CertCentral users cannot perform automation tasks
Problem
CertCentral users cannot perform Automation tasks, such as adding a profile, when SAML Single Sign-on (SSO) is set up for their CertCentral account.
Background
When CertCentral users are restricted to SSO only, they cannot create an API key. Automation relies on API keys, called Automation Access Keys, to interface with CertCentral. Users restricted to SSO only will be unable to perform Automation tasks.
Solution
In the CertCentral left menu, go to Automation > API Keys.
On the API keys page, check to see if the user has an automation access key.
If the user does not have an automation access key, proceed to step 3.
If the user has an automation access key, contact DigiCert Support.
Next, in the CertCentral left menu, go to Account > Users.
On the Users page, in the Name column, select the user's name.
On the user details page, under User access, uncheck Only allow user to log in through SAML/OIDC SSO and select Update user.
Ask the user to sign in to CertCentral without SSO and go to Automation > Manage profiles. When they access Automation, the automation access key will be automatically generated.
Opmerking
The user may need to create a password first to sign in to CertCentral.
Have the user sign out of CertCentral.
Go back to the user’s details page, check Only allow user to log in through SAML/OIDC SSO, and select Update user.
You must repeat these steps if the user's Automation Access Key gets revoked.