Mend Platform - SAML - Knowledge Article
Single Sign-On (SSO) using SAML (Security Assertion Markup Language) is a powerful way to streamline user authentication and access control across the Mend Platform. This section provides comprehensive guidance for IT administrators and DevSecOps professionals looking to configure and manage secure user access through SAML, including support for both Mend Platform and Mend Legacy SCA environments.
Why Use SAML with Mend?
Implementing SAML integration enables:
Centralized identity management across all Mend products
Automated user provisioning via SAML attributes
Role-Based Access Control (RBAC) at scale, aligned with enterprise policies
Improved security through federated authentication
By combining SAML with Mend’s flexible role/group architecture, organizations can enforce least-privilege principles, control visibility of scan data, and maintain compliance with internal security standards.
What This Section Covers
This documentation hub provides step-by-step instructions for:
Mapping SAML groups to Mend roles across organizations and applications
Configuring Global Account-level SAML attributes
Managing role scope and permissions in Mend Platform vs. Mend Legacy SCA
Manually or programmatically assigning users and groups to access roles
Advanced options for automatically restricting access to new scan-generated projects
Whether you’re using Okta, Azure AD, or another Identity Provider (IdP), you’ll find both visual walkthroughs and API-based automation guidance here.