Skip to main content
Skip table of contents


Signum supports Role Based Access Control (RBAC) through the concept of “Roles”. A role in Signum is a set of permissions for a user that defines what they are able to edit and access in the Signum Admin Web Console and any associated APIs. This method of RBAC allows for granular permissions settings to be defined for specific users and groups. For example, one role may be configured that allows a group of users to generate Certificate Signing Requests (CSRs) and import certificates, while another role may be configured that only allows users to view certificate usage events.

Getting Started with Roles

Some helpful items to keep in mind when working with roles:

  • A user can only have one role assigned at a time

  • Every user accessing the Web Admin Console must have a role assigned

  • Certificate Groups can be assigned to roles giving those users the ability to assign them to policies

  • A user using one of the Signum Agents (Windows or Linux) does not need a role because certificate usage is defined by policies

  • A role can be assigned to an individual user or groups of users

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.