Note: Veracode recommends the new Single Sign-on and Just-In-Time Provisioning feature for new accounts. If you are using the new feature, see Configure a User for SAML Access.
Using SAML authentication requires that a user account has a user record in the Veracode Platform.
Note: When you set the login type in the Veracode Platform to SAML, you cannot change it back to the password login type.
To complete this task:
- Create a new user or update an existing user using the Administration page in the Veracode Platform, or the Identity API.
- Select SAML in the Login Type field, or set the
saml_user
property totrue
for the Identity API. - Set the SAML Subject field (
saml_subject
in the Identity API) to the value that the SAML assertion passed in to identify the user. This value is usually the user email address or corporate login ID. - When creating a new user, you can also set the user roles and allowed scan types.
Note: If you set a SAML assertion for a user who has the Team Admin role, you must also set the teamsmanaged
attribute.