zi-t zlD?HPB6qHrhHtM*d&ghVt)Wf`1;NRKvMB?B03+x^3iK9{|5|4W%uJwTUkVHkq3MQszByAj^22I1nQ-5 zZS>t3weqBWYO71bpX#T->Ll*sV&r%t2lQ$`M#{YAGgzKYi@%~Kd4am*>HiUagA|>m zGZiK@8=}UC9Y{{0_`2QiiV1fh$i+ECL7$(m9-d3#IGA3qwC0i$N5N-!MYzxn^Fd?;svyp7@plz}>;cFlwRJDgAD%yN_McdPLkj;C z_JFqLg=#Z(Mjv>JbYY!M>AaI`_xU6%lbE@U{An36Tv!y%=UUflfp%WKt zeDz{tI4TU;paKyW?w~~tju$zb41{~oV$i$P5rzLceV8EaXaOK=Cf#=Z1t~d z>7%Pg=lC>-&qKex;()`I?uLkT9Nd_k2H6YqAQH76WxVyMkGtNKG)Z{9p+>KZUSr0E zDy-up3O$3xppEs#i)%a)XXH{eFnIaLCuFm3vS)t3$;o01J5T{>BTBlloNSS_I7k6k zgq1-=3+JjV)()caVG~4)jtYz6`wWik8O$Gr0hcoJWDJ2DFbG5|=5#D6VbWr^e2UWY z1pm5MitpCr8@^w`7hlu-DdNb#H>e<|{)FBO^nJuj)~yZ+4Pp4U_mF+(-dY`ATf{eBNyCr|dKUd86+~e6r>a0N zjaXm+{9n(r_~n0V_{V>c;lLvHD;LJX|F!-?xY$BcpHI3A_Wt%*isZgAAO8R1|Icci zn<7dX4q0Jg;c96vlD~GrGdMb0KYPr$!BozQ?~?`Uf9r_qa3Kw@TSTkDatLZ&&|iig znSwdcsfrYo&;K(R|2-IH#h;O<=uD^1i2wusPs5d#9T*%%m~k+F9>BnGI{^8{{4U>@ zwIcuDxP}(>_1iO%>IuaDzn0=F<3IhTj}d5wgT|!^ z+`oKHYXTeZ!^HMr9JgtrXk3W$x5C22R*J|itk#CbLDlao`1Tk03qUwbo7F3^A6^q9 z{jDW_Qe!ZJoF;m6roVxW{quq(?E&=ga)=i)L+W!Mi**LJnx6yafKLos;16&3L;u|m z|Ei?l0VT#8_?(X+TW06Gn%1d?Ugf_X`r)rM*PG*!9jxXUTlnM6R%7WSLnd(IpQ(`G z|E;28NS*@u%&!u^nGz7=$%;|O3lK-iq5zq+Vo~@kAgcT%ZF}i~rQcuWq(FaZU$R3a z+E*&hYZq=v9vFt9QdUX*9w|plQj-)6d~tN99J9bNc9yf%#z<;ztDQk$XRE!css0S6 zRew7&II_x7M9RCSeBxQtq%dqzG6tkltsg@Z)~|3sPtkofb7P@(Y`~CGzV613)wGq= zFQ*49F(%QU$z@Ai0WM25fJ^Lrqw}Hpb9mHB&L!8bL?%6w;sYqB5`cjI(ktpp0@fa| z1FZ&#tR7zaqt>{gtMhSrtqR>1OGwKV7;06@X2Sjr3c@*0X_(k4g~A70VbF@g?#@Jg z)xYRR2Ig^5Sb}zq6QY=StD2B8ej z-eidhz<7Y68c~7AYr~R{ITD4<#i@ZCaa8XQf=RtA0fR{L+GtJ;U!hq{sb1&Y19N#f z;DZKsJs^NRnAY>DyS>;?a+=ye@GAwySb-Gr@W?fy^iEd0f_bwpHsa+q6X;YHQmCkT zoexX_8x$ic?L@;^8NNw8J3g$$#65)6QCW_j-d>l=q>=hJZUaAI+d9WXIugv zx8#(fMy}8Os;Oe44y9(X$T$&&zLz3;p7zsR0xryRW(Db=0na@X4deF$7=1jjv$P%K6RJzK1UxXSL|=0MoQTz~ zGgqlH%>R(G)+xv9v}fdXdtL?9v1-QKO+cP&6>i>bJ3U?U<7#c_%;!|A&utHvsb-9U z^fWZRZWLYOx!^VcLY&HxMCS#1^$?&L*$0O^fyoD`b~#XO#XqV|k63792R!BMAm_4W z!do>)miOYc!~pk~f7d3WkAjRGmY2fqkgwyun+FD<@OfbbVk3afY1-#C-HXcajUW|l zojHNDJ+%TBLB`gp@H2oiS%`DfWToBD`pCE{pi7{TXtBw~Ws?g4Uv)^kAybZ-08OIt z!+KHMr$9E9qnv(^vma|${-)VANGKbwT16}jU4(ViM*266tg`^@ zs5z}IGXW0My|)Sm82iM2j#iQ~Y8Hy3&tM7teZ_L&lbx0s`zM|h5KFV;*y_X|;`(;E z<_g|0@1gVE?&OpULdD)1b>@=?074wCMcSDu8DNkj5n0`GIrq!^>A|H57-vxKwgwom zi)dd3?~l74M+_>U4ycQ+>yaEreHeH5XTyu{I_3FJ#FYBlKI~Gev!iVT{Zu2ys7ch0qlF-uq2{kQu zdq;IksR=k#YeCsVkzK=3Rmr2@_aF;@(PV?XndYI>-nODC4>5u>fy{ zB~q>huOj$W9~#hz3^0p1lNnNhR0hB!1ri1>87JwaF)slAlWB$LX6($~7n5pDewHn2 zuauG)bq)Z+-7fh2aDF;e%#FdAU}EZKv*Bx@^4A3TACr2o*-T@!Vn&GZPvpn_UUg8( z=Zrysi4g3#JEovsK9xEHsI|+41K^M3GZfI;H#avmvLA{^N*teDFfS>yJXz}=YTAC0Bmu*2POaoB$!3$;Dbv-G%mY>})10a`Q{oIO z=uyl+p0OP_$PWoD6Cl(3&mPc!$@S-GI?ZPHA91Q`cGg=!ng=n;ZWjC*l!4 z7gNYhiJen1zj6vn=GSHu#$RER|7O9EiV))YK@mC`lLNe$XtF{j&2Q6GFy*|vT`zD{ zD|8R1>_$Y~8zCO?%wPM$4@?UAPpPx0<-g;;n)pKT)gnZ#92hhhpLq z8*D$w7B;9n0WvU~;~Rr!t@?0N!52MF*vQ{*O7$hDSNX$bnsxSPEI3Oi0Mg#Xj2kG`CSC=G)K{U7dMDN6r<(422T&LP*U+u_ zs9wxD%_udiosq1gj|A>fxgxAar*m(Vl_MS5lmbd(IoL}HaFnlm0VaEcKyF$6ZMwwS z{TVSka^a{%*>}2esT{E^J!VNxB!*U{xXtbDCVR8iJRiA-nbb`daxdV4ts;Y;qlM%E_;LgKA<=hA=^CKW!yeKBdvNFL)!-(pRnS=GdnHvi zNks!iYD{jxM80kQ;+-d{I3auc0Y&+}Ffos#?UKY`-b5oBFy%QnQCg}{BgweYYJn|x z0U}!Gx&)LlQ4ou#xIGTyIh7eWzpjFspUZY|0~W4}j^sf@?(b^_H>0<4V5u;VNhCrg zpQi2S(+u>>sWxMe?oOl<*KsCHlQa4YgCEUv<#Iev88d*ylX93V3d>dTv1TbGd0F%6 zopb`ZvSi$wl@;KOhlQX}DbqcC{{4?