Manage Security Labs users
Your organization accesses Security Labs either from the Veracode Platform account or a standalone Security Labs account.
Manage users from the Veracode Platform
Manage users from a stand-alone application
Manage users from the Veracode Platform
To access the administration options, in the top-right corner of the Veracode Platform, select the gear icon 
, and then select Admin.
Before giving a user access to Security Labs, ensure the user has a Veracode user account. If your organization uses a standalone Security Labs account, see manage users and teams from Security Labs.
Security Labs administration
There are four types of administrative roles for Security Labs:
-
Security Labs Administrator
The Security Labs Administrator manages all learning activities for Security Labs users. A Security Labs Administrator can perform the following activities:
- Manage campaigns
- Customize labs
- Use Security Labs reporting
A Security Labs Administrator cannot manage users and teams.
-
Administrator
An administrator manages the Veracode platform. In addition to having all the privileges of the Security Labs Administrator role, a user with the Administrator role manages all users and teams in the Veracode Platform, including Security Labs users. An Administrator can add and remove users and teams from the Veracode Platform. The Administrator role includes the privileges of the Security Labs Administrator, Team Admin, and Security Labs Manager roles.
When Veracode creates an administration account, the Administrator receives an email invitation from Veracode to sign in to the Veracode Platform and create a password. If you are the Administrator, after you set up your Administrator account, you can create other users in Security Labs. -
Security Labs Manager
A user with the Security Labs Manager role manages learning activities, such as assigning campaigns and reviewing user progress, for users on their teams. A Security Labs Manager cannot manage users and teams.
-
Team Admin
A Team Admin in the Veracode Platform manages users and learning for assigned teams. In addition to having all the privileges of the Security Labs Manager role, a user with the Team Admin role can add or remove users from their teams. A Team Admin must be a part of the team they manage.
Access Security Labs
To access Security Labs, from the Security Training menu, select Security Labs.
If you are the Administrator or Team Admin, you manage users from the Administration section.
To access administration, in the Veracode Platform, at the top-right corner, select the gear icon , and then select Admin.
Security Labs teams
In the Veracode Platform, Teams grant users access to applications. In Security Labs, Teams categorize learners based on their skills or their area of expertise. A Security Labs User is a part of one or more teams.
- An Administrator can create and delete teams, and add or remove users from any team.
- A Team Admin can add or remove users from their teams.
- A Security Labs Administrator or Security Labs Manager cannot manage teams or users.
Add a user to Security Labs
An Administrator can add users to Security Labs.
To complete this task:
-
In the Veracode Platform, at the top-right corner, select the gear icon
, and then select Admin. The Administration page opens. -
Select Users. You see a list of Veracode users.
-
Select the user that you want to add to Security Labs. The Edit User page opens. To create a new user in the Veracode Platform, see Create a user in the Veracode Platform.
-
Under Access Settings, select the teams and roles for the user as follows:
-
Under Team Memberships, select Select Teams to choose one or more Security Labs teams to add the user to.
-
Under User Roles, select one or more of the following roles for the user:
- Security Labs User
- Security Labs Manager
- Security Labs Administrator
- Team Admin
-
-
Select Save.
After you add a user to Security Labs, they can access Security Labs from the Security Training menu in the Veracode Platform. Security Labs Administrators can use the Administration section on Veracode Platform to manage users and other tasks.
Manage existing users
An Administrator can remove Security Labs access for users, disable their login, or change their Security Labs role.
To complete this task:
- In the Veracode Platform, at the top-right corner, select the gear icon , and then select Admin. The Administration page opens.
- Select Users. You see a list of Veracode users.
- Use Filter by to filter the user or users that you want to edit.
- Locate and select the user that you want to manage.
- To disable login for the user, under User Settings, set Login Enabled to No. When you disable login, the user cannot access any Veracode Products. If you want to remove access to Security Labs only, remove the Security Labs user role for the user.
- To change roles for the user, in Access Settings, under User Roles, select one or more roles you want to add or remove for the user. To remove a Security Labs user, uncheck the Security Labs User role for the user. When you remove a Security Labs user, you free a license. The license count depends on the number of users who have the Security Labs User role assigned.
- Select Save.
In the Veracode Platform, if a user is deleted and then recreated, the user progress is reset to zero.
Manage teams for Security Labs
Only an Administrator can create, edit and manage teams.
The process to create, edit and delete a team for Security Labs is the same as for every other team in the Veracode Platform:
Manage users from Security Labs
The Security Labs application is available at https://securitylabs.veracode.com/security-labs/
To access the administration options, in the top-right corner of the Security Labs application, select the down arrow 
next to your profile name.
In Security Labs, you can create users in one of the following ways:
If your organization accesses Security Labs from the Veracode Platform account, see manage users and teams from the Veracode Platform.
Teams are used to categorize learners based on their skills or their area of expertise. You assign one or more teams to a user.
Create users individually
- At the top-right of a Security Labs page, select your username to open the main menu.
- Select All users. The All users page opens.
