Skip to main content

Admin (SS)

DigiCert​​®​​ Software Trust Manager Admin is a system scope (SS) role for users responsible for day-to-day account configuration and enabling Software Trust Manager.


System users cannot perform cryptographic actions and sign. Also see Account user permissions.


The Software Trust Manager Admin role has the following permissions assigned:




User settings

View user

User can view their own user profile and generate their own API key and client authentication certificate in DigiCert ONE.

Account settings

Manage account settings

User can update Software Trust Manager Accounts > Account settings.

Manage CertCentral API key

User can delete, disable, enable, setup, update and validate a CertCentral API key.

View health

View app health (API).

Audit logs

View audit log

User can view audit and signature logs in the account.

Export audit logs

User can export audit logs and signature logs in the account.


View license

User can view licenses for the account.


Manage certificate hierarchy

User can create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies.

Manage certificate profiles

User can:

  • View, create, update, enable, disable, and delete certificate profiles.

  • Update and delete certificates.

Manage certificate profile

User can view, create, and modify certificate profiles for the account.

Manage certificate template

User can view, create, and modify certificate templates for the account.

View certificate

User can view certificate details in the account.


Manage keypair

User can:

  • View, generate, import, and export keypairs

  • Update, suspend or unsuspend keypairs.

  • Create, update, enable, and disable keypair profiles.

  • Create and update user groups.

  • Create, update, and refresh key rotation.

  • Generate a CSR

View keypair

User can view keypair details in the account.


View release

User can view releases in the account.