=#UI{gN#8?LI2aeivZ~F0VzbDa0$y;ML4~G_ z{$m45Z}f{_c(E~o#%eoD!TX=F1pHsS5oMA;^V>koHRO%cM&l-c#V9m|+n62y4u<>I zsmne>kDjYHpXGM8#aOB`+^4E1T+(iyncolyT}ih=37vOj1QDt;MXH*Uj>PGb&$m`r z>jcm*lFkbRLT`D(%IAP(cEMVH$544~=!&T9B z`>3*H8tGxAag7RtXz2>OI~8T=3Q7aktC<)$PeIWKLWzDzD@>>p0houcKS$CZ4wu~elMAuTT>-S4Z~j9FL!XMPgcdMlCxB)-=*Fpi@kG^ z6js!Haw~G9D8>kKu_nV3(~{cMc8n`D??Gp$^w#qXIyo($aX4im;pi>m?POd znh6(G`%{TLzm84h5_xKnV_>463ZLQmf&Lm|;Y9mpAZg&jD)`qrT>aLZWCtP$9LQVo zzXdv$WMnWi4ZPKFPBqtKBPcsf{t}M>L0icCXXLN((0TtBT?vuJJriM#Lj>NIzo8b4 zK)|ZacM$m3xc8Z#6cF)Afjqzb{rh?#aPrSy&Yzu5z9NLtTeWCB}Y4l(cs(qG#N*ai9tH6ZqH4W`-z7Td}E^Kle#qXa~> zD2h)1pWFohm-OLRa=-pIyl;=J{ipAWSSNtB|4-0^uaG$Ccp|2b<769zIh&`J;dGRt z6dRUguW>Au9}yM!m;ZeRXMl}}7t6D^K58L5&)PB8Nx^NmCguTT?;QXMXi}kW^I)q( zAYG?2kwGi}Ylhfgel6sT74j-zlveDF?beau$6%F!+E#;6fJd3#l5|i5hgH&2Mt|+G zRHB5~UYN8m-QST)Aea##Rl-MpFUuAg6;2I`m(G0In;#@O<^ht7z>mcmf6v%JX>9XZ zhK3UJe^bvhxK6~<6y9NbI+g0?xw=j;^_BB%#d=v~<%qeXWu~@Blw69h$VX!u-OQv) z1eU~*3FnmNq}`)PWq#o4iu?@-Guxps!{OX{$gXaq<8BXv1QJ;#CeqGTBY-^wzOS@h z?Noedjpx_ve6cPBY|%xq)LY!^7&NMLMH0)ham@Rp1?NeFNzK|0=LdTrbp;QTcW_$V z#^y5JX=lGpQ_m*ey~(5cxQj?hcfS@Y#ZaHatcE-PX0eXUi2#dhzqH2kc%=iUbz|B4 zuI#X~>m>&ewIb`OA|v`KBTAhExs`^_m$N2X)8#r=?Y=OVfJxcR>EL3Zy4p zb|K*S5nh36eUkrp0nAPm6**Ztju{Q%(NWp}`{YQGPe3g0Jj{PJ1Drl&23*$wj`{<* z44Pk+HJ~RpK+jQ$lZlT+s7T}Me&oLUP~tU{1->ZA)NFEDuDKuNsF5znH1o4yA&fP0 zOvnBMwxITHr$~`dv+Id?JyoIC7OA@So~dO*j_>4Wr1PVg{6dx}0wKHkS1Vk$34A!# z$o6mS76;kkjMYr7*PTwVq@KsZ^FTCn;D9?sVrU!PVJ=Clxn6}lk@ldCgc_o>;Xu>PUa7VWTIRI}Ww`jni}9mRA>er!5S^3crSdZ?ns?^dlc z+ZbTw{(BVM?|m2eQVZ`xS+esyG5Gw~lcqife9Px8$6q!RTwEqz^J|S3rJC~`V7d^Z z)SHnU@WFnCcH>@?V|D)YD-)c7O8>Tg3CyDR{*u*1ZONyU3qUC2ypt6?CvbOQ2xJ-8 zF{oFzCkSO31CYfJyY-%i9xq_70AtH>bx_NG+qjG-;h(ED9RZMo1v~TemKGq>X{tb; zbRJ05J_LgGA1CX*cRJRAC*x#aMaYYQ)bQXplt)0$YF#jid*4G55%in{=<#FJS$nej zjIp~=I(+Qba3Yo;IATl3bg|va-FHs9{ zLXc{UyHi`yOvx434yR8ad2lk^Zm~*981XyffmhRC9QP*rAIbqkyl#U#pW9uUX~rTi zo~>lVG|8M97*Ajd9`pCTg=v&`2f(mLyemwz)+hTJ{osbXQ>ZcF648PBVOK@lqj`(_ z1?ynWOU{coBtG|ccyT_!!EW`QD%5ULh8oR}eq+B=-t|IL;-*Q>$MYk1<=vnGALB3J z1efkQJLvH$zysM`E;tN#^Qfd)CB>9BJUDlsYMl?N|0>e%F8*PmWa)7oyqj}WGfN?< ze)w=zgNrU`nMyJ_{`n>G=U=VFgx<-rJWnE8k7vVE*K-zSn*r$RkNFq=m9y_Ypxh}h zvSLJYb8~E`tX+I<*FHWNSM`WqEMu-m|G;zTSkkD%YjN=tTeS^h$FUDy1z*q4M1}8O z@qem;yf#LY6C4D4QumoGds)u;{<0jMeo8F+{*(Y_-Ra_JIFYcxrB6)JYs)H2VHy0k zz&ujSX7Rbi|MB3b(r~3yIG$EKIj3fP>K8Z>t`oP1ZZgXa^jSJk5HS>;6bNN!w>Rga zLIn_0Gm{Lr&r+X?s)$*QLa>v~&o@*?h-gy?Y>@gTA_<_X02A*QT2AK~?t5>VSgx~L z0nLHj_Y43Lle48;-1w9$1*#Aa$IZv!N_SXlc4LH-16=@T@o;Q@Y;v~Z1#mb~?CqSq z_z`6j<;y!r+dOd0-rm6J?S4hm%iS(vQJV1$kHOR#;MF(;{!$H~btzj6GGa6aSm}nn zQBD_F!2=0zd8q};xOOG7+`S)fw)11O61u~souZsj;r%{P90Pz*y>J5XV;*I8v}98u z86V{BDI31A+MOtGCa3)=r#5UfN}N}(>X+rNs|bV?xA%agT>Cp{ioeHd5Z(g$fZlUe zC~}8VqT-Q1lndX+j3`9LkAzChGZD(i50Zr#rg-l+GL^`Vcv^}J1y-bBRCt*#x3*x% z?xDLvl@)})r-*FOe1VZ=li&IiI2{e5>tqxCnd$=l_6lM%2pgOI7;_qLCNl!erw~<0 z5}xWX&J&Qdt+Om;l?C7ZYkZ1P*PsT{_-ilSzId|-|5}URBWloVg~WnyN1|l8rb)%3 zCC|#fy>;rooEJC{B1z3nWnSOIg6A5(r0y(AmEBd>J^t-2_wYs>sgHf|B=0Vz*7d+I z@MqnRPqKt2f+t^9<{RQwAeD7x8SK4N3_6zV&I=vIY&M^rE|-3N6FmODIT<2ATXgO= zX)%M#iB{Km=U7K4o2njQ7!5XWITjK=?0Kjl1~(gtX5Sjz+*{D?RayjwsLj z*zjww4FEjXl!504UV+zS=Wj0$E%rROHgWh->r^ocnEZe+y?Nq#Yhz>xCIN4ffLl)&Z@eRPl{W9x$uh`y*rm zjZiH+rR3tRfFKXHVO|Iy=UO4NDnn^bqiGee^-B35WaSr_-Fme&Az?~R|8TK0+SPLF z^{7IAq8TDdT+GuUtKH^-rU}jG&Tp7r8Ulb$gSHZj08DF!J&JLNcANf#z(vzn)5%Y< z-VlHhiphX`HJQ@~sza{;vfn3UcCN}{sKi-nkvl0SeYk*aOgh;a(pnw*91ToC$L9-T zqrE1n1$L{s39I-@Wv%?y=xj#l(T8qk9 z9#n)j=`H?