Multifactor Authentication and Single Sign On
Multifactor Authentication and Single Sign On
Role-based access control
The emSign CERTInext platform offers six roles, each designed to address specific responsibilities and access requirements within the system:
Administrator
Manager
Finance Manager
Standard User
Basic User
Discovery User
Administrator
The Administrator role provides full access to the platform, enabling comprehensive management of users, groups, organizations, and financial operations. This role is intended for system overseers responsible for administrative and operational tasks.
Key Access Controls
Full portal access, including the Dashboard.
Manage:
Certificates (requests, orders, expiring certificates).
Organizations, domains, groups, and users.
Private and public Certificate Authorities (CAs) and products.
Sub-accounts and price lists for sub-accounts.
Access to:
REST and ACME APIs.
Financial features.
Audit logs and tools.
Reports and account settings.
Create user invitations and assign roles.
Manager
The Manager role focuses on overseeing groups, users, and orders while managing sub-accounts and associated group features. This role excludes full administrative and financial permissions.
Key Access Controls
Dashboard access (billing alerts, low credit alerts, and self-orders tracking).
Manage:
Organizations and domains.
Groups (including credit allocation) and users.
Private and public CAs and products.
Sub-accounts and price lists for sub-accounts.
Access to:
REST and ACME APIs.
Financial features.
Audit logs, reports, and tools.
Finance Manager
The Finance Manager role is tailored for managing financial operations, such as fund allocation, price lists, and finance-related features, without broader administrative control.
Key Access Controls
Dashboard access (billing alerts and self-orders tracking).
Manage:
Groups (credit allocation) and users.
Sub-accounts and price lists for sub-accounts.
Private and public CAs and products.
Access to:
REST and ACME APIs.
Financial features.
Audit logs, reports, and tools.
Standard User
The Standard User role allows for requesting certificates and accessing group orders. It includes broader access than the Basic User but lacks administrative permissions.
Key Access Controls
Dashboard access (billing alerts and self-orders tracking).
Manage:
Private and public CAs.
Access to:
REST and ACME APIs.
Reports, tools, and profile settings.
Basic User
The Basic User role provides minimal permissions, focusing on personal tasks such as requesting certificates and managing profile information.
Key Access Controls
Dashboard access (billing alerts and self-orders tracking).
Access to:
REST and ACME APIs.
Reports, tools, and profile settings.
Discovery User
The Discovery User role is dedicated to users responsible for certificate discovery operations. This includes tasks such as key management, key store handling, and accessing discovery-related features.
Sub Account User
Sub Account User role is dedicated only to the Partners. Partner can create a user role as Sub Account User and assign them to a group.
Custom Roles
To create a Custom Role, go to Settings > Users> Custom Roles
The Custom Roles module offers administrators the ability to create highly customized user roles with detailed permission controls.
Key Features:
Administrators can create user roles instead of using generic roles, they can design roles based on tasks, departments, or job functions.
Granular Permission Control: administrators to define permissions at a very granular level. This includes controlling who can access particular features, data, and actions within the CERTInext platform.
User Mapping: Administrators can assign users to the roles they create, mapping specific users to the appropriate role with the corresponding permissions.
Last updated
Was this helpful?