Managing administrators
Edit an administrator
-
Navigate to
. -
Select a standard administrator.
-
Click Edit.
-
Update the administrator’s personal information.
-
Click the Edit icon in the top right of the Edit Admin dialog.
-
Complete the Edit Standard Admin fields based on the information provided in the following table.
Field Description Username
The administrator’s username for the purpose of identification and access
Email
The administrator’s email address
Forename, Surname
The administrator’s first name (forename) and last name (surname)
Title
The administrator’s title
Telephone Number
The administrator’s phone number
Street, Locality, State/Province, Postal Code, Country
The administrator’s address details
Relationship
The nature of the administrator’s relationship with the organizations or departments that they are delegated to (such as, employee or third party)
-
Click Next.
-
-
Update the Roles & Privileges tab fields.
-
Select an administrator role.
-
Assign administrator privileges based on the information provided in the following table.
Field Description Allow creation of peer admin users
The administrator can create other administrators of their own level or lower
Allow editing of peer admin users
The administrator can edit other administrators of their own level or lower
Allow deleting of peer admin users
The administrator can remove other administrators of their own level or lower
Allow to manage organizations/departments
The administrator can do the following:
-
Create new organizations
-
View, edit, and delete delegated organizations
-
Create new departments under delegated organizations
-
Manage certificate settings, notification templates, access control lists, and EV details for delegated organizations
Allow DCV
The administrator can initiate domain control validation for newly created domains
Allow SSL details changing
The administrator can change SSL certificate request details prior to approval
Automatically approve certificate requests
Certificate requests initiated by the administrator are automatically approved
Allow certificate revocation
The administrator can revoke certificates
MS AD Discovery
The MRAO administrator can access the
page, download and install MS Agents, and view the certificates and web servers discovered by MS Agents by scanning respective AD servers.Allow download keys from Key Vault
The administrator can download certificate private keys stored in Sectigo Key Vault
Approve domain delegation
The administrator can approve domain delegation requests by other administrators of their own level or lower
-
-
-
Update the Authentication tab fields.
-
Enter and confirm a password for the new administrator.
-
(Optional) Select a valid client certificate for use in authentication.
-
(Optional) Configure SAML IdP by selecting an identity provider and entering the appropriate EPPN.
-
-
Click Save.
-
Navigate to
. -
Select an IdP template.
-
Click Edit.
-
Update the template name.
-
Click the Edit icon in the top right of the Edit IdP Template dialog.
-
Update the template name.
-
Click Next.
-
-
Update the Roles & Privileges tab fields.
-
Select an administrator role.
-
For RAO and DRAO administrators, select the certificate types and organizations or departments that can be managed.
-
Assign administrator privileges based on the information provided in the following table.
Field Description Allow creation of peer admin users
The administrator can create other administrators of their own level or lower
Allow editing of peer admin users
The administrator can edit other administrators of their own level or lower
Allow deleting of peer admin users
The administrator can remove other administrators of their own level or lower
Allow to manage organizations/departments
The administrator can do the following:
-
Create new organizations
-
View, edit, and delete delegated organizations
-
Create new departments under delegated organizations
-
Manage certificate settings, notification templates, access control lists, and EV details for delegated organizations
Allow DCV
The administrator can initiate domain control validation for newly created domains
Allow SSL details changing
The administrator can change SSL certificate request details prior to approval
Automatically approve certificate requests
Certificate requests initiated by the administrator are automatically approved
Allow certificate revocation
The administrator can revoke certificates
MS AD Discovery
The administrator can access the
page, download and install MS Agents, and view the certificates and web servers discovered by MS Agents by scanning respective AD serversAllow download keys from Key Vault
The administrator can download certificate private keys stored in Sectigo Key Vault
Approve domain delegation
The administrator can approve domain delegation requests by other administrators of their own level or lower
-
-
-
Update the Authentication tab fields.
-
Select an identity provider for SAML IdP.