+AJcVp;1_a$Ut9k)dUbQV#msT;jD;Ni!=~D={$FT(Uz%{>I$7+BIZ+_V%-Q*pq*Mfb38TKS_%I0D8Wrgta64-gwGnMB+HPz8h z&}B&l`|0K2&2IqWJl&h9!|{INP6ao=^1RoH9RZ)lwMF_AcW1(uPh| zx?)p{Tte>&ldis|IGi(~N3G#at&$I#Htq~WDtFy04AR=4DoYO@v9Wj^LG7mWyrf5- z!pmHnLN)_2$gD4X1OV|2nz{fhzCNv7v%ryXnL{Pf3htOww%ePa(Xks(O4Yi`;N~oz zHVK+dmIvsOixLkL$&%$;Q_XG;Kj_l-atS}?Zf@gw5pRwv>z<0qknMjY2@e=SK$1>S z!qwpLQk})Q^cN;mLfUaDSoRlLU>BlLGLgc3$r|J*sa2+)^RTM>fw*M(`yBp*^?kc? z?Q+7{o{I|m4nD2B@RCgA_5M|nA2Y*w0I-YNm2O{#)VY`B_YwhT^I0?VG;{2=nLZo% z!R?)Si`iSoP*K#`^mbh+&j-F`LD@-E$5c=IC22TMEZ+{!G-_SXu+1R z=Du3AK#PVL)?~U*(Q(>XIXOc%YO3<5b&b*dz25hDo4of&tmbx!s{N95`2)Ts8jTqH zF@NP0Mwp*ExjDTK7X7oFb=08u_2^2>6P|QOT_Gu|^-%M!gx2Y%+R<#vFM+3@1iE9x zEo!d=rM~P9^JmCH42^ z77inbrIcHBHOG@6NV%a|eIk+~(d;paFA8}(VYeseCVQ0{vI(qXcyqbK21ML8^p4ML z$YNmN*apfWEh69{z|YixJ#Jbk%aGuADBA-E+W@IGf#uk`KquZ-=w(wJf=F8lfC`Vd zKHgef70cz6xROg|yFQy+YaQNX_+LVPXmtGQe!f zM#F|q3+yaabZi1E*~A4p+w}q7vC`K#zBJ^vX`vJlIh#URVW`yGBA@S%!CSh;(b+Jp z;sVn21Lr(;Yd;M%Wa`byyhX$N>V#X6;k7rno`c=Fl6&z#ybCd52b+=p*3mX|f6Nt8 zZF$4zw0ZsXqNJU}Ar%*4wMX-zZZLc}sMCo3%J$HIZQ5>J6uo*j=csyiSilBF58o

BwSV%!vcu+-I0~qSpdv{sffL7yK_GRM6>3TU*_Bslfj^mFept=a73-1H zsg=xeXoQhEzB$H_1x+uAvY)cbIwu7S^>)8=V>k~%4Js(+!>Zp?{(>^*x?6`4{qsA) zzDxog_X(}=oAI+9HmpKstOTVc)Sw}{dv?t6Ku?HwCra zp1g)lkq|mde$`X9T*~9jI@m(OW&2%A9i-`1#}&n6N^m^t8|8g#5S>9lIYwH zlb~^6FLaq@$;PQ@d|9$w@-T6W+!~2OtlneuYK%JzB5nPVaL|}uyN)M0iEI9$OhaM9 zC7jQAbCC1LoaA|JQAc|tZlwku>OI4Qahfa-MC4b|C4}!<292OG7e(N9hH^_)F2y{) zqPgePeELmdo`?+R?qcufNPO!Cc8mFZgd@_qOs%47*|tZXRATzR8tZNuttQ7522xG| zj399XcE^>cwo!@?_9fG`;-o%`j-JQq$vlp(7<-Lmjyu^;-Z+R$pUT40__WG)u{&Ho z>#X>FRh!a!$nls9)AI(KxkT8XaZ<$rRI>78sAqIbF&Wf0;}FoH`>MWQ0O-dBPx#2=B7HTkFbUkrYjbjv zP2%B=LnVr01>8lkjf9c=pySaV*Io8rA#$6>2Ga?7V})MjtOCsuQIxyF^11vGW#Xir zcg%I}^S~T^q-s4rC>QP?IJ~Ibu<JmDL~V+9PA5h=I8RBxA4WGU0z~p;-Yj?QrLfz+ z0K;gp^Uu^y^+`R2)Z98u$Fw=HDRjv&MY}Mjq^_e)hHu)wuhcVSAsx;6w$ zXSQ~W$drJsjb;5=hY&@=0b%Sc@-&X-_p-0gD5PKG(5>h^HmZ;_oc%hINiKzD>^6)ouCZ ze7ddFI`|<;`tmk9NHwpkE%q~G4)UY?zjzi;2if_Dra{QBjp?*cY{ka`Nvd;_OcmgA zN!4m={>R7`Myqa|UyRXla0+I>dw<*|$ixqp)b0ZKmvrwPCcD$oz`(?=l2lmc{wpRu zCz4GT<(Uwk2y+D`hVY@c!o_E|H{q+>Qy0^+G<<2Co<5~l1Sb=8RRl;ES)4qo+e%y& zJhk5n@*LjRe;K}tNT8V~k1>Ng_ZR`;+&)m<5~|ml#-gZ1;=q^tQMqxk7rtVUM?)0Ijt*U5qc?9wlzPqUW){8=Ctf|FtOXWCU+QiSlo8N>SNh@V z<2+?3KiA2*Tsb8#h{Ht{4wp!BcydP`{NjvG9{h#ok|A+%PCWd1&^JR(zCzI4imo`x z>3>Ng912;JQ5(UjXNt9FV&*+#n4!+_-~=h593StfkD&-OuD(2;p&@;J2b5!-L7E$n zaRU3z1pN`lp-X9?@qKCxt8A|gyDGpk`H%ToN~o<(%$sJ_X*$G*Z+v0Lwau)ItV|Hv zbUv_E8N7rgp9y@!*b(#CPUaBGT)x9V0J@aR{F3fHXft$DP@zo*_9LcZYx=lB&?tP% zSTO{nwm;#?$F8n$#XnM0p+F{{!Qjw2EANcNqjT?^k0U=sc})f_j*zUB$XJ+ivxX7h zHpUE-#OAbcYqC`3H{sq@Hx}4iumUGZNE1=IjPe>#Q3t9n$-FSxFb^!+5dK#Z>K|ye z-v*Lt7IDx}FLrkS_N@(aP!HX?s*+i4a&)IAyFxj4%B=M_lLqs#%nk=y$wZVe*_SiJ zTL{B%GHrWiJBrIY40!zM0cb6oTzM>JmX?4>rw>f?oXPU!VDnVaGf>SRkH# zC5;trM2RT?r0x6_+t&v8ta{g(f6zLy0G|~r1|?MgO32v(eAfD!KFwe61A{0A@L3XA ztMC5){ZA@@&k7Gt|I1wg@(e>7AmpS2hyU??5&vyaf7S3|r&04++*;=LT~?Vi1;sxSV}S(K z-$(oMhkqj`DS<@S6gF0@zjg{npEWcQwe@l0Zz;Y)V?a0lzpnV7NFN^FO`j)8CuaU1 z<-KK8R$JdUs;Hzi0)imjB@)uz-Q67*AV>>Hr!*)a-Q8W%B_Q1(N_Tg>^V;{```+8< zIb)n}XN>du$>CV8b*))z&R_i{;?fy@8$vV~-s^$ub9}99btJnZuctT(8gl;7*BZyu z$v%JdyTBIcN9@q^zqGo%>Zzi~q@%ZdWid+Tet&zu3(!01U{_Eg-Wrr4t_HM9*8dYT zwlh*`$0L_1H&rB*PT-*tg>y6+L(8$B)vjG@Udf=TYEelKc0sAycu(y*Yk}B5|h;_Kouz=a8F)iN~e{3^HVAp{%wXE3yCB~_~fpD4dnRqcvb ztV`ADzkmlKe=={Afp`<+W)fP~{kuTO)e{``<-}3?k_yv3?j*Op%QI&tmBJrE9gxxG z1<0nFo>&S)`tU%@?V_okmylqO{rA?