Service provider-initiated SAML authentication

With service provider (SP)-initiated SAML, you can sign in to the Veracode Platform using just your email address. You do not need to provide a password or sign in through an identity provider (IdP).

Additionally, deep links to the Veracode Platform, such as links to scan results that appear in emails from Veracode, now bring you to the specified page in the Veracode Platform. Previously, for SAML accounts, deep links only worked if you were already signed in to the Veracode Platform.

To enable SP-initiated SAML, contact Veracode Technical Support. Your organization must use single sign-on (SSO).

Turn on SP-initiated SAML

After Veracode has set up SP-initiated SAML, you can turn it on for your organization in the Veracode Platform.

Before you begin:

• Have the Administrator role.

• Ensure that Veracode Technical Support has enabled SP-initiated SAML for your organization account.

• To map multiple domains to the same identity provider (IdP), ask Veracode Technical Support to add your domains to the Domain Filter field and your IdP sign-in URL to the IDP Login URL field.

  note

  • Before Veracode can update the Domain Filter and IDP Login URL fields, SP-initiated SAML must be turned off.
  • The Domain Filter field accepts multiple domains separated by commas, but the IDP Login URL field only accepts one URL.

To complete this task:

1. Select the gear icon in the upper-right corner of the Veracode Platform and select Admin.
2. Select the SAML Certificate tab.
3. To turn on SP-initiated SAML, turn on the toggle under Service Provider Initiated SAML.
4. Select Confirm.

To sign in to the Veracode Platform, SAML users only need to enter their username on the Sign in page.

If a SAML account and a non-SAML account use the same email address, the Sign in page requires a username and password.