System scope (SS) user permissions
System users are usually a DigiCert employee, unless your instance of DigiCert ONE is self-host. System users have access to the DigiCert® Software Trust Manager UI and are responsible for:
Onboarding accounts
Account provisioning
Providing account support
The permissions outlined in this article also apply to service scope system users. However, service scope system users:
Do not have access to the DigiCert® Software Trust Manager UI.
Are only identified by an alias and associated by an email address for alerts.
Are responsible for automation of workflows on a machine like a build server.
Note
System users cannot perform cryptographic actions and sign. Also see Account user permissions .
Permission | User can | Notes |
---|---|---|
Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. | |
View audit log | View audit and signature logs in the account. | |
Export audit logs | Export audit and signature logs in the account. |
|
View health | View app health (API). |
Permission | User can | Notes |
---|---|---|
View certificate | View certificate details in the account. | |
Manage certificate hierarchy | Create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies. |
|
View certificate template | View certificate template details in the account. | |
Manage certificate template | Create, update, and clone certificate templates. |
|
View certificate profile | View certificate profile details in the account. | |
Manage certificate profiles |
|
|
Permission | User can | Notes |
---|---|---|
View keypair | View keypair details in the account. | |
Import keypair | Import keypairs into the account. |
|
Manage keypair |
|
|
Permission | User can |
---|---|
View release | View releases in the account. |