#7|%Qpg|o2d6+Y93?%oW?>WH$)K*>Yt4WQc@P};-<=W%ijsEqoxq<#(0{d%_+(iQS7-H`k4;+NBy47)#X zkGm4~t~m30s2cVez$5Te_(1`I1+V*Cr;`z}x%5E7t=W)+Ga+($mT9QC6OPa&Eg8sf zpn)@S8f`2GRlr0$!?oX}Wa_Fq9>&J=3(M-=^=^EOUI@|GA8s;S`!EB=Dszd=H__Ga z_dN<7jZu?aXUJ>Zj$%VJPmAc(NJvJ9IPZp@qx`RBLonF$2DriYypqV`X{wmv539wp#C781YVnkXQwyx0vWICyGExKdH z_jy$_rm7x|5UD8NnF6Axj;C1&lXm=kh2v%EtCM*)r?R|l_S>vgCVY3w1x*s#PLC^O zghRBc1H}4KxH+J_*av>Y$AFTtkov?>4H{-_{CP~Z^$e6gGw*rf5C+8*J!I+F!+jn+ zu88^yq@wyz&ImK4;2xlfM&K=M;Jd&M#2nPuYP3?SdJ6(wpe)i1zz~dfXRDD2)Dqc& zJj=`?y7bc-RLb1_5x=z7!^l?sqFbwm8(sjyVxC6ZKQERF-xTAjTJP$hb#U^!#;rY7 zwcbOl&})%HHTyJPAv8&;Igz!=HE(sISj*Z=_oHTw)18mu90?!Yt!WXx+bXNp;evB~ z>&%+!@z-0rTGPRwflmlQO^jCK&?T1+Rk>tCl^RRiYIj15>V`dtf1%o3Rp_-waR*BI zEZmM7-9r1+QdM@Uht0>pMci1U^g%*bF}sxVcr9n8!Vy=wxs%S8c%@>?a+ZWEVtkRT z5^^Y%Jfg{Z2IQ=?PBlQ!Iq9Ee@yn{T*%T2u>6KByHk$6c5s~z6&EuCZU4A@N>S%R2 zG~Ax8EdhRv@nQb?m!&6 z8_u-{A1tot4HdwGqIN)FXz8g`KJ^3%`?GMK=uV+p>0W#PxNDJiz5T`;|K9D-(#jLzhVJSz1_Yj2zLN|01^yTO6$1somg45`Vn55;%9dd zBi{@px@?A>@U>nO1u7-U@~vd?%?IsBIj)l+73!_QnWYhy+fofg3x|ysy#drStK*Hp zaR=N@&ar)s?b2eb?sCbMJCKpjH=rK*qyRDTUhGlgWT6@(nRT_oZ3Z5zaVvkS!548vc(WOONwn_4D**rGBhWZtf;sH#3* zn<;3e45-k4ZIn}dv+O>A+UeR{IczToxr>pj|30zC$lch|i=^0JnBQur#bXs;oOqEt zVfFI5f$s9iDrsV$xo~0KWp3qyw}$OAcKN~Ph`^hjm4hPdA>WAUjCD~hUwylDOFPDq z`GJ`!ZHxNa1p`*6#gT${=C(+Lo}HHat)(;fl`&txywvvP>>3&DQJVksKV0taU~Lg3iDHJ<-#7Oh(7{^mFW zD#GW*KX(J-_j(Q`r~-Oh9xC@g14~zw*SGgBJ$d=QK;iT9q90S!T?;oVz@@|S@7{roJ6&#NUg`aAy_zPH*o zGz;tDBiLyWF|>b0I-AqB?|FOWfApEjK+s&bc2tTENQ@_dwSr@+X5+nOsPSvxI5|h@ zItj9&WUi?=4TD>ZV#~}ET`MthTq*g2(o+z&^hV%X=SQ59m&6%3h}0cu`d>;mNlJGY z8eP;&U3(4|J)bo1{h?1j6|U;h15WfJIMWUO$JUn@OPE7$L%Yrz6T8k8TU?NruLqmv z_Nz2`B5JP8QVmpUEzMY+W@hl7EOzu>Cb|mbS$E*WY7{r0S4e8H)HHarS8T~9ThFZP z)is^E4vzOx7;HffuU~2ye61Tw53G|Zq_{DOo2_!vov@sHS2k$d06>hJbKTW3lUXaa zP;nh8KVuG$On?TkK){F0@#8$9`_A&(i;a_`7naJ>rN=%|w5)5Ey%W6!#N*=0oYsi+ zBjO3dIot@#v?&%zqlKBEwiac>C5ojnkeCxWz~^~H%0JzIa0h6apHFD(40frDxD4QZBk6tj<5QM)3+%4C`xf+&1L{UX}~uS4)LF1Mhyk=?37+^WyQ$ad(enDZ`eBiP>HE!VP~I$MR{Rv_T{bUH;35O@P2^}a~rgh ztz!FQ(|EPgmSRNM3ykv1%+%UvOP)r^r7zH4=&tB|l&)pNg;&>MYO~y#sh=*HrvdtO zw3-(-j_w5b@H0d#tOxwE`(AM}jW;3sx@(Z{oSnIqc>WbpK?x^=jbU|UbQhD=m#dfP2f->^Kt)GaLQZ^!u_OwMr1EeSkd zCaRFpAN^GC9j{I{8OSnq_H_613uPL*vn$y|KwfcV-=j1q5en1~qI;w=>3M*c+5JQWnXSsl zk2^=wr78sq{ExG=^U?$ZuZ+59|<( z0-uU6x$?SQU^`nkYfe}rJPABc`|aYHDzBPeW_X5-ZVe~-WppOZG9fgHAFrR!#VuVN z{<`fs)s0i*R=NlDxu?Bu-@&g$I0sA>*uhifi@n#w+(seYk?V@-#TYI4vj9oe*vH~f zDbN^dxNua=xb*(4h2|H_*5Hw)Vp-AUc6ov9ZxwPC$YC&sbJNlbd0o;#q5jP*dSY{~ zr@(o!!`{bp!-q1Zir?m%tfud6&+H0sGh|f{Q+haE`*@hF&|O*Kq7tRRVWUme;e5e* zbJ`ZtHGE&GAAh(BH9_MKf1okD0aI@*w^(YAQ0SM$((N8B&?(ZxT8wfvVh??V)2! z&72LFJJ`tV0zV7As)m0G%~R=XQkmVLHG{yU_$#%GM9!c^ti1wP>BSR`WQJ-r%^bbs zFfs~{>+BH^C{iN_vn94sPI$$&5}9!zJR$t(dtwi6v0hZ_%f>m}-3#+M!;ui@qRwLO z?B$#zF{}NXSC&BXW`a|jQN2WQnE%jaLdbVFq-kR`JM>t(z&7W*7LTNaU|oiW0TJ{1 z;(Z#ur%4!Vi+ik!#T1(j`tkNudOSCr^jUtO-xCTidWgde+_%x_DdJqx_HRHTxMbW;r{We zPmAgOg&mG6wkM6_2FuSn#V$CpmOs}_9tCDP6}?uMSxKx z$nZPlq{0h^RPp->>X;-_LJJHw9Gsa~FBt?9X#4pJZcKEWGkga!Yw5XF@`D`t8i}^N zDrrdkECIa>u@ZhZTd$ZvUgaqm+>IX4PvU6khc)5;jy$vPmI}poF+rpJackn&X3AFb z5=gLHQ9}3~SfZt@WXdQrV1#eA8+Qzl92Rm!BL4ccSuXBY6g*3FS~?zJk*#_EUZ+?t zJ)a*V7B6-xEm1FtgnKFEz;huwTcCIIS3A z-yKrGQoBLXI6#`Nz~nC&4=NMQK4yTIHlw4 zXoAGIk3jk5$C{&6s%q+@S*nM2)~8vXV$0HA2IOygAl8l{Va?XEybPQ?ri=B`uPpam zL{3B*-rpi?