Document Trust Manager user roles
Assign one or more roles to a Document Trust Manager user when you add or update the user.
Account roles for standard and service users
The following user roles are available in your account:
The DigiCert® Document Trust Manager Client admin is an account scope role (AS) for managing the account, users, and certificate lifecycles activities.
This is a technical role in an organization responsible for configuring DigiCert solutions and provide support to their users.
Category | Permission | User can |
|---|---|---|
Certificate management | View certificate profiles | View certificate profiles. |
View certificate templates | View certificate templates. | |
Credential management | Authorize credentials | Authorize credentials. |
Manage certificate organizations | Create, disable, enable, and edit certificate organizations. | |
Create credentials | Create credentials. | |
Manage credentials | Revoke credentials in the account. | |
Send credential OTP | Send credential one-time password. | |
Sign | Sign. | |
View credential profiles | View credential profiles. | |
General | Manage documents | Create documents. |
View account log | View account log. | |
View audit log | View audit log. | |
View dashboard | View dashboard. | |
View license | View licenses. | |
Validations | Approve self-enrollment signer | Approve a self-enrolled signer. |
Manage basic validations | Approve or reject basic validations. | |
Create validations | Add validations. | |
Manage enrollment | Create, edit, enable, and disable self-enrollment links. | |
Manage validations | Create, delete, disable, and restart validations. | |
View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager document signer is an account scope role (AS) for verified users who apply eSignatures on documents.
Category | Permission | User can |
|---|---|---|
Credential management | Authorize credentials | Authorize credentials. |
Create credentials | Create credentials. | |
Send credential OTP | Send credential one-time password. | |
Sign | Sign. | |
View credentials | View credentials in the account. | |
View credential profiles | View credential profiles. | |
General | View audit log | View audit log. |
Validations | View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager Organization approver is an account scope role (AS) for authorized representatives who can approve certificate requests with organization.
Category | Permission | User can |
|---|---|---|
Credential management | Manage certificate organizations | Create, disable, enable, and edit certificate organizations. |
General | View audit log | View audit log. |
Validations | View validation | View validation. |
View validation profiles | View validation profiles. |
System roles for on-premises administration
For on-premises customers, these roles are available for system administration.
The DigiCert® Document Trust Manager admin is a system scope role (SS) for day-to-day account configuration to enable and secure document signing.
Category | Permission | User can |
|---|---|---|
Certificate management | Manage certificate | Create, enable, disable, and edit certificates. |
Manage certificate profiles | Create, enable, disable, and edit certificate profiles. | |
Manage certificate templates | Create, enable, disable, and edit certificate templates. | |
View certificate templates | View certificate templates. | |
Credential management | View credentials | View credentials in the account. |
View credential profiles | View credential profiles. | |
General | Manage manager configs | Create or edit configurations in the account. |
View account log | View account log. | |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | Create validations | Add validations. |
Manage validation profiles | Create, delete, disable, and restart validations. | |
View enrollment | View self-enrolled users. | |
View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager Security officer is a system scope role (SS) for monitoring systems and applications for policy and compliance.
Category | Permission | User can |
|---|---|---|
Certificate management | View certificate profiles | View certificate profiles. |
View certificate templates | View certificate templates. | |
Credential management | View credentials | View credentials in the account. |
View credential profiles | View credential profiles. | |
General | View account log | View account log. |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | View validations | View validation. |
View enrollment | View self-enrolled users. | |
View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager Client admin is a system scope role (SS) for installing, configuring, and maintaining a trusted signing environment.
Category | Permission | User can |
|---|---|---|
Certificate management | View certificate profiles | View certificate profiles. |
View certificate templates | View certificate templates. | |
Credential management | View credentials | View credentials in the account. |
View credential profiles | View credential profiles. | |
General | View account log | View account log. |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | Create validations | Add validations. |
View validations | View validation. | |
View enrollment | View self-enrolled users. | |
View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager System auditor is a system scope role (SS) for reviewing archives and audit logs to ensure operational compliance with security policies.
Category | Permission | User can |
|---|---|---|
Certificate management | View certificate templates | View certificate templates. |
Credential management | View credentials | View credentials in the account. |
View credential profiles | View credential profiles. | |
General | View account log | View account log. |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | View validations | View validation. |
View enrollment | View self-enrolled users. | |
View validation profiles | View validation profiles. |
The DigiCert® Document Trust Manager Registration officer is a system scope role (SS) for verifying information necessary for certificate approval and issuance.
Registration Officer represents the Registration Authority (RA). A trained individual responsible for identity verification of a natural person via an in-person or video meeting. The RA may be from a delegated third party or part of an organization with a contractual relationship with DigiCert®.
Category | Permission | User can |
|---|---|---|
Certificate management | Manage certificate | Create, enable, disable, and edit certificates. |
Manage certificate templates | Create, enable, disable, and edit certificate templates. | |
View certificate templates | View certificate templates. | |
Credential management | View credential profiles | View credential profiles. |
General | View account log | View account log. |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | Create validations | Add validations. |
Manage validation profiles | Create, delete, disable, and restart validations. | |
View enrollment | View self-enrolled users. | |
View validations | View validation. |
The DigiCert® Document Trust Manager Validation specialist is a system scope role (SS) for performing day-to-day activities related to validation and certificate issuance.
Category | Permission | User can |
|---|---|---|
Credential management | View credential profiles | View credential profiles. |
General | View account log | View account log. |
View app health | View app health. | |
View audit log | View audit log. | |
Validations | Create validations | Add validations. |
Manage validations | Create, delete, disable, and restart validations. | |
Manage validation profiles | Create, delete, disable, and restart validations. | |
View enrollment | View self-enrolled users. |
The DigiCert® Document Trust Manager Support admin is a system scope role (SS) for assisting users with account setup and signing.
Category | Permission | User can |
|---|---|---|
Certificate management | Manage certificate profiles | Create, enable, disable, and edit certificate profiles. |
View certificate templates | View certificate templates. | |
Credential management | Manage credential profiles | Create, enable, disable, and edit credential profiles. |
View credentials | View credentials in the account. | |
General | Setup account | Setup new accounts. |
View account log | View account log. | |
View app health | View app health. | |
View audit log | View audit log. | |
View manager configs | Create or edit configurations in the account. | |
Validations | Create validations | Add validations. |
Manage validation profiles | Create, delete, disable, and restart validations. | |
View enrollment | View self-enrolled users. | |
View validations | View validation. |