Access permissions
Individual permissions in DigiCert® Account Manager provide granular access to specific Trust Lifecycle Manager features. Access permissions get grouped into user roles, which then get assigned to users.
Select any of the predefined user roles in Account Manager by name to see which individual permissions it includes.
When you create a custom user role in Account Manager, you select specific access permissions to assign to it.
Some permissions allow for either Read-only or Manage (edit) access to the data in question.
Tip
Manage permissions provide both read and edit access. If you assign the Manage version of a particular permission to a custom user role, you cannot also assign the Read-only version of that permission, as it would be redundant.
List of Trust Lifecycle Manager permissions
DigiCert® Account Manager defines the below access permissions for Trust Lifecycle Manager, organized by functional area.
General
Permission | Description |
---|---|
| View or manage business units. |
| View or manage seats. |
| View or manage seat allocations to business units. |
| View audit logs. |
| View available seat licenses in Account Manager. |
| View or manage reports. |
| Manage the self-service portal. |
| View or manage ServiceNow connectors. |
| View or manage system scans. |
| View or manage connectors. |
| Manage certificate lifecycle automation activities/features. |
| View or manage client tools. |
| View or manage network scans. |
Certificate management
Permission | Description |
---|---|
| View certificates and certificate details. |
| Enroll certificates. |
| Revoke certificates. |
| Renew certificates. |
| Temporarily disable certificates. |
| Re-enable suspended certificates. |
| Recover escrowed certificates. |
| Import certificates from external CAs. |
|
Profiles & templates
Permission | Description |
---|---|
| View or manage certificate profiles. |
| View or manage certificate templates. |
| View or manage certificate enrollments. |