KeyLocker user permissions
Assign one or more DigiCert® KeyLocker permissions when you create a custom role.
The following permissions are available in your account:
Permission | User can |
|---|---|
Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. |
Permission | User can | Notes |
|---|---|---|
View certificate | View certificate details for all certificates assigned to them. | Users with |
Revoke certificate | Revoke certificates associated with keypairs that they are assigned to. | Users with |
Permission | User can |
|---|---|
View keypair | View keypair details in the account. |
Manage keypair | Update the keypair alias. |
Sign | Sign software with keypairs assigned to them. |
For on-premises customers, these permissions are available for custom user roles used for system administration.
Permission | User can | Notes |
|---|---|---|
Manage CertCentral API key | Delete, disable, enable, setup, update and validate a CertCentral API key. | |
View audit log | View audit and signature logs in the account. | |
Export audit logs | Export audit and signature logs in the account. | |
View health | View app health (API). |
Permission | User can | Notes |
|---|---|---|
View keypair | View keypair details in the account. | |
Import keypair | Import keypairs into the account. | |
Manage keypair |
| |
Permission | User can | Notes |
|---|---|---|
View certificate | View certificate details in the account. | |
Manage certificate hierarchy | Create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies. | |
View certificate template | View certificate template details in the account. | |
Manage certificate template | Create, update, and clone certificate templates. | |
View certificate profile | View certificate profile details in the account. | |
Manage certificate profiles |
| |
Permission | User can |
|---|---|
View release | View releases in the account. |