Skip to main content

Service provider initiated SAML authentication

With service provider (SP) initiated SAML, you can sign in to the Veracode Platform using just your email address. You do not need to provide a password or sign in through an IDP.

Additionally, deep links to the Veracode Platform, such as links to scan results that appear in emails from Veracode, now bring you to the specified page in the Veracode Platform. Previously, for SAML accounts, deep links only worked if you were already signed in to the Veracode Platform.

To enable SP-initiated SAML, contact your Veracode customer success manager. Your organization must use single sign-on (SSO).

Turn on SP-initiated SAML

After Veracode has set up SP-initiated SAML, you can turn it on for your organization in the Veracode Platform.

Before you begin

  • Ensure Veracode has enabled SP-initiated SAML for your organization account.
  • Have the Administrator role.

To complete this task:

  1. Select the gear icon in the upper-right corner of the Veracode Platform and select Admin.
  2. On the SAML Certificate tab, in the Service Provider Initiated SAML section, switch the toggle to On. Veracode prepopulates the read-only Domain Match Filter and IDP Login URL fields.
  3. Select Confirm.

To sign in to the Veracode Platform, SAML users only need to enter their username on the Sign in page.

If a SAML account and a non-SAML account use the same email address, the Sign in page requires a username and password.