.png){kind=logo}
Configuring Product Roles
Starting with new Signum deployments of 4.30.4 and above, Signum now supports a default integration with Keyfactor’s Customer Portal identities so that product roles can be created and managed in the Customer Portal. This is in addition to the roles that can be configured in Signum directly. This gives users an easy way to begin using Signum without having to connect an external identity provider to the initial deployment.
Customer Portal users can be assigned three different default Product Roles for Signum, Administrator, User, and Viewer. The abilities of each of these roles is defined below. It is still an option to instead configure a new Domain in Signum for connecting multiple external organization IDPs described here Domains.
Product Role | Permissions |
|---|---|
Signum Admin | The highest level of permissions in Signum. See https://docs.keyfactor.com/Signum-SaaS/4.30.1/Published/signum-administrator-1 . These users are a member of the “Default Signing Policy” created on first deployment. Any users added to this Product Role will be members of the default policy if all default settings remain the same, where the Signum Admin group is added by default. |
Signum User | No assigned Signum Role. The Admin Web Console will not be accessible to these users, they will only be assignable to policies. These users are a member of the “Default Signing Policy” created on first deployment. Any users added to this Product Role will be members of the default signing policy if all default settings remain the same, where the Signum User group is added by default. |
Signum Viewer | Can only view information in the Signum Admin Web like certificates and events. Please Note this “Signum Viewer” Role is editable by Admins in Signum and it is possible for the permissions to be adjusted from what was originally configured. |
