ユーザーの追加とAPIトークンの成、サービスユーザーを作成する
システム管理者が最初の管理者アカウントを設定すると、開始する準備が整います。アカウントマネージャは、DigiCert® IoT Trust Managerの管理者を追加および管理するための一般的な場所です。また、DigiCert® IoT Trust Manager のAPIトークンとサービスユーザーを作成、管理する場所です。
See the Account Manager: Get started guide for hosted services to find instructions for adding users and creating API tokens and service users.
IoT Trust Managerの管理者の追加
管理者がDigiCert® IoT Trust Managerで作業するには、DigiCert® IoT Trust Managerに対する権限のみが必要です。DigiCert® IoT Trust Managerで、お客様が権限を割り当てるユーザーロールは1つで、それは管理者ロールです。権限ベースのアクセスにより、DigiCert® IoT Trust Manager と DigiCert ONE 内部でユーザーが見ることができるもの、行うことができるものを制御することができます。管理者の追加と編集の際に、管理者が自分のタスクを完了するために必要なものを見たり、実行したりできるように、その権限を設定することができます。
IoT Trust Manager user roles
IoT Trust Manager user roles define the set of permissions given to a user.
The principal IoT Trust Manager user role with most administrative and configuration permissions within IoT Trust Manager. This user is responsible for configuring profiles and workflows, integrating third-party tools, and managing certificates.
Permissions
Category | Permission | Description |
|---|---|---|
General | Manage alerts | Configure and apply anomaly detection policies. Update and close alerts when detected and addressed. |
Manage division | Create and manage divisions to manage user access to some IoT Trust Manager assets, such as certificate profiles and intermediate CAs. | |
Manage gateway | Configure and manage a DigiCert gateway for outbound/inbound IoT Trust Manager network traffic. | |
Manage settings | View and update general IoT Trust Manager settings. | |
View audit log | View audit and signature logs in the account. | |
View license | View licenses for the account. | |
Device management | Manage device | Monitor and manage device records for the devices in your IoT production environment. |
Manage device profile | Create and update device profiles that define API access and custom data fields for individual device records. | |
Certificate management | Manage authentication CA | Manage device authentication for certificate requests in your IoT production environment. Create and update authentication CA templates and upload authentication CAs. |
Manage certificate | Manage individual and batch certificate requests and records for issued certificates. | |
Manage certificate profile | Define and manage certificate configuration requirements, including required and optional fields. | |
Manage enrollment profile | Configure certificate enrollment parameters, including allowed enrollment methods, issuing CA, and device and certificate profiles to use. | |
Manage external CAs | Monitor external CAs and manage division and enrollment profile assignments. | |
Manage IoT CA | Request and manage intermediate CAs. | |
Manage OCSP grouping | Manage bulk OCSP calls and responses for certificate status. | |
Manage certificate template | Add and manage certificate structure and format requirements. |
The principal IoT Trust Manager user role with most administrative and configuration permissions within IoT Trust Manager. This user is responsible for configuring profiles and workflows and integrating third-party tools.
注記
System users cannot request certificates or intermediate CAs.
Permissions
Category | Permission | Description |
|---|---|---|
General | Manage alerts | Configure and apply anomaly detection policies. Update and close alerts when detected and addressed. |
Manage division | Create and manage divisions to manage user access to some IoT Trust Manager assets, such as certificate profiles and intermediate CAs. | |
Manage gateway | Configure and manage a DigiCert gateway for outbound/inbound IoT Trust Manager network traffic. | |
Manage settings | View and update general IoT Trust Manager settings. | |
View app health | View app health (API). | |
View audit log | View audit and signature logs in the account. | |
Device management | Manage device | Monitor and manage device records for the devices in your IoT production environment. |
Manage device profile | Create and update device profiles that define API access and custom data fields for individual device records. | |
Certificate management | Manage authentication CA | Manage device authentication for certificate requests in your IoT production environment. Create and update authentication CA templates and upload authentication CAs. |
View certificate | View individual and batch certificate requests and records for issued certificates. | |
Manage certificate profile | Define and manage certificate configuration requirements, including required and optional fields. | |
Manage enrollment profile | Configure certificate enrollment parameters, including allowed enrollment methods, issuing CA, and device and certificate profiles to use. | |
Manage external CAs | Monitor external CAs and manage division and enrollment profile assignments. | |
Manage IoT CA | Request and manage intermediate CAs. | |
Manage OCSP grouping | Manage bulk OCSP calls and responses for certificate status. | |
Manage certificate template | Add and manage certificate structure and format requirements. |
APIトークンは、作成する管理者と同じ権限とスコープを持ちます。APIトークンを使用して行われれた操作は、管理者のユーザー名でログに記録されています。
サービスユーザーは、特定のユーザーの権限に属したり継承したりしない、管理者に関係しないAPIトークンです。サービスユーザーは、管理者に属さない、または管理者の権限を継承しない、ユーザーとは無関係のAPIトークンです。サービスユーザーにリンクされた操作は、サービスユーザーのフレンドリ名の下に記録されています。