Adding trusted signers to a group

Developers who create custom items (visualization mods) can sign their code, either with their Spotfire account when logged in to a server, or with a certificate from a certificate authority (CA). Similarly, configurators of external actions sign their actions using their Spotfire account. You can add both users and certificates as trusted signers for a group, as described in this topic, to make the workflows for end users of the custom items easier. In most cases, it is preferred to add the trusted signers as high up in the group hierarchy as possible, to avoid duplicated work.

About this task

See Trusting custom content in the Spotfire environment for generic information about trust.

Before you begin

An administrator has designed the group hierarchy for your Spotfire implementation.
The group you want to edit is available.
The client packages corresponding to the operating system of your node manager host have been deployed to Spotfire Server. For instructions, see Deploying client packages to Spotfire Server.

About this task

Tip: You can upload certificates in advance using the command-line to make it easier to add trusted certificates to different groups.

Procedure

Log in to the Spotfire Server web administration pages and click Groups.
On the Groups page, double-click the group for which to add trusted signers (use search if you have a long list of groups).

Tip: You can also select the group of interest and click the information icon , Open details panel, at the top right corner of the table. Use the arrow icons to toggle full screen view or a collapsed details view . See also Viewing details on the Spotfire Server administration pages.
On the details page for the group, click Trusted signers.
On the Trusted signers page, click Add certificate > From library or Add certificate > From local file to locate the certificate to add, or click Add users and select the users to trust, for each role (e.g., mod developer or action configurator).

Results

When the choice has been made, the added certificates or users will now be seen as trusted signers by all members in the group. Any items signed by these certificates or users can be used by the members in the group without any further questions.

Note: To be able to keep certificates from a developer that has resigned from the company valid, you must keep that user in the system as a disabled user.