GraphNode
Docs/Integrations

Integrations

GraphNode integrates with your existing development ecosystem including source control providers, CI/CD pipelines, issue trackers, IDEs, and identity providers to embed security seamlessly into your workflow.

Repository Integrations

GraphNode connects to your source control provider to pull code for analysis. All connections are read-only -- GraphNode never writes to or modifies your repositories. Code is fetched securely and analyzed within your infrastructure.

GitHubCloud & EnterpriseOAuth / Personal Access TokenGitLabCloud & Self-hostedPersonal Access TokenAzure DevOpsOrganization / Project / RepoPersonal Access TokenBitbucketCloud & ServerApp Password / OAuthSVN (Subversion)svn:// and https:// protocolsUsername / PasswordGraphNodeRead-only code access

GitHub (Cloud & Enterprise)

Authenticate using OAuth or a Personal Access Token (PAT). After connecting, select the organization and repositories you want to scan. GraphNode reads source code from specified branches for analysis.

Read-only access -- no write permissions required.

GitLab (Cloud & Self-hosted)

Authenticate using a Personal Access Token. Provide your GitLab instance URL (for self-hosted), then select from available groups and projects. GraphNode pulls source code for analysis.

Read-only access -- no write permissions required.

Azure DevOps

Authenticate using a Personal Access Token. Configure organization URL, then navigate the project and repository hierarchy to select scan targets. Supports Azure Repos (Git).

Read-only access -- no write permissions required.

Bitbucket (Cloud & Server)

Authenticate using an App Password or OAuth. Select from available workspaces and repositories. Both Bitbucket Cloud and Bitbucket Server (self-hosted) deployments are supported.

Read-only access -- no write permissions required.

SVN (Subversion)

Authenticate using username and password. Provide the repository URL using either svn:// or https:// protocol. GraphNode checks out the specified path for analysis.

Read-only access -- no write permissions required.

Tip: Read-Only Access

All repository integrations operate in read-only mode. GraphNode fetches source code for analysis but never pushes commits, opens pull requests, or modifies your repositories in any way. Scan results and findings are stored entirely within the GraphNode platform.

CI/CD Systems

Embed GraphNode security scans directly into your build and deployment pipelines. Scans can be configured to gate deployments, failing the build when critical vulnerabilities are detected.

Code CommitBuildGraphNode ScanSAST & SCA Analysisvia API / PluginQuality GateDeploy

Jenkins

Plugin available for triggering scans as part of your build pipeline. Configure the GraphNode server URL, API credentials, and project ID in Jenkins job configuration. Scan results can gate the build -- fail the job if critical vulnerabilities are found above your defined threshold.

Azure Pipelines

Task extension for Azure DevOps Pipelines. Add the GraphNode scan task to your YAML pipeline definition. The task communicates with your GraphNode server to initiate analysis and retrieves results for quality gate evaluation.

Bamboo

Plugin for Atlassian Bamboo. Configuration follows the same pattern as Jenkins: specify the GraphNode server URL, API credentials, and target project. Integrates natively with Bamboo build plans and deployment projects.

GitHub Actions

Use the GraphNode REST API to trigger scans directly from GitHub Actions workflows. Create a workflow step that calls the scan API endpoint, polls for completion, and evaluates results against your quality gate thresholds.

Note: All CI/CD integrations require an API key for authentication. Generate API keys in the GraphNode Administration panel under API Key Management.

Issue Tracking

GraphNode can automatically create tickets in your issue tracking system when vulnerabilities are detected, ensuring findings are tracked through your existing remediation workflow.

Jira Integration

Automatically create Jira tickets for detected vulnerabilities. Configure the connection with your Jira Server URL, project key, issue type, and priority mapping. Two-way sync ensures that ticket status updates in Jira are reflected back in GraphNode.

Configuration

Jira Server URLYour Jira instance URL (e.g., https://company.atlassian.net)
Project KeyTarget Jira project for vulnerability tickets
Issue TypeBug, Task, Story, or custom issue type
AuthenticationAPI token or username/password credentials

Severity-to-Priority Mapping

GraphNode SeverityJira Priority
CriticalHighest
HighHigh
MediumMedium
LowLow

Tip: Two-Way Sync

When a Jira ticket is resolved or closed, GraphNode automatically updates the corresponding vulnerability status. This keeps your security dashboard in sync with your development team's remediation progress.

IDE Plugins

GraphNode Developer Edition provides real-time security analysis directly in the IDE. These are not lightweight linters -- they run the same full SAST analysis engine as the enterprise server, giving developers immediate feedback on security vulnerabilities as they write code.

UserController.java - GraphNode IDE Plugin141516171819202122232425publicStringgetUser(StringuserId) {// Build SQL query from user inputStringquery="SELECT * FROM users WHERE id="+userId;ResultSetrs=stmt.executeQuery(query);if(rs.next()) {returnrs.getString("name");}return"Not found";}FINDINGS2HIGHSQL InjectionLine 16: Unsanitized input in queryCRITICALTainted Data to SinkLine 17: executeQuery with user dataDATA FLOWSource: userId (param)Propagation: query (concat)Sink: executeQuery(query)

IntelliJ IDEA Plugin (Java)

Full SAST engine running locally within IntelliJ IDEA. Provides inline vulnerability markers directly in the editor, data flow visualization showing taint propagation from source to sink, and one-click remediation suggestions for common vulnerability patterns.

Eclipse Plugin (Java)

Same full analysis capabilities as the IntelliJ plugin, with native Eclipse integration. Inline vulnerability markers, data flow visualization, and remediation suggestions are integrated into the Eclipse IDE workflow.

Visual Studio Extension (C#)

Full C# security analysis engine running within Visual Studio. Provides inline findings in the editor with the same depth of analysis as the enterprise server, including data flow tracking and remediation guidance.

Important: GraphNode IDE plugins are not lightweight linters. They run the same full SAST analysis engine used by the enterprise server, providing identical detection capabilities directly in the developer's environment.

SSO & Authentication

GraphNode supports enterprise authentication providers to integrate with your organization's identity infrastructure. Users can authenticate through your existing SSO provider without needing separate credentials.

SAML 2.0 SSO

Enterprise single sign-on via identity providers including Okta, Azure AD, OneLogin, and other SAML 2.0 compatible IdPs. Users authenticate through your IdP and are automatically provisioned in GraphNode.

Active Directory / LDAP

Direct Active Directory or LDAP integration for user authentication. Configure your AD/LDAP server connection, base DN, and user/group filters to sync users and their organizational roles.

Multi-Factor Authentication

Additional security layer for user accounts. MFA can be enforced organization-wide or per role, supporting time-based one-time