-Ca_a%#RIm^EA!I;}?ws>C?=+*xo%jrs-5W)cGSpgm z#`GL~(AU~gbu}$sHaE>S5Nh-_oaQN-I!;EYE~_S1s^M)fwYEwz2*icNv3by}OOt^kWsKVr^UIF&0#lW>mZ5MXKFP?V5|^ z85MEHIyG{Cc5NflZ(8RpL0OxY`n=ZV@;HP$@&1KF6~wbgr_HjQOPD^oDRP1fP#&je1zL+njOIEEQn?WW^$RItaadpu4kuCIa>S|ct;VxnZm z5x*Hlc{tmozBvkU_wFR~afwrGpHyrZB2G}MqJ1k_6192x#TDvtuq0%&3HS~+ zc0!D$TlF`+$A8@cRM$4r{9o|@3k!k6d#^4G#)o8-!Nsed0uI7Hb>r#Z5*Z%AC;$*Q z)6jtQe}J{XjvodhFMoS95n3DoWofY4{s)Rl2Vlql+a3`4(n?IjCY9AnRl`(F_xGj( z3iH^|NbAL>OVJ{d+}~{?59L5&?blYB%ee28u_IAv|LQm}lL3fsy6%`e`P*F;0UG?j zWCMV@X@15|y3UpWFZ(ATOk@JO<^OlL@B71SbTvRWFr3vdkMplLegN|<_^Xo8;QRVLcjoue#fn^4Z#K zm5!S`#aKJ31|E7oEycqEZlH_!7v~a;aq(W-fa-rkdtVs}OG-1=uSCZ-Cr~Fx{?mn_ zA*VkP_PoaO>Ssq^u&xs2d=@ z$u1tc{~O|)h+G2&eDPUe%b_t0={mHkMP&!W=>!J0*o?Z?KzWNW*FIN4lx9_BK9W(V zL2mEy(^S5FNVs2K5PP-39XJihnQ5nBOxpU)eYH2t@J@rz-bVstg%yvd`NtxeHFghh<)ii zDnSVe8nZ3qUjLTx%abwpi+u= z2NRc^ORMjXS|{Ii7S{ko%DO*|IQ^H4Qp=wS7nkwY9bf2AZBGNJQR};j~q1KSw zbv}Fs7LxA#nAsbE+BM)00>FSTM&25#OGX!a@zxJg(MOTqv_j7TB-qJcqc)-g<=WLr z4guPUNU**nj`r~d$EfLWijKAL3Dh$H+JDZb<fzR0qFp}< zbjPMuXqR%8?lv#SUw_^!Ua&{$h| z9!At8+TIM@M6w_q{?wA>?fG_TtLE+1>D1h(URY#%5EqZHny;8`7{~`SuHmJAS+K%D zEBnG~x-8vDbLT7b9onvT;0ya8d^&i(34rdKErDTpk%M@vJEdZ%vvdx12-i#-BC+eU z*!|$=0=@>Q&xbs|m2NHuDue@iakH@xp&3L_;Z!C34d^^*K*7v(xlys@M8O{&^|4(> zr`LjdXyPmm2eJ!J4pc6uH8;b2kQtm*&7>*aN}z;p7-V&xUQ9&6xAZ#Sg(M|A6{y&Z zPQM(o;y~+VL#NL2tBLQxDJ+sL2abEKWKPF^nnvb9F+wzi2H*u9gocqr6Bv>|{REMf zRpe6fpSdZKu<78FkHOKY77EQmH9?%67)>_fq3!N}z!j!~3*Km)H?dU5oP&IeCY?l)hCP6U&p|bmwgt_g-5@#1@~cXeK`oxc^b9sV5f*+GP8{CK6pIiXbQkfPPN@x5-pjuW{cVQM@_>3*kjXm+mU^8xXdy z%^B?9`+d+5PVAB>;u~;6t#anz=)8-femtJUnS=Oz0hlV1ryGD@U9s0MY^FUl>LW^=^q{F2%sEBV%A zIWiZfb8g$kGP*f-F=h&L$`RsYhSJLh?Z0{=YUk&*)dG8sI{0X<)t7l2RFBX^0#5sm z&jH@tu-yzeISyjFwzxbAm+S9(2#g4ht~2fQy3ffHSDK^QCz6JiGDMK>N16*_h#pdT zE7seu8eU^urr8<0MgiXT=CtYS6@zRdOCNBq32!epH{vS?#jnfp-L9zbH60HzJXT8? z6sC{bH!Er)O961@o@YdPc)s{tm!_b0`s9^|{~x&`M<{E7{&J9_GqNV_ra+LFMd&R& zCsWh5W z7i2RV5?it}wzId0sq7-V=e9RJuO zkpq<%3z&sk_a7#C3{zRzU0KwuzLwM4^*ArLc*Njv%;Mm)kqI#DDvq{SZC$9@fb1af zJDQw+3paKxk(+D-MaqkP1TL>UA}Td%k!!n_Oea}_te-_SY{2(@SM%y<9pR>6?Z$|K z7CAsVRSuL#E@m&5rY+CxiF>#4z0I}fhSxt{99K9|IJF5Tku*jon)SSO?euu7GA^`(8 z<$p|paYq>i%{}5mt!kl#N+SoZf#LCVMoYpZGIIQ*;*^R(V?($bMPZ3j-KM4#TCLR- z!+VGJ{Z$dwH&!f+nf>$%47S-VF(Vh-Yo&J3G7hu;m{xmPb^V!%L2)OyVV?s1S_Ex6 zy40F}v7hmJl%6gGz2H`;XQ3h;Zt^T#WD|A&IXp=Fm`MID0@x?U_nf8Dip`XQQy3OB0^YhJ`z=qZ^a9U8kTbLn+df5W{@hxf$03pR zB`=+NpCcFW{m4#UR7k-nyqSs*zouWFFNE`5Q>mS6LmXgVjdMT0Cee(oPbeW;FXQM1j1GFO^Jw7+XH0PYJV=vvuwEGLl2ul< zSp2rN)BK6m>xaNVA$lXo$fS~4G_DL9CpQcS9E`%mK>=}`{ISC>SsfJToqBMEQqxZ3 zL8&146O?{&BK5NDG@60xnMJ4Gi?x6a7sHNBih!+U9cgoFB2sRYkS&G)?~Ouw3Nz~t z##@Z%7#@~otT5Cgxpw>uxMUb)6f056365h5(_fnO8W8dg;w}8-9O$q}NKqHSwqtK? zU&5H?Mj@pam`}$RUc74>qDMV`*F^-$Tx-8}m&EQ(UFMcUaAED`4*Mz-BbV{yWx`Z9(6cNcK zj#(Cw{Fk=`VHJ||Ex$7Job9SdjRkvW5?R+jRf@#5|`EhcX9TXebrWYnLokd|KpLv@l&v)nu*)*jg*R$`|U}Zl>_se0)O}U3jXR1(>Gn zJ?(aLP#Pyx;Ubu*>9oxXDPR{T<}-pmOD3^a%?1(}IHbOx-P)-SJeD4Ey+AK?mu4I& zR2jRS*nC?hQ@>)ER6Ag!nh6XBP-`Zz5vMz3UE>$G(;(^bQ^wbgA5)nmR2UX+`9xy* z+cUAg1L-v=tg4*ZoZnm86gwDV;7@V_WCTT*aS#2nI-#`fdQ80h$Hl*J-XmtJs0W_qD}2I{Vn<(17kSrIE4wHJQN#0}?