Skip to main content

Create a service user

Service users have access to specific accounts. They are designed for automated workflows and authenticate using API keys (generated as token IDs) and client authentication certificates, typically used on build servers or in other automated systems, but cannot sign into the platform directly.

To create a service user

Suggerimento

For details about user roles and the specific permissions required in custom roles to perform this action, refer to User prerequisites.Prerequisites

  1. Sign in to DigiCert ONE.

  2. Navigate to the Manager menu icon (top-right), select Account.

  3. In the left navigation menu, select Access > Service users.

  4. Select Create service user.

  5. Enter service user details:

    1. Friendly name

      Enter a unique display name. The name must include only letters, numbers, spaces, dashes, and underscores. Actions are logged under this name.

    2. Optional: Description

      Add additional information about the service user. This description only appears in the Service user details.

    3. Optional: End date

      Specify an expiration date (UTC). For example, selecting January 12, 2026 means the service user expires at 23:59:59 UTC.

      Suggerimento

      Update API integrations using this token ID before expiration to prevent disruptions. If needed, you can extend the expiration date later.

    4. Email

      Provide the email address of the person managing this service user's credentials. DigiCert ONE does not send emails to this address, so communicate any necessary details directly.

    5. Accounts that this service user can access

      In the dropdown, select the accounts that this service user can access for their API integrations.

    6. DigiCert ONE Manager access

      Assign one or more DigiCert ONE Managers. The service user can access the API for each Manager assigned here.

  6. Assign accounts and access:

    1. In the Accounts that can use this service user field, select the accounts this service user needs to interact with.

    2. In the DigiCert ONE Manager access field, assign one or more managers the service user will access via the API.

  7. Select Next.

  8. On the Roles and permissions page, select the user roles for each manager assigned to the service user.

    Suggerimento

    Only assign roles necessary for the task or integration. If required, you can update these roles later.

  9. Select Create service user.

  10. In the Service user token ID window, copy the ID and save it securely.

    Importante

    The token ID is displayed only once and cannot be recovered if lost.

  11. After saving the token ID, select Close.

What's next

You are ready to use the service user to build your DigiCert ONE integrations. Your new service user appears on the Service users page. Return here to update the end date, modify the permissions, and disable or enable the service user (In the Account Manager menu, go to Access > Service User).