Skip to main content

Admin (SS)

DigiCert​​®​​ Software Trust Manager Admin is a system scope (SS) role for users responsible for day-to-day account configuration and enabling Software Trust Manager.

Note

System users cannot perform cryptographic actions and sign. Also see Account user permissions.

Permissions

The Software Trust Manager Admin role has the following permissions assigned:

Category

Permission

User can

Notes

User settings

View user

View their own user profile and generate their own API key and client authentication certificate in DigiCert ONE.

Account settings

Manage CertCentral API key

Delete, disable, enable, setup, update and validate a CertCentral API key.

View health

View app health (API).

Audit logs

View audit log

View audit and signature logs in the account.

Export audit logs

Export audit and signature logs in the account.

View audit log is required as an additional permission to to export audit logs.

Certificates

Manage certificate hierarchy

Create, update, approve, reject, suspend, unsuspend, and view certificate hierarchies.

View certificate permission is required as an additional permission to manage certificate hierarchy.

Manage certificate profiles

  • Create, update, enable, disable, and delete certificate profiles.

  • Update and delete certificates.

View certificate profile is required as an additional permission to manage certificate profiles.

Manage certificate profiles

  • Create, update, enable, disable, and delete certificate profiles.

  • Update and delete certificates.

View certificate profile is required as an additional permission to manage certificate profiles.

Manage certificate template

Create, update, and clone certificate templates.

View certificate template is required as an additional permission to manage certificate templates.

View certificate

View certificate details in the account.

Keypairs

Manage keypair

  • Update, suspend or unsuspend keypairs.

  • Create, update, enable, and disable keypair profiles.

  • Create and update user groups.

  • Create, update, and refresh key rotation.

  • Generate a CSR

View keypair is required as an additional permission to manage keypairs.

View keypair

View keypair details in the account.

Releases

View release

View releases in the account.