+c|tr&hWoU!1Lh zZ1WaAy?aa6fM8CTEgWaVAerl6Zh*^|DjT|OzL$0M9a)e9Jv&Oo)pR03RXyLY%7&p~ z#Jp3Hm}?QgP(j51w*PqLSpIpe?xhQCzZQw6mu8wMY19$PRh(!w-@Ni2Hac+zM&z=? zYjU5aAZ1M*+X*p3V}w4JDd8#Qo`9qlzN0s;wE0gl3XTY+w6EyeZ)xBA*Gcl#}FSyaw!C zh*TQOZjNQPnfrE2fu~?y{!;px#H03*X@yo%Uq`o6@4<*i3i-EqbPv=E{$^kB80q;F z+Hwk`dV$u0z7L+JZK>5Os)Y|8yzG+@7EmUYjtJPzkjGKX=HF{0ZXK0T*?SyR>})l4 zm`3nU@UnG=5_R3jw4zJ z%b%tCPdwr_Cg$@a)j$bys^2wv`K#5qf+=q88?kax1aY)^We>zBJ`!3`4l z8H$urc~vuWwh@Vy_gvV$zxX$ z;>8-sl&C6Tv8uKT&#Nr>+q9aPH@GnOuQ!i_-pAR+Pigp4ZW?2pA5Dg+TsSHbyrW-9 zR{5NOYP%r6E5Z3Hvj{AJZ(;Ill6Y|zQf~y`c_v+5~8*(hA9zHx9!)Pi(^~lQQCawjcL<>YR)u&u23a+e*f+jkC6S( zdK~r4uXAddMrCV$!p8azdhQ+eR+BY&1R+{a7pjJ_pvb9Yco{LI|yIi+QmS3cD+f ziKe;PrERNLGid~qtIqbzu`$#6xzRPa^u7clG97YXuP47IpLmI+{wFK!u1@;BjBd3t ziNAeb453H59jd=~!E%hmV~Z3)7csuL3@R+4<7+I2jBaf~3y`3Q;OhI17l9&9#vsO0 zc=cKI2jz}ZQN2y2%f*Pn%Djt6>uN9K-kfdT7N$M|Yh4VS zvIAGA425@=ziZPE2Yk}I&F*ZDQc2P^48bF}{*F}{L8W7ZE?I7tQ5wdyA-!mc&d}g< zJIVPzp~7dzw;xNgm_a=}LK_zK3_WX>TH!@8S5|UyvTh#C`vMVPtdgu@-LOuY!pA9c z>v{k`@?>Yq7!D2+UoGAby2uM>cI2(PkR?$aJ%6oAc$Ko@&Y-X+Go`phA17o`?Uv== zpKX=4|4!spH8I9lPk*C0wai`3Y87A3!wej7RJNFl5guxL1x;=yjkIjslq$N8$?4B4 zp1hU2v>{=;y*}-4eN0F{`XVjzrhkXXkTJ>u2I`E-Kx*gVrdAUbw|TJQw(J zRPhRLPKUWW))u{L2VLKW73)+@tHMq>93ivMZuLD$Cv)}gVXJkM(KnB3ZLEIABRV!>nGc#l{3TKYOy_|CN=NpFZhGl zjwQyfCfsq!32*fVAPyn^^*N4DFsZl+`yLa;O%Nll#`f^1Q28rcD$5P;#jq!ZK<( zgh$0R_%_SB%KTR)HSeO4OygQ+x%#lDg1_!^{nq?N63}@^mfEC zhF|8yJx#vAWog*_RJlit7S$3x!)}ZyxMkpqK?3+@5Zx!{l|53QdFr4`KYDpZC{eY| zPL2r|r_~xbstLx)XiDk{7$*Vbk&=zibxDxVELj~FD9O87J{Pr_yS`}N^ek{!yZDeH zoSl<#K}F$J1WG$GW}L~cpZGQ*N=>{FUC@(iFbmk9BC5U8PQ1NXFLQG9W}oG=xk;Y$MS9y|p|vj2j@eVZ4U~M34fILzG2eiN zpSUKUwQ$%cSmHN^^C1O29@KMho$`8wU@j~vqFh|ogg=3_}(1?C5dzs(yjTWLG)Z~Ga1 zXf2D@plMQg_DUp+OOA;hbATJhf|#s&E4O{9$?R3!zz;PP8FG4ypP2HWOWK840u>wv zSl|Tas$4z_iv5G@@%~0y=Cn+rbufxFd2xl$Txvg_Ck(yQtuZ9HPg$B|bUjMaZ8TPz zpO_>uGaKsV`ok{;m^_fDP=tuBSmbr}T(wqfDy(#8WeJIXf+O-yfj9w{n%*x9J9`9% z@!x6P@~_~Pt>(HvOn|nFt7;!Z;QYC|0Mg3pNPTxrp|r9+zdqbKVKDQ`>jKW z%F6%ZnY&9U*8w*9Z>a%@0f%PyuNFT3H#PhKMgm0WQ}~Da{$?!Ve?Z*l{I9VAePT2a z1V|&|!2NC;dmtFS|Jx%U!jnP6|FIZQ{s-ypN4E6)uRs$I0g?i0?HB*UU(w_@EJ-2YCJ|NK<6==X5{dU5FVp$6=Cmfc&Xe>cfPPzvA@<=?{}?7J1A2C3zr z`oB#KG=A|Tg1;u@U(Mp31?~~k-qrT|@B0wB!u3z3#~*L||GuGvr1U}Ha*fSGLtRhS z_K-gk2>mNtfj;Y3*T`Sbvet(I_f~_TUtEBu4FQu=;!^TqX(%>*1)w_Tq2VG4CrEV7y^sR2yVT-fv1lHYRahBSUk^dCGx=mo0EiCYz{ zSDOP$0Tc5?8mqRE+I?7m_g9v;|(NvL!5mbbU3{s3t2NO*wQ(O!~>Z6Oe z5#9rD1DoYI)%vOhu*htTL#d@^z(qI#I93b%o?Re|uTqlb=py3hT&LJC!jCCQOKtwB}u zz(6x38is37Uw`N!Z{j!q>ZSnbZ$)&k0SMwaJP8Hyms^m+@iQ+R`0&0xxL8-P4KqdZ)| zkX1JBH4FqGDnHE>)H6x9=wuXEEsLGla**Gs2J3NHG~l1bm&l2A=v-VEEeNWunsH zy$s732~Ny2`sr&FHYIH+ifQou!jLS@hhmW;4<#RY^TX6PPoX4j*2jqG)Pq9d{iJ>3|5l5#NNRjX(tiZV*zq47@o(=QDZ! zo-^L^osar&oesNj0zq6J)qdNGv!FRM>Vvw#I@wGOYDl=MSaFTn6HV2+iGth1*}gOC zxv9hO!c$Lw4}4_Jy!N~Bk!<|_-%O9cKn%Mn2lXJ=>p z=HzE!RR{#Hz=_Dht%-X~9|2^WRLltF!f8ah2N_Tw$jI?CB-1-0c`#*9KQMJ>in?BP zluNvKa&qcs8U%@e#5Dr-AfSgYgtx$O@ue@+HpxBdjZ0t?>k9mL9iTwTPmWdq8mAW* z(<9Pu^=v$P~DFc zmo$muw@7HYa35wTzLsvfA3QP?efi1d=5i2(3R2vK!^^D_wv~X1_=XRo^c5;@T`dx5 zT5Qgi__>O9I@)Q=nLxwY{xkZyb;IytmFJ*o#plBRYFZIYe)yl4q%0W2c*i?vuG4@S zzync!?RI_SpM;lPz{$T`;B|T|u7vg?U_UROd;2+WgF3DV@Ckc+du0}5Ib~2?O)4J< z7)KyuZ*#Z=-1|x`>iq}G1CYZO;S+G_?qZIs|N21>i1GAg0&6g|R<1}Cr|n`BmCIp# zj`b(tyg~pAS%||>US=fvWayi_ftxY?{d*)%kITmcG-9Ub`oKq1fA~capRC>+ z*~1&z2M1(_leF9SMUyWB!9j#iSlI|DSWhyfki|%*Oigx%cv?9Q2{MN5@wW!%D}$bJ zg7n&2cHL0H)#>gpGawBTr+}mtGV&6?{U>A;g1gR!{wCBK!cTor);vI zr>93pUPSFQoDAo^+Bg7O1=x5h5NGr{LoK3A6}Hpm0!