Create a service user
Service users have access to specific accounts. They are designed for automated workflows and authenticate using API keys (generated as token IDs) and client authentication certificates, typically used on build servers or in other automated systems, but cannot sign into the platform directly.
To create a service user
Astuce
For details about user roles and the specific permissions required in custom roles to perform this action, refer to User prerequisites.
Sign in to DigiCert ONE.
Navigate to the Manager menu icon (top-right), select Account.
In the left navigation menu, select Access > Service users.
Select Create service user.
Enter service user details:
Friendly name
Enter a unique display name. The name must include only letters, numbers, spaces, dashes, and underscores. Actions are logged under this name.
Optional: Description
Add additional information about the service user. This description only appears in the Service user details.
Optional: End date
Specify an expiration date (UTC). For example, selecting January 12, 2026 means the service user expires at 23:59:59 UTC.
Astuce
Update API integrations using this token ID before expiration to prevent disruptions. If needed, you can extend the expiration date later.
Email
Provide the email address of the person managing this service user's credentials. DigiCert ONE does not send emails to this address, so communicate any necessary details directly.
Accounts that this service user can access
In the dropdown, select the accounts that this service user can access for their API integrations.
DigiCert ONE Manager access
Assign one or more DigiCert ONE Managers. The service user can access the API for each Manager assigned here.
Assign accounts and access:
In the Accounts that can use this service user field, select the accounts this service user needs to interact with.
In the DigiCert ONE Manager access field, assign one or more managers the service user will access via the API.
Select Next.
On the Roles and permissions page, select the user roles for each manager assigned to the service user.
Astuce
Only assign roles necessary for the task or integration. If required, you can update these roles later.
Select Create service user.
In the Service user token ID window, copy the ID and save it securely.
Important
The token ID is displayed only once and cannot be recovered if lost.
After saving the token ID, select Close.
What's next
You are ready to use the service user to build your DigiCert ONE integrations. Your new service user appears on the Service users page. Return here to update the end date, modify the permissions, and disable or enable the service user (In the Account Manager menu, go to Access > Service User).