If you are not familiar with the oc command, refer to OpenShift - Getting Started with the oc command.

By default, a Service Account will not be assigned to a Role Binding or a Cluster Role Binding or a Security Context Constraint (SCC). Typically, Service Accounts are used to:

• Run a deployment with a Service Account so that the pods are run with the Security Context Constraint associated with the Service Account
• To associate the Service Account with a Role Binding or Cluster Role Binding to contol what the service account is allowed to do in a namespace 

The oc create serviceaccount (or oc create sa) command can be used to create a Service Account.

~]$ oc create serviceaccount my-service-account
serviceaccount/my-service-account created

Or, a JSON or YAML file can be used.For example, let's say you have a YAML file that contains the following markup.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: my-service-account
  namespace: default

The oc apply or oc create command with the -f or --filename option can be used to create the pod using the template JSON or YAML file.

The oc replace command can be used to replace a pod using a new or updated template JSON or YAML file.

The oc edit command can be used to update a pods template YAML file.

~]$ oc create -f serviceaccount.yml 
serviceaccount/my-service-account created

The oc get serviceaccounts (or just oc get sa) command can be used to list the Service Accounts that have been created in the current project / namespace.

~]$ oc get serviceaccounts
NAME                  SECRETS   AGE
default               2         388d
my-servie-account     2         112s

The oc describe serviceaccount command can be used to show more details of a specific Service Account.

~]$ oc describe serviceaccount my-service-account
Name:                my-service-account
Namespace:           default
Labels:              <none>
Annotations:         <none>
Image pull secrets:  my-service-account-dockercfg-57b6r
Mountable secrets:   my-service-account-token-sfrpr
                     my-service-account-dockercfg-57b6r
Tokens:              my-service-account-token-6x45k
                     my-service-account-token-sfrpr
Events:              <none>

If the purpose of the Service Account is to have an account that has certain permissions (such as view or cluster-admin), then you will want to Add or Remove a Role Binding from a User Group or Service Account.

~]$ oc adm policy add-cluster-role-to-user basic-user -z my-service-account
clusterrole.rbac.authorization.k8s.io/basic-user added: "my-service-account"

If the purpose of the Service Account is to set the Security Context Constraint for pods in the project, then you will want to Add a Security Context Constraint to a User or Group or Service Account.

~]$ oc adm policy add-scc-to-user restricted -z my-service-account
clusterrole.rbac.authorization.k8s.io/system:openshift:scc:restricted added: "my-service-account"