System scope (SS) user permissions
System users are usually a DigiCert employee, unless your instance of DigiCert ONE is self-host. System users have access to the DigiCert® Software Trust Manager UI and are responsible for:
Onboarding accounts
Account provisioning
Providing account support
The permissions outlined in this article also apply to service scope system users. However, service scope system users:
Do not have access to the DigiCert® Software Trust Manager UI.
Are only identified by an alias and associated by an email address for alerts.
Are responsible for automation of workflows on a machine like a build server.
Nota
System users cannot perform cryptographic actions and sign. Also see Account user permissions .
General permissions
Permission | User can |
---|---|
Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. |
View audit log | View audit and signature logs in the account. |
Export audit logs | Export audit and signature logs in the account. Nota |
View health | View app health (API). |
Certificate permissions
Permission | User can |
---|---|
View certificate | View certificate details in the account. |
Manage certificate hierarchy | Create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies. Nota |
View certificate template | View certificate template details in the account. |
Manage certificate template | Create, update, and clone certificate templates. Nota |
View certificate profile | View certificate profile details in the account. |
Manage certificate profiles |
Nota |
Keypair permissions
Permission | User can |
---|---|
View keypair | View keypair details in the account. |
Import keypair | Import keypairs into the account. Nota |
Manage keypair |
Nota |
Release permissions
Permission | User can |
---|---|
View release | View releases in the account. |