CertCentral supports enabling SAML on an account. This allows customers to use their SSO credentials to login to CertCentral (e.g. Okta etc.)
For a given user CertCentral also allows administrators to limit the user to only login using SSO.
If this option is enabled for a user, CertCentral doesn’t allow users to login using their password or to create API-KEYS.
Discovery and Automation rely on API-KEYS to interface with CertCentral. Hence for users who have enabled SSO only option, these features will not work.
Check if discovery and automation API keys exist for the user.