<@G@-b;jG0@+z5XzcLV|*oQ zLW7Wb3Vg+8=JxWNHboxspF-7e(=u`f+1ovX->xYSb#32-cE%Zwv zDM0%O|FH-iv7abZfQeClcR z;nLXo;bLHDUmqO_hZ^_Vujl97x>|yzF^50AO@u#7eIcaE^5DiLHnN#KV6s_i@$icr zj_>nis2py-7+xCrCyVcWUzGuF7 zqEKxebD>PT7wj=!fEeU>K5SHq<@DGt_(NlUnTjM9xJY>^?j#pVw7hS$!W$nciViRq zL3Gndj5mMhnAn?LQ0*OSPJf8hmlt+&N34ojFDkNC@o9Pg=yP~A;Wlt34%}I8ikoE- z>@bF-k&DXb*9lKwg$0qlLi-tAl!t`FAl*ocT9J|Cnp`FnnIp{YcbnsJ=}U9sZRPD8 zU+-Qd25%PcM9hIMp`)lOFU%kj3BS6MNNoN2SPcFZ>LbZ=tToOV5##dpFsk(yX~q)D z?tPQGAmi&k%G4LlGv653-0X(YTV%vt%NI)(=du>u%E-P&n^h2A#qJ6$dfc}G;+aM91Z0&$J42>{|MHu#x{@SHUvvrV2yu3c~sWE)QCp}LN2I_V; z*#2=LDjHqswT&q4$BZ(>q(#x3X!-DRP3A$JV7Eq&ZN~fjC!9g2{+CE4Kg)dZ*TAnv zHdMs*WUy{mo4H1UczA-}pf$#q!N({PyA$sBH~- zsR^|Q{)u$Fedjp!fNdz;vzz$O&I7i=aM;1ucd{9}JTWl>!uGZ-D}tcsiuVw z6ee2@pbRufQYC=d^vsvtJ=L)SIbXumr@0vS5m}st(B%bIWjprIX~hq7{o#Q@u-_?$ z;=m~3lGnWlR_3?*aWW$BK7q8wC&n3hkKCOy9Z)a!^{5 zAsIHyV8>D(QxMJxF7^gb?!SdLKgL6UW0K{@zrMm4xc(20;jPfG)bizJ*LYM&4Th*( z=D`S-7Jy;6fAxg1A@{H0{O8lsUceys*>AWO{e6o+J}KVR;{3!M|NHeS&!V$(D4Jh~ zCRzSH0>CyF`v1yo5z+>~n_Cpm1fS(>2}bvAdU$wX?xyxg{CUBjTi!^1e|YGHj`U=k zM3&CODLl_OA%%Y}Lw{ZC9gM-Bls@v^a#dZ0C%VsMc40wB_9c(%f1dT%tv)=a;eP;$ z&moFe(oyj@J`%qJamzz7bn7(##?I{i8W?|l z4?a^pWO+XO^kcwhx}JWnhM@ROva_+F)DubUwgHmgUYbVcfh}3$Qz^XSFKh)2WT0>r zwu#$xT;VsnvU& zx%~cnsG=X>J*5wz5K4+`Jb@cj)e#?s52-EQ<>wVGCBx)q{r&nphKE&ZAx}kORNC<+ zBCJTrEP~$5KYwkyGD(|&?Rj%3#uLLo^4H7$(cupfl!G6nh*#l&=coqPN97l;!u8}N zcDwd?NUoO;4J{~$SKykuySvYX8ibEkHIo0g`Jwlbehx!6*@h(X#!9H;AqT-EUbQ;8 zpeAN#B7y`SSr?sQH0E@@gW1j9?wPI7Tu}`Z$SZ$h(m>M!t*!az^Pxu}s;CDr(d4|n zLz0HcEiElfKzIFyv0{FeH^4bNM=-iO=Cie>Wxp#qmynRGwv(fyNLN^|wS`46gPNf; zK0bcn`PBYDZwI||BnS}*{&!`frsw~(ky`Vtd<9BN0JW&Ymv7+H#d`D|N zKhGYV@K_fP8s6P7A5LX@?)Rb0{ak;VR{m^nL2Dsg{l9bUkKgMpA^CukV2FJY&fW)6 z#y?6K4o-)>IZ}d_Vi(tcWvAX((0+UE&Tgo}TiXn_71b%z&5PsJ=&*fskhn67Wkai% z?M({5aw**8Z}U;#9s~DX6RU7r5M?xzDhb!yd6iM5nI%57?;+}=;R@mm>Tl>@OqWyM zTm#-xPtDPP>89q@3dZ&LB5a}qge~w(Jj%`3Z#^rn{}hJfrM@g13br}F@M*Y0-HDD1 z33`-y*CQ^xcAq6=#IAtF#YL)_mW9cecW0mW%C@~|>P8RU{C-;$Za+OBvG3}SXR^K1 zCroOJT!}q@hw4Xvzk_stJIrt6nc-u9-;B)t`nTcu3sYZ~Y`MsVB$xf3^ND>>PDpMYKF`VN}^PX~+Jpg|sL}Z0a1oeIX4|*rTuK)l5 literal 0 HcmV?d00001 diff --git a/content/docs/capabilities/service-accounts.md b/content/docs/capabilities/service-accounts.md index b1b7e315b..34c23a617 100644 --- a/content/docs/capabilities/service-accounts.md +++ b/content/docs/capabilities/service-accounts.md @@ -1,4 +1,5 @@ --- +#cSpell:ignore etag title: Service Accounts lang: en-US keywords: @@ -12,36 +13,84 @@ keywords: ] --- -## Service Accounts +# Service Accounts Service accounts offer a protected and standardized method of authenticating machine-to-machine communication between services protected by Pomerium. -:::tip +:::enterprise -Before you begin, confirm you are in the correct Namespace. A service account can only be used in the Namespace it was created in, including its children Namespaces. +Service Accounts are a Pomerium Enterprise feature. The steps below show you how to create and use a Service Account in the Enterprise Console. See our [Pomerium Enterprise](/docs/deploy/enterprise) page for more information. ::: -1. From the main menu, select **Service Accounts** under **CONFIGURE**. Click the **+ ADD SERVICE ACCOUNT** button: +## Add a Service Account in the Enterprise Console - ![The Service Accounts page](./img/service-accounts/console-service-account.png) +Before you begin, confirm you are in the correct Namespace. You can only use a service account in the Namespace