Configure JIT Provisioning

Veracode Administration

Before You Begin

Steps

  1. In the Veracode Platform, click the gear icon in the top menu and select Admin.
  2. Click the JIT Provisioning tab.

    Note: You cannot make changes to this tab unless you have provided the settings on the SAML tab.

  3. In Organization Settings, set Configure default settings for Just-In-Time user provisioning to On.

  4. In User Data Updates, choose how the Veracode Platform handles conflicts between data in the SAML assertion and data in the Veracode Platform with these options:

    • Prefer Organization Identity Provider Data: the IdP of the organization controls the configuration of the user. The Veracode Platform is updated with the data that is in the SAML assertion. This setting allows the IdP to automatically update fields that may change, such as email address, phone number, last name, roles, and team assignments.

      Note: After you set this option, you cannot update users with the Identity APIs because the identity provider controls all user information.

    • Prefer Veracode User Data: the Veracode Platform ignores any changed data in the SAML assertion.

  5. Choose which default attributes to set on individual users. Veracode requires that you either specify the default Veracode user role in the SAML attributes or the SAML assertion data. If you do not set a default user role, the user cannot log in.

  6. Click Save.