.png){kind=logo}
Configuring Product Roles
From Signum 4.30.4, Signum supports a default integration with Keyfactor’s Customer Portal identities so that product roles can be created and managed in the Customer Portal. This is in addition to the roles that can be configured in Signum directly. This gives users an easy way to begin using Signum without having to connect an external identity provider to the initial deployment.
It is still possible to instead configure a new Domain in Signum for connecting multiple external organization IDPs. For more information, see Domains.
Customer Portal users can be assigned three different default Product Roles for Signum:
Admin
User
Viewer
The abilities of each role are defined in the following table:
Product Role | Permissions |
|---|---|
Signum Admin | The Admin is the highest level of permissions in Signum. For more information, see Signum Administrator. The Admin is a member of the “Default Signing Policy” created on first deployment. If all default settings remain the same, any users added to this role are members of the default policy, and the Admin group is added by default. |
Signum User | The User has no assigned Signum role. The User cannot access the Admin Web Console and can only be assigned to policies. The User is a member of the “Default Signing Policy” created on first deployment. If all default settings remain the same, any users added to this role are members of the default policy, and the Signum Admin group is added by default. |
Signum Viewer | The Viewer can only view information in the Signum Admin Web, such as certificates and events. The Viewer role is editable by Admins, and originally-configured permissions can be adjusted. |