Summary
Document how to add users to DefectDojo and explore SSO integration options.
Current State
- Only admin user exists
- Each developer could have their own account to view findings for their products
- No SSO configured
Tasks
User Roles in DefectDojo
- Superuser: Full admin access
- Staff: Can manage products/engagements
- Reader: Can view findings (good for developers)
SSO Options
- DefectDojo supports SAML
- Could integrate with GitHub, Okta, Google Workspace
Summary
Document how to add users to DefectDojo and explore SSO integration options.
Current State
Tasks
User Roles in DefectDojo
SSO Options