Default User Roles and Permissions

Code Signing offers a set of predefined roles designed to simplify user management, enforce security policies, and ensure that each user has access only to the necessary resources and functions required for their role. These roles are critical in maintaining the integrity of the system, ensuring proper access controls, and facilitating smooth operations across different user types.

The following roles are created by default within Code Signing:

  1. Code Signing_Managers
    • Purpose: The Code Signing_Managers role is designed for users with managerial responsibilities within Code Signing. These users oversee signing policies, manage user roles, and have access to audit logs to monitor and review the platform's usage.
    • Permissions:
      • Full access to all signing-related resources.
      • Ability to create and modify signing policies.
      • Manage and assign roles to other users.
      • Access to audit trails, usage metrics, and reports.
  2. Code Signing_Dev_Build_Users
    • Purpose: Code Signing_Dev_Build_Users role is meant for users who require signing capabilities as part of the development and build processes. These users primarily work with code and build artifacts that need to be signed to ensure integrity and authenticity.
    • Permissions:
      • Access to development and build signing functionalities.
      • Ability to manage personal certificates for code signing.
      • View-only access to signing policies and configuration settings.
  3. Code Signing_Individual_Users
    • Purpose: Code Signing_Individual_Users role is for end users who need basic signing capabilities. These users typically sign documents or assets in the system but do not have any administrative or development responsibilities.
    • Permissions:
      • Basic signing capabilities for documents and files.
      • Access limited to signing assets assigned to them or their projects.
      • No access to user management, policy editing, or audit logs.
  4. Code Signing_API_Users
    • Purpose: Code Signing_API_Users role is intended for users or applications that interact with Code Signing programmatically through APIs. This role is essential for automation or integration with other systems, enabling users to integrate Code Signing capabilities into their own applications.
    • Permissions:
      • Access to Code Signing API endpoints based on predefined API permissions.
      • Limited signing capabilities through API for designated assets.
      • No interactive access to the Code Signing UI.
    Each of these roles comes with specific permissions tailored to their intended use cases, ensuring that users can perform their responsibilities effectively.