About Application Security user authentication

By default, when a user logs on to Application Security or uses one of the OpenText Application Security Tools to upload Fortify project results (FPR) files, Application Security uses its database to authenticate the user, and then binds the authenticated user to the user's assigned user role (Administrator, Security Lead, Developer, and so on).

Database‑only authentication imposes a separate administrative process for creating and managing Application Security user accounts and roles. You can augment the Application Security default database‑only authentication using LDAP or a SCIM 2.0 API client. For Information about LDAP user authentication, see LDAP user authentication. For Information about SCIM 2.0 user provisioning, see Implementation of SCIM 2.0 protocol.