- Under Add new users, select Add user manually.
- Enter the name and email ID of the user. Also select the one or more teams for the user.
- If you want the user to be an administrator, select the Admin checkbox.
- Select .
- Perform steps 3 to 6 to create additional users.
- To include additional information in the email invitation that will be sent to the users, enter the information under Include an additional message. If you want this additional information to always appear when anyone with the Administrator role creates users, select the Save this message checkbox.
- After creating the required users, select Add users. An invitation is sent to the users to join Security Labs as learner. After each user accepts the invitation, the user appears under Add Users.
Use the SSO SAML gateway
You can use the SSO SAML gateway of your organization to create Security Labs users automatically. Any user who makes an authenticated SSO login request from an email address with a matching domain automatically registers and joins your account. The default team assigned to the user who logs in using SSO is Developer.
Configure Security Labs with SSO SAML
To use the SSO SAML gateway of your organization to create users, configure Security Labs with SSO SAML. Request a standalone account with SSO access from Veracode Technical Support. Once you request SSO access, you can directly associate Security Labs to the SAML gateway of your organization.
To complete this task:
- At the top-right of a Security Labs page, select your username to open the main menu.
- Select Organization Settings.
- Under Organization Settings, in Organization Domain(s), add the top-level domains for your organization.
- Scroll down to the SAML settings section.
- If you want to force all non-administrator users to sign in using SAML, select Enforce SAML.
- In Entrypoint URL, enter the login URL specified in your IdP configuration. If you use Azure Entra, copy the content from Login URL specified in your Veracode SSO integration.
- In SAML Certificate, enter the Base64-encoded SAML certificate data you received when you configured your IdP. Ensure you retain the beginning and end of the certificate and remove any spaces from the certificate string.
- Select Save changes. If you need assistance, contact Veracode Technical Support.
Bulk upload users
You can bulk upload a maximum of 100 new users who will be assigned the same team or different teams. You enter the user details in a CSV file and upload them.
To complete this task:
-
At the top-right of a Security Labs page, select your username to open the main menu.
-
Select All users. The All users page is displayed.
-
Under Add new users, select Bulk upload via CSV. The Bulk Invite new users box is displayed.
-
To upload users who will be assigned the same team, select Select the teams to apply to all your users. To upload users who will be assigned to different teams, select Assign teams in your CSV to individual users. Depending on what you select, the format for the CSV file will differ. Ensure that the user details in your CSV file are entered as per the format.
Format of CSV file where all users have the same role:
Email, Name, Admin
[email protected], First User, true
[email protected], Second User, falseFormat of CSV file where users have the different role:
Email, Name, Admin, Team, Team
[email protected], First User, true, Team 1, Team 2
[email protected], Second User, false, Team 3, -
Select Upload, and select the CSV file to upload. The users in the CSV file are displayed under List of users to be added.
-
In the list of users, select to edit the details of the user or delete the user. To provide admin privileges, select the checkbox under Admin.
-
To include additional information in the email invitation that will be sent to the users, enter the information under Include an additional message. If you want this additional information to always appear when anyone with the Administrator role creates users, select the Save this message checkbox.
-
After creating the required users, select Add users. An invitation is sent to the users to join Security Labs as learners. After each user accepts the invitation, the user appears under Add Users.
Uninvite users to Security Labs
After you add users to Security Labs, an invitation is sent to the users to become a learner in Security Labs. An invited user is officially added to the list of Security Labs users only after the user accepts the Security Labs invite. You can uninvite the user from Security Labs before they accept the invitation.
To complete this task:
- At the top-right of a Security Labs page, select your username to open the main menu.
- Select All users. The All users page is displayed.
- Scroll down to the Pending invitations section. Select the Uninvite button for the user that you want to uninvite.
Manage existing Security Labs users
You can perform one of the following actions for an existing user:
- Edit details
- Provide or remove admin privileges
- Delete the user
- Remove the user
To complete this task:
- At the top-right of a Security Labs page, select your username to open the main menu.
- Select All users. The All users page is displayed.
- Depending on the action that you want to perform, select the appropriate button for the selected user in the list.
Create a Security Labs team
-
In the top-right of a Security Labs page, select your username to open the main menu.
-
Select Assign Teams.
-
At the top of the Edit user teams page, enter the new role name.
-
Select the following options if required:
- Make team visible to users: The role will be listed separately on its own scoreboard.
- Add to default teams: The role will be assigned to all new users.
-
Select Create new team.
Edit or delete a Security Labs team
-
At the top-right of a Security Labs page, select your username to open the main menu.
-
Select Assign Teams. The Current roles section of the page lists the available roles.
-
You can edit a team in the following ways:
- Select the pencil icon next to a team name to rename the role.
- Select the trash icon next to the team name to delete the role.
- Select the Assign to users button for a team to assign it to one or more users.
- Select the Make publicly visible or Hide team from users button to manage the visibility of the role.
- Select the Add to default teams or Remove from defaults to manage the default assignment of the role to users.