-
Configure IdP Attribute mapping based on the information provided in the following table.
Field Description cn
The user’s full name or common name
displayname
A human-readable display name for the user
entitlement
Information about the user’s access rights or permissions
eppn
A unique identifier for individuals within education and research institutions, often resembling an email address
givenname
The user’s first name
groups
Information about the user’s group memberships or affiliations
mail
The user’s email address
schachomeorganization
The user’s organization identifier
sn
The user’s last name or surname
uid
A unique identifier for the user within an organization or system
-
-
Click Save.
IdP administrators created from an IdP template cannot have their roles and privileges edited unless they are unlinked from the template through the Menu icon in the top right of the Edit IdP Admin dialog. |
-
Navigate to
. -
Select an IdP administrator.
-
Click Edit.
-
Update the administrator’s personal information.
-
Click the Edit icon in the top right of the Edit Admin dialog.
-
Complete the Edit IdP Admin fields based on the information provided in the following table.
Field Description Email
The administrator’s email address
Forename, Surname
The administrator’s first name (forename) and last name (surname)
Title
The administrator’s title
Telephone Number
The administrator’s phone number
Street, Locality, State/Province, Postal Code, Country
The administrator’s address details
Relationship
The nature of the administrator’s relationship with the organizations or departments that they are delegated to (such as, employee or third party)
-
Click Next.
-
-
Update the Roles & Privileges tab fields.
-
Select an administrator role.
-
For RAO and DRAO administrators, select the certificate types and organizations or departments that can be managed.
-
Assign administrator privileges based on the information provided in the following table.
Field Description Allow creation of peer admin users
The administrator can create other administrators of their own level or lower
Allow editing of peer admin users
The administrator can edit other administrators of their own level or lower
Allow deleting of peer admin users
The administrator can remove other administrators of their own level or lower
Allow to manage organizations/departments
The administrator can do the following:
-
Create new organizations
-
View, edit, and delete delegated organizations
-
Create new departments under delegated organizations
-
Manage certificate settings, notification templates, access control lists, and EV details for delegated organizations
Allow DCV
The administrator can initiate domain control validation for newly created domains
Allow SSL details changing
The administrator can change SSL certificate request details prior to approval
Automatically approve certificate requests
Certificate requests initiated by the administrator are automatically approved
Allow certificate revocation
The administrator can revoke certificates
MS AD Discovery
The administrator can access the
page, download and install MS Agents, and view the certificates and web servers discovered by MS Agents by scanning respective AD serversAllow download keys from Key Vault
The administrator can download certificate private keys stored in Sectigo Key Vault
Approve domain delegation
The administrator can approve domain delegation requests by other administrators of their own level or lower
-
-
-
Click Save.
-
Navigate to
. -
Select a Sectigo Authentication Service administrator.
-
Click Edit.
-
Update the administrator’s personal information.
-
Click the Edit icon in the top right of the Edit Admin dialog.
-
Complete the Edit Sectigo Authentication Service Admin fields based on the information provided in the following table.
Field Description Email
The administrator’s email address
Forename, Surname
The administrator’s first name (forename) and last name (surname)
Title
The administrator’s title
Telephone Number
The administrator’s phone number
Street, Locality, State/Province, Postal Code, Country
The administrator’s address details
Relationship
The nature of the administrator’s relationship with the organizations or departments that they are delegated to (such as, employee or third party)
-
Click Next.
-
-
Update the Roles & Privileges tab fields.
-
Select an administrator role.
-
For RAO and DRAO administrators, select the certificate types and organizations or departments that can be managed.
-
Assign administrator privileges based on the information provided in the following table.
