Document Trust Manager user roles
Assign one or more roles to a Document Trust Manager user when you add or update the user.
For DigiCert ONE cloud customers, these roles are available in your account.
The DigiCert® Document Trust Manager Client admin is an account scope role (AS) for managing the account, users, and certificate lifecycles activities.
This is a technical role in an organization responsible for configuring DigiCert solutions and provide support to their users.
Category | Permission | Description |
---|---|---|
Certificate management | View certificate profiles | User can view certificate profiles. |
View certificate templates | User can view certificate templates. | |
Credential management | Authorize credentials | User can authorize credentials. |
Manage certificate organizations | User can create, disable, enable, and edit certificate organizations. | |
Create credentials | User can create credentials. | |
Manage credentials | User can revoke credentials in the account. | |
Send credential OTP | User can send credential one-time password. | |
Sign | User can sign. | |
View credential profiles | User can view credential profiles. | |
General | Manage documents | User can create documents. |
View account log | User can view account log. | |
View audit log | User can view audit log. | |
View dashboard | User can view dashboard. | |
View license | User can view license. | |
Validations | Approve self-enrollment signer | User can approve a self-enrolled signer. |
Manage basic validations | User can approve or reject basic validations. | |
Create validations | User can add validations. | |
Manage enrollment | User can create, edit, enable, and disable self-enrollment links. | |
Manage validations | User can create, delete, disable, and restart validations. | |
View validation profiles | User can view validation profiles. |
The DigiCert® Document Trust Manager document signer is an account scope role (AS) for verified users who apply eSignatures on documents.
Category | Permission | Description |
---|---|---|
Credential management | Authorize credentials | User can authorize credentials. |
Create credentials | User can create credentials. | |
Send credential OTP | User can send credential one-time password. | |
Sign | User can sign. | |
View credentials | User can view credentials in the account. | |
View credentials | User can view credentials in the account. | |
View credential profiles | User can view credential profiles in the account. | |
General | View audit log | User can view audit logs in the account. |
Validations | View validation profiles | User can view validation profiles in the account. |
The DigiCert® Document Trust Manager Organization approver is an account scope role (AS) for authorized representatives who can approve certificate requests with organization.
Category | Permission | Description |
---|---|---|
Credential management | Manage certificate organizations | User can create, disable, enable, and edit certificate organizations. |
General | View audit log | User can view audit log. |
Validations | View validation | User can view validation. |
View validation profiles | User can view validation profiles. |
For customers with DigiCert ONE installed on-premises, these roles are available for system administration.
The DigiCert® Document Trust Manager (DTM) admin is a system scope role (SS) for day-to-day account configuration to enable and secure document signing.
Category | Permission | Description |
---|---|---|
Certificate management | Manage certificate | User can create, enable, disable, and edit certificates. |
Manage certificate profiles | User can create, enable, disable, and edit certificate profiles. | |
Manage certificate templates | User can create, enable, disable, and edit certificate templates. | |
View certificate templates | User can view certificate templates. | |
Credential management | View credentials | User can view credentials. |
View credential profiles | User can view credential profiles. | |
General | Manage manager configs | User can create or edit configurations in the account. |
View account log | User can view account log. | |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | Create validations | User can add validations. |
Manage validation profiles | User can create, enable, disable, and edit validation profiles. | |
View enrollment | User can view self-enrolled users. | |
View validation profiles | User can view validation profiles. |
The DigiCert® Document Trust Manager Security officer is a system scope role (SS) for monitoring systems and applications for policy and compliance.
Category | Permission | Description |
---|---|---|
Certificate management | View certificate profiles | User can view certificate profiles. |
View certificate templates | User can view certificate templates. | |
Credential management | View credentials | User can view credentials. |
View credential profiles | User can view credential profiles. | |
General | View account log | User can view account log. |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | View validations | User can view validations. |
View enrollment | User can view self-enrolled users. | |
View validation profiles | User can view validation profiles. |
The DigiCert® Document Trust Manager Client admin is a system scope role (SS) for installing, configuring, and maintaining a trusted signing environment.
Category | Permission | Description |
---|---|---|
Certificate management | View certificate profiles | User can view certificate profiles. |
View certificate templates | User can view certificate templates. | |
Credential management | View credentials | User can view credentials. |
View credential profiles | User can view credential profiles. | |
General | View account log | User can view account log. |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | Create validations | User can add validations. |
View validations | User can view validations. | |
View enrollment | User can view self-enrolled users. | |
View validation profiles | User can view validation profiles. |
The DigiCert® Document Trust Manager System auditor is a system scope role (SS) for reviewing archives and audit logs to ensure operational compliance with security policies.
Category | Permission | Description |
---|---|---|
Certificate management | View certificate templates | User can view certificate templates. |
Credential management | View credentials | User can view credentials. |
View credential profiles | User can view credential profiles. | |
General | View account log | User can view account log. |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | View validations | User can view validations. |
View enrollment | User can view self-enrolled users. | |
View validation profiles | User can view validation profiles. |
The DigiCert® Document Trust Manager Registration officer is a system scope role (SS) for verifying information necessary for certificate approval and issuance.
Registration Officer represents the Registration Authority (RA). A trained individual responsible for identity verification of a natural person via an in-person or video meeting. The RA may be from a delegated third party or part of an organization with a contractual relationship with DigiCert®.
Category | Permission | Description |
---|---|---|
Certificate management | Manage certificate | User can create, enable, disable, and edit certificates. |
Manage certificate templates | User can create, enable, disable, and edit certificate templates. | |
View certificate templates | User can view certificate templates. | |
Credential management | View credential profiles | User can view credential profiles. |
General | View account log | User can view account log. |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | Create validations | User can add validations. |
Manage validation profiles | User can create, enable, disable, and edit validation profiles. | |
View enrollment | User can view self-enrolled users. | |
View validations | User can view validations. |
The DigiCert® Document Trust Manager Validation specialist is a system scope role (SS) for performing day-to-day activities related to validation and certificate issuance.
Category | Permission | Description |
---|---|---|
Credential management | View credential profiles | User can view credential profiles. |
General | View account log | User can view account log. |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
Validations | Create validations | User can add validations. |
Manage validations | User can create, delete, disable, and restart validations. | |
Manage validation profiles | User can create, enable, disable, and edit validation profiles. | |
View enrollment | User can view self-enrolled users. |
The DigiCert® Document Trust Manager Support admin is a system scope role (SS) for assisting users with account setup and signing.
Category | Permission | Description |
---|---|---|
Certificate management | Manage certificate profiles | User can create, enable, disable, and edit certificate profiles. |
View certificate templates | User can view certificate templates. | |
Credential management | Manage credential profiles | User can create, enable, disable, and edit credential profiles. |
View credentials | User can view credentials. | |
General | Setup account | User can setup new accounts. |
View account log | User can view account log. | |
View app health | User can view app health. | |
View audit log | User can view audit log. | |
View manager configs | User can create or edit configurations in the account. | |
Validations | Create validations | User can add validations. |
Manage validation profiles | User can create, enable, disable, and edit validation profiles. | |
View enrollment | User can view self-enrolled users. | |
View validations | User can view validations. |