Assign one or more roles to a DigiCert® KeyLocker user when you add or update the user.
The following user roles are available in your account:
CertCentral master administrators automatically become the KeyLocker lead. The KeyLocker lead role is usually assigned to an account lead who manages assets, users, and is able to sign with the key stored in DigiCert® KeyLocker.
Category | Permission | User can | Notes |
---|---|---|---|
User settings | Default | View their own user profile and generate their own API key and client authentication certificate in DigiCert ONE. | |
Manage user |
| ||
Account settings | Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. | |
Certificates | View certificate | View certificate details for all certificates assigned to them. | Users with |
Revoke certificate | Revoke certificates associated with keypairs that they are assigned to. | Users with | |
Keypairs | View keypair | ||
Manage keypair | |||
Signatures | Sign | Sign software with keypairs assigned to them. |
DigiCert ONE users with the KeyLocker signer role is usually assigned to an engineer or an authenticated device that signs software.
Category | Permission | User can | Notes |
---|---|---|---|
User settings | Default | View their own user profile and generate their own API key and client authentication certificate in DigiCert ONE. | |
Certificates | View certificate | View certificate details for all certificates assigned to them. | Users with |
Keypairs | View keypair | ||
Signature | Sign | Sign software with keypairs assigned to them. |