System user permissions
System users are usually a DigiCert employee, unless your instance of DigiCert ONE is self-host. System users have access to the DigiCert® Software Trust Manager UI and are responsible for:
Onboarding accounts
Account provisioning
Providing account support
The permissions outlined in this article also apply to service scope system users. However, service scope system users:
Do not have access to the DigiCert® Software Trust Manager UI.
Are only identified by an alias and associated by an email address for alerts.
Are responsible for automation of workflows on a machine like a build server.
Nota
System users cannot perform cryptographic actions and sign. Also see Account user permissions .
General permissions
Permission | Description |
---|---|
View license | User can view licenses for the account. |
Manage license | User can update:
|
Manage CertCentral API key | User can delete, disable, enable, setup, update and validate a CertCentral API key. |
View audit log | User can view audit and signature logs in the account. |
Export audit logs | User can export audit logs in the account. Nota |
View signatures | User can view signature logs in the account. |
View health | View app health (API). |
Certificate permissions
Permission | Description |
---|---|
View certificate | User can view certificate details in the account. |
Manage certificate hierarchy | User can create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies. Nota |
View certificate template | User can view certificate template details in the account. |
Manage certificate template | User can create, update, and clone certificate templates. Nota |
View certificate profile | User can view certificate profile details in the account. |
Manage certificate profiles | User can:
Nota |
Keypair permissions
Permission | Description |
---|---|
View keypair | User can view keypair details in the account. |
Import keypair | User can import keypairs into the account. Nota |
Manage keypair | User can:
Nota |
Release permissions
Permission | Description |
---|---|
View release windows | User can view releases in the account. |