An Administrator will be able to create all types of roles i.e.  Admin RAO, Enterprise RAO and Validation CA. 


In a fresh installation, three types of operators will be created:


  • Administrator
  • Admin RAO 
  • Enterprise RAO 


Create an Operator


  1. Click Access Control from the left-panel
  2. Click  to add an Operator


Field

Description

Name

Full name of the operator

Email

Official email address of the operator

Mobile Number

Mobile number for the SMS alerts

Authentication Certificate

Admin must upload the operator's TLS client authentication certificate. This certificate is used to identify the user in the ADSS Web RA application. The user of this certificate must present the related key to login the Admin portal. 

Type

There are three supported types while creating an Operator in ADSS Web RA Admin. 

Administrator - It's a super admin role, who can perform any action across the application whether it's a user management, certificate management, configurations or service plans settings.

Admin RAO - Admin RAO is restricted to manage any configurations but can only manage certificate requests or users that he is allowed to do so by the Administrator.

Enterprise RAO - Enterprise RAO is restricted to manage only the certificate requests or users for the enterprises to whom he belongs to.

Role

Assigned role of the operator (Admin, Enterprise RAO, Auditor etc.)

Active 

Tick this check-box to activate the operator


      If operator type is Administrator then only administrator type of roles will be available for selection in drop down  as displayed in the screenshot:


                     




   If operator type is Admin RAO, then only Admin RAO Type of roles will be available in selection drop down as displayed in the screenshot:



               




    If operator type is Enterprise RAO, then only enterprise RAO roles will be available for selection drop down as displayed in the screenshot:




               




  • The Administrator can Edit/Delete (options available by pressing the  button) an existing role from the Operators screen.



  • A new section will be added in the role under configurations with the name of Data Archiving to manage access control.



An operator can manage Enterprise. To do so, the operator needs to navigate through Enterprises > Registered > Manage


                   



For an enterprise user, the left menu will contain the items shown in the image below: (This menu can be navigated from role to manage the operator's access control)


               




From the 'Profile' menu in the above image, an operator can update the information of enterprises that are allowed and its relevant owner information too. He can update information (example displayed below)


             



An operator can also change the account owner information as required. 


The second item on the left side of the menu is the 'Users' section, which allows an operator to manage enterprise users. It contains two items:


  • Registered Users
  • User Invitations




            


  • An administrator can invite users only as an 'Applicant Representative' role. 
  • An Admin RAO can manage only an 'Applicant Representative' role and users of this role.
  • Enterprise RAO can manage only 'Enterprise Users' role. 



           



Rekey Requests 


  • Under the Requests module, a user can find 'Rekey Requests' that will allow him to handle rekey requests for each administrator. 



  • This section will appear only when the 'Rekey' policy is enabled in Configurations > Policy settings. 



  • The “Rekey Requests” listing will only show if Administrator, Enterprise RAO, Admin RAO has role rights.