Administration: Security - Certificates
If you have access to Certificates in Anaplan, you can register and maintain certificates as part of Certificate Authority (CA) authentication.
Certificate Authority (CA) Authentication
Certificate Authority (CA) authentication lets you use certificates from an external public certificate authority with Anaplan APIs and Anaplan Connect. To use CA authentication with Anaplan APIs and Anaplan Connect, your users must submit certificates with a valid, recognized external public CA as the root certificate. As the Tenant Administrator, you can register and manage these certificates in Anaplan.
Why use CA Certificates?
CA authentication offers a certificate hierarchy known as the "chain of trust" that enables you to verify the validity of a certificate issuer. This aligns with industry standards and provides a higher level of security for Anaplan customers.
Using CA certificates:
- Integration users can authenticate API sessions.
- Integration users enabled for Single Sign-On (SSO) can:
- Submit a CA certificate to authenticate API sessions and receive a Java Web Token (JWT)
- Use the CA even if passwords have expired
- API users can use CA certificates instead of entering a username and password
If your organization uses CA Authentication, your organization assumes responsibility for your users' certificates. You must:
- Procure certificates from:
- Keep private keys safe - stolen keys mean that users can be impersonated.
With CA authentication, Tenant Administrators can further use the Anaplan Administration app to: