Lead (AS)
The DigiCert® Software Trust Manager Lead is the highest account scope (AS) role. Assign this role to users responsible for managing cryptographic assets, enforcing policies, monitoring compliance for users in the account.
Permissions
The Software Trust Manager Lead role has the following permissions assigned:
Category | Permission | Description |
---|---|---|
User settings | Default | User can view their own user profile and generate their own API key and client authentication certificate in DigiCert ONE. |
Account settings | Manage account settings | User can update DigiCert® Software Trust Manager > Accounts > Account settings. |
Manage CertCentral API key | User can delete, disable, enable, setup, update and validate a CertCentral API key. | |
View license | User can view licenses for the account. | |
Teams | Manage all teams | User can:
|
Audit logs | View audit log | User can view audit and signature logs in the account. |
Export audit logs | User can export audit logs in the account. | |
Certificates | Manage certificate hierarchy | User can create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies. |
Manage certificate profiles | User can:
| |
View certificate profile | User can view certificate profile details in the account. | |
View certificate template | User can view certificate template details in the account. | |
Generate certificate | User can create a new certificate. | |
Import certificate | User can import certificates into the account. | |
Revoke certificate | User can revoke certificates in the account. | |
View certificate | User can view certificate details in the account. | |
Keypairs | Request keypair export | User can request to export keypairs. |
Approve keypair export | User can approve requests to export keypairs. | |
Approve keypair delete | User can approve requests to delete keypairs. | |
Import keypair | User can import keypairs into the account. | |
Generate keypair | User can create a new keypair. | |
View keypair | User can view keypair details in the account. | |
Manage keypair | User can:
| |
Manage master keypair | User can:
| |
Signatures | Sign | User can sign. |
Releases | View release windows | User can view releases in the account. |
Request release | User can request to create an offline release. | |
Approve release window | User can approve requests to create offline releases. | |
Threat detection | Manage Threat detection | User can view and download threat detection scans in the account. |