Seat management
Before you begin, make sure you are familiar with the different seat types in your account and how they get consumed.
Seat allocation and creation
All seats in your account are tracked to business units:
Discovery seats get automatically allocated when the certificates are uploaded.
All other seat types must be pre-allocated to business units before use.
Seats get "created" as different seat types are used in a business unit:
For Organization, User, Device, and Server (non-automated) seats, you need to create the seats before enrolling certificates.
For all other seat types and use cases, the seats get created for you when the certificates are enrolled, imported, or automated.
Each created seat links to the associated certificate(s) and stores details such as the seat identifier and name, business unit, status, etc.
Ways to manage seats
DigiCert® Trust Lifecycle Manager provides a variety of tools to help you monitor and manage your seats.
From the DigiCert® Trust Lifecycle Manager REST API:
Use the seat controller API to manage seats programmatically.
To learn more about available API endpoints, select Trust Lifecycle APIs from the help menu at top.
From the DigiCert® Trust Lifecycle Manager user interface:
Go to Account > Business units to create and manage your business units, including the seats allocated to each.
Go to Account > Seats to view and manage the seats created in your account. Use the column headers to sort or filter by seat type, business unit, etc.
You can also monitor Seat usage from the Dashboard. Use the dropdown at top to filter by business unit or show all business units. For each seat type, it shows:
Allocated: The total number of seats allocated to the selected business unit.
Created: The number of seat records created from the business unit's seat allocation.
Consumed: The number of created seat records with a certificate associated with them.
Tip
From your account dashboard, select the number of Created seats to view those seats on the Account > Seats page, pre-filtered by seat type and business unit.
Seat management actions
Available seat management actions in the DigiCert® Trust Lifecycle Manager user interface depend on the seat type and use case:
Create seat: Prepare an Organization, User, Device, or non-automated Server or Certificate Management seat for use and configure its basic properties. For other seat types and use cases, seat records get automatically created when they are used.
Enroll seat: Enroll a certificate for a created Organization, User, Device, or Server (non-automated) seat using the "enrollment code" authentication method. For other seat types and authentication methods, certificates get enrolled externally or through certificate lifecycle automation actions.
Edit seat: Update the basic properties of a seat, such as the seat name or the assigned email address or phone number. Any seat type can be edited as such besides automated Server or Certificate management seats.
Delete seat: Delete a seat of any type. If the seat is currently consumed, it gets released back into the license pool.
For Organization, User, Device, or Server seats, any active certificates get automatically revoked during seat deletion with reason code "Cessation of operation". To use a different revocation reason, revoke the certificates separately before deleting the seat.
For Certificate management or Imported seats, certificates can optionally be revoked during seat deletion with reason code "Cessation of operation". To revoke with a different revocation reason, revoke the certificates separately before deleting the seat.
For Discovery seats, certificates cannot be revoked during seat deletion. Revoke the certificates separately via the external issuing CA if needed.
View audit trail: View audit log events for any type of seat.