Managing Teams

Veracode Administration

You can use a team to grant users access to applications. You can assign an application to a team when you create the application profile or when viewing details of the application. Administrators can assign users to teams to access applications. If you are a Team administrator you can only manage users who belong to your team.

As a team administrator, you can only edit team members who are not team administrators.

Note: Team membership affects only users with the Submitter and Reviewer roles. Security Leads and Executives can see applications across all teams. Administrators have limited access to all applications, for instance to assign the application to teams.

From the Administration page, you can create new teams, manage existing teams, or remove teams.



Creating a Team

You can also create a team with the Veracode Identity APIs.

To create a team from the Administration page of your organization:

  1. Click the Teams tab.
  2. Click Add New Team. The Add/Edit Team window opens.
  3. Enter the team name.
  4. You can assign users to the team by selecting the users you want to add in the left list, and clicking the > button.
    Note: You can also search and filter for the users.
  5. Click Save to save your changes.

Updating a Team

You can also update a team with the Veracode Identity APIs.

To make changes to an existing team:

  1. Click the Teams tab.
  2. Select the team from the All Teams list.
    Note: You can search for the team by name using the Search field.
  3. Click the pencil icon.
  4. Edit the team name or the list of team members.
  5. Click Apply to save your changes.

Deleting a Team

You may delete a team that has no applications associated with it.

You can also delete a team with the Veracode Identity APIs.

To remove a team:

  1. Find the team in the All Teams list.
  2. Click the Delete Team icon to the left of the team name to remove the team from your account.
Note: If the team has applications associated with it, the Delete Team button is unavailable. You can use the Applications list to find the applications associated with the team and edit the application profiles to remove them from the team.

Managing Teams as a Team Administrator

If you have the Team Admin role, you cannot create teams, but you can manage the users in your team.

Team administrators can access the Users and Teams tabs on the Administration page. Team administrators can view only those users on the teams that they manage.

Team administrators can assign these roles to members of their teams:

  • Creator
  • Delete Scans
  • Mitigation Approver
  • Policy Administrator
  • Reviewer
  • Sandbox Administrator
  • Sandbox User
  • Security Insights
  • Submitter
  • Vendor Manager
  • Workspace Editor

Team administrators can create and manage API service accounts with these roles:

  • Greenlight API User
  • Mitigation API
  • Results API
  • Upload and Scan API
  • Upload API - Submit Only

Team Access to APIs

When you set the visibility of an application to Teams & Security Leads, a user account with the Reviewer, Creator, or Submitter user role must be a member of the specified team to be able to access that application using the APIs.