Field Description Allow creation of peer admin users
The administrator can create other administrators of their own level or lower
Allow editing of peer admin users
The administrator can edit other administrators of their own level or lower
Allow deleting of peer admin users
The administrator can remove other administrators of their own level or lower
Allow to manage organizations/departments
The administrator can do the following:
-
Create new organizations
-
View, edit, and delete delegated organizations
-
Create new departments under delegated organizations
-
Manage certificate settings, notification templates, access control lists, and EV details for delegated organizations
Allow DCV
The administrator can initiate domain control validation for newly created domains
Allow SSL details changing
The administrator can change SSL certificate request details prior to approval
Automatically approve certificate requests
Certificate requests initiated by the administrator are automatically approved
Allow certificate revocation
The administrator can revoke certificates
MS AD Discovery
The administrator can access the
page, download and install MS Agents, and view the certificates and web servers discovered by MS Agents by scanning respective AD serversAllow download keys from Key Vault
The administrator can download certificate private keys stored in Sectigo Key Vault
Approve domain delegation
The administrator can approve domain delegation requests by other administrators of their own level or lower
-
-
-
Click Save.
-
Navigate to
. -
Select an API administrator.
-
Click Edit.
-
Update the administrator’s personal information.
-
Click the Edit icon in the top right of the Edit Admin dialog.
-
Complete the Edit API Admin fields based on the information provided in the following table.
Field Description Username
The administrator’s username for the purpose of identification and access
Email
The administrator’s email address
Forename, Surname
The administrator’s first name (forename) and last name (surname)
Title
The administrator’s title
Telephone Number
The administrator’s phone number
Street, Locality, State/Province, Postal Code, Country
The administrator’s address details
Relationship
The nature of the administrator’s relationship with the organizations or departments that they are delegated to (such as, employee or third party)
-
Click Next.
-
-
Update the Roles & Privileges tab fields.
-
Select an administrator role.
-
For RAO and DRAO administrators, select the certificate types and organizations or departments that can be managed.
-
Assign administrator privileges based on the information provided in the following table.
Field Description Allow creation of peer admin users
The administrator can create other administrators of their own level or lower
Allow editing of peer admin users
The administrator can edit other administrators of their own level or lower
Allow deleting of peer admin users
The administrator can remove other administrators of their own level or lower
Allow to manage organizations/departments
The administrator can do the following:
-
Create new organizations
-
View, edit, and delete delegated organizations
-
Create new departments under delegated organizations
-
Manage certificate settings, notification templates, access control lists, and EV details for delegated organizations
Allow DCV
The administrator can initiate domain control validation for newly created domains
Allow SSL details changing
The administrator can change SSL certificate request details prior to approval
Automatically approve certificate requests
Certificate requests initiated by the administrator are automatically approved
Allow certificate revocation
The administrator can revoke certificates
MS AD Discovery
The administrator can access the
page, download and install MS Agents, and view the certificates and web servers discovered by MS Agents by scanning respective AD serversAllow download keys from Key Vault
The administrator can download certificate private keys stored in Sectigo Key Vault
Approve domain delegation
The administrator can approve domain delegation requests by other administrators of their own level or lower
-
-
-
Update the Authentication tab fields.
-
Enter and confirm a password for the new administrator.
-
(Optional) Select a valid client certificate for use in authentication.
-
-
Click Save.
Change an administrator’s type
-
Navigate to
. -
Select an administrator and click Change Type.
-
Select the new administrator type.
-
Update the administrator’s personal details as needed.
-
Click Next.
-
Update the administrator’s roles, privileges, and authentication details as needed.
-
Click Save.
Managing admin API keys
You can view and manage API keys that belong to you or API type admins.
Add an admin API key
-
Navigate to
. -
Click API Keys.
-
Click the Add icon.
-
In the Add API Key dialog, enter the name for the API key.
-
Click Save.
-
Copy and save the client secret.
-
Click Close.
Edit admin API keys
-
Navigate to
. -
Select an appropriate admin and click API Keys.
-
Select the API key and click Edit.
-
Update the API key name.
-
If needed, reset the client secret.
If you reset a client secret, clients using this API key must be updated to use the new client secret. -
Click the Edit icon.
-
Click OK.
-
Copy and save the client secret.
-
-
Click Save.