Register and maintain your Certificate Authority (CA) certificates as part of your CA authentication.

CA authentication enables you to use certificates from an external public CA with Anaplan APIs and Anaplan Connect. Your users must submit certificates with a valid, recognized external public CA as the root certificate. As the tenant administrator, you can register and manage these certificates in Anaplan.

CA authentication offers a certificate hierarchy known as the chain of trust. This enables you to verify the validity of a certificate issuer. It also aligns with industry standards and provides a higher level of security for Anaplan customers.

If you use CA certificates, this enables:

  • Anaplan customers who use data integrations to authenticate API sessions.
  • API users to use CA certificates instead of a user name and password.

Additionally, Anaplan customers who use data integrations enabled for Single Sign-On (SSO) can:

  • Submit a CA certificate to authenticate API sessions and receive a Java Web Token (JWT).
  • Use a CA even if its password has expired.

If your certificate expires, you must obtain a new one for successful CA authentication.

If you use CA authentication, you assume responsibility for your users' certificates. You must:

With CA authentication, tenant administrators can use the Anaplan Administration console to: