Entrust Certificate Services (ECS) Enterprise offers various user types; however, only the following users can assume PKIaaS roles.

Do not create Sub Admin or Singer users, as these users are only for public SSL service.

Super Admin

Super Admin users can do the following.

When granted the User Management role:
- Add, remove, and manage users
- Assign PKIaaS roles to users.
Conduct all the activities for the public SSL service.

Requester

As explained in the Certificate Services Enterprise guide, Requester users can perform PKIaaS operations based on the roles granted to them by Super Admin users.

At this moment, you can only create a Requester user if you have a public SSL certificate offering. Choose this user type if you use the Entrust public SSL certificate service and want to give an SSL requester the PKIaaS role to conduct private trust activities.