it was created in, including its children Namespaces. -1. Service accounts can be unique and exist only for Pomerium, or impersonate directory users from your IdP. +### Add a service account - Give the user a unique ID, or select an existing user to impersonate. Consider referencing the Namespace you're creating it under, for easier reference later. Optionally set an expiration date: +1. In the **Service Accounts** dashboard, select **+ ADD SERVICE ACCOUNT**: + + ![Adding a Service Account in the Global namespace in the Enterprise Console](./img/service-accounts/add-service-account.png) + +1. Give the service account a unique **User ID**, or select an existing user to impersonate. Consider referencing the Namespace you're creating it under, for easier reference later. Optionally, set an expiration date. ![Adding a unique service account](./img/service-accounts/create-service-account.png) The user ID set here corresponds to the `User` criteria when editing a policy. -1. After you click **Submit**, the modal presents the JSON web token (**JWT**) for the service account. Temporarily save it somewhere secure, as you will not be able to view it again: + :::info - ![Service Account Added](./img/service-accounts/service-account-jwt.png) + Service accounts can be unique and exist only for Pomerium, or impersonate directory users from your identity provider. + + See the following pages for more information: + + - [**Directory Sync**](/docs/capabilities/directory-sync) + - [**User Impersonation**](/docs/capabilities/impersonation) - This JWT must be added to your application configuration to enable direct communication. + ::: + +### Save the service account JWT + +1. After you select **Submit**, the modal presents the JSON web token (**JWT**) to authenticate the service account. Save it somewhere secure, as you won't be able to view it again: + + ![Service Account Added](./img/service-accounts/service-account-jwt.png) 1. Edit or create policies to give the service account access to the internal service: ![An example policy for a service account](./img/service-accounts/create-policy-1.png) ![An example policy for a service account in the policy builder](./img/service-accounts/create-policy-2.png) + +### Authenticate with the Service Account JWT + +Pomerium provides three methods to authenticate with a Service Account JWT: + +- `Authorization: Bearer Pomerium-${pomerium_jwt}` +- `X-Pomerium-Authorization: ${pomerium_jwt}` +- `Authorization: Pomerium ${pomerium_jwt}` + +For example, the curl command below demonstrates how to send an authenticated request using the bearer token method: + +```bash +curl -i -H "Accept: application/json" -H "Authorization: Bearer Pomerium-${pomerium_jwt}" +https://verify.localhost.pomerium.io +``` + +If the request is valid, the response would look similar to the example below: + +```bash +HTTP/2 200 +accept-ranges: bytes +cache-control: no-cache +content-type: text/html; charset=utf-8 +etag: "75df42fffe5e9fdf2c13f64963d04e8115fb06f8e9c4a97db3c9d7394ab6be38" +x-cloud-trace-context: 97f79dda2b32e0618d7e53cee2c85bcb;o=1 +date: Mon, 04 Mar 2024 21:56:24 GMT +server: envoy +content-length: 1191 +x-envoy-upstream-service-time: 206 +x-frame-options: SAMEORIGIN +x-xss-protection: 1; mode=block +x-request-id: bcd0bb52-25fb-4858-8da0-a552fc9b2859 +```