Skip to main content

System user permissions

System users are usually a DigiCert employee, unless your instance of DigiCert ONE is self-host. System users have access to the DigiCert​​®​​ Software Trust Manager UI and are responsible for:

  • Onboarding accounts

  • Account provisioning

  • Providing account support

 

The permissions outlined in this article also apply to service scope system users. However, service scope system users:

  • Do not have access to the DigiCert​​®​​ Software Trust Manager UI.

  • Are only identified by an alias and associated by an email address for alerts.

  • Are responsible for automation of workflows on a machine like a build server.

Nota

System users cannot perform cryptographic actions and sign. Also see Account user permissions .

General permissions

Permission

Description

View license

User can view licenses for the account.

Manage license

User can update:

  • DigiCert​​®​​ Software Trust Manager > Accounts > Account settings.

  • DigiCert​​®​​ Software Trust Manager > Accounts > Account licenses.

Manage CertCentral API key

User can delete, disable, enable, setup, update and validate a CertCentral API key.

View audit log

User can view audit and signature logs in the account.

Export audit logs

User can export audit logs in the account.

Nota

View audit log is required as an additional permission to to export audit logs.

View signatures

User can view signature logs in the account.

View health

View app health (API).

Certificate permissions

Permission

Description

View certificate

User can view certificate details in the account.

Manage certificate hierarchy

User can create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies.

Nota

View certificate permission is required as an additional permission to manage certificate hierarchy.

View certificate template

User can view certificate template details in the account.

Manage certificate template

User can create, update, and clone certificate templates.

Nota

View certificate template is required as an additional permission to manage certificate templates.

View certificate profile

User can view certificate profile details in the account.

Manage certificate profiles

User can:

  • Create, update, enable, disable, and delete certificate profiles.

  • Update and delete certificates.

Nota

View certificate profile is required as an additional permission to manage certificate profiles.

Keypair permissions

Permission

Description

View keypair

User can view keypair details in the account.

Import keypair

User can import keypairs into the account.

Nota

View keypair is required as an additional permission to import keypairs.

Manage keypair

User can:

  • Update, suspend or unsuspend keypairs.

  • Create, update, enable, and disable keypair profiles.

  • Create and update user groups.

  • Create, update, and refresh key rotation.

  • Generate a CSR

Nota

View keypair is required as an additional permission to manage keypairs.

Release permissions

Permission

Description

View release windows

User can view releases in the account.

En esta sección: