Multifactor Authentication and Single Sign On

Multifactor Authentication and Single Sign On

Role-based access control

The emSign CERTInext platform offers six roles, each designed to address specific responsibilities and access requirements within the system:

  • Administrator

  • Manager

  • Finance Manager

  • Standard User

  • Basic User

  • Discovery User

Administrator

The Administrator role provides full access to the platform, enabling comprehensive management of users, groups, organizations, and financial operations. This role is intended for system overseers responsible for administrative and operational tasks.

Key Access Controls

Full portal access, including the Dashboard.

Manage:

  • Certificates (requests, orders, expiring certificates).

  • Organizations, domains, groups, and users.

  • Private and public Certificate Authorities (CAs) and products.

  • Sub-accounts and price lists for sub-accounts.

Access to:

  • REST and ACME APIs.

  • Financial features.

  • Audit logs and tools.

  • Reports and account settings.

Create user invitations and assign roles.

Manager

The Manager role focuses on overseeing groups, users, and orders while managing sub-accounts and associated group features. This role excludes full administrative and financial permissions.

Key Access Controls

Dashboard access (billing alerts, low credit alerts, and self-orders tracking).

Manage:

  • Organizations and domains.

  • Groups (including credit allocation) and users.

  • Private and public CAs and products.

  • Sub-accounts and price lists for sub-accounts.

Access to:

  • REST and ACME APIs.

  • Financial features.

  • Audit logs, reports, and tools.

Finance Manager

The Finance Manager role is tailored for managing financial operations, such as fund allocation, price lists, and finance-related features, without broader administrative control.

Key Access Controls

Dashboard access (billing alerts and self-orders tracking).

Manage:

  • Groups (credit allocation) and users.

  • Sub-accounts and price lists for sub-accounts.

  • Private and public CAs and products.

Access to:

  • REST and ACME APIs.

  • Financial features.

  • Audit logs, reports, and tools.

Standard User

The Standard User role allows for requesting certificates and accessing group orders. It includes broader access than the Basic User but lacks administrative permissions.

Key Access Controls

Dashboard access (billing alerts and self-orders tracking).

Manage:

  • Private and public CAs.

Access to:

  • REST and ACME APIs.

  • Reports, tools, and profile settings.

Basic User

The Basic User role provides minimal permissions, focusing on personal tasks such as requesting certificates and managing profile information.

Key Access Controls

Dashboard access (billing alerts and self-orders tracking).

Access to:

  • REST and ACME APIs.

  • Reports, tools, and profile settings.

Discovery User

The Discovery User role is dedicated to users responsible for certificate discovery operations. This includes tasks such as key management, key store handling, and accessing discovery-related features.

Sub Account User

Sub Account User role is dedicated only to the Partners. Partner can create a user role as Sub Account User and assign them to a group.

Custom Roles

To create a Custom Role, go to Settings > Users> Custom Roles

The Custom Roles module offers administrators the ability to create highly customized user roles with detailed permission controls.

Key Features:

  • Administrators can create user roles instead of using generic roles, they can design roles based on tasks, departments, or job functions.

  • Granular Permission Control: administrators to define permissions at a very granular level. This includes controlling who can access particular features, data, and actions within the CERTInext platform.

  • User Mapping: Administrators can assign users to the roles they create, mapping specific users to the appropriate role with the corresponding permissions.

Last updated

Was this helpful?