Skip to main content

CertCentral users cannot perform automation tasks

Problem

CertCentral users cannot perform Automation tasks, such as adding a profile, when SAML Single Sign-on (SSO) is set up for their CertCentral account.

Background

When CertCentral users are restricted to SSO only, they cannot create an API key. Automation relies on API keys, called Automation Access Keys, to interface with CertCentral. Users restricted to SSO only cannot perform automation tasks.

Solution

  1. In the CertCentral main menu, go to Automation > API Keys

  2. On the API keys page, check to see if the user has an automation access key.

    1. If the user does not have an automation access key, proceed to step 3.

    2. If the user has an automation access key, contact DigiCert Support.

  3. In the CertCentral main menu, go to Account > Users.

  4. On the Users page, in the Name column, select the user's name.

  5. On the user details page, under User access, clear Only allow user to log in through SAML/OIDC SSO, and select Update user.

  6. Ask the user to sign in to CertCentral without SSO and go to Automation > Manage profiles. When they access Automation, CertCentral generates the automation access key automatically.

    注意

    The user may need to create a password first to sign in to CertCentral.

  7. Have the user sign out of CertCentral.

  8. Repeat steps 3 and 4, and select Only allow user to log in through SAML/OIDC SSO, and select Update user.

Repeat these steps if the user's automation access key is revoked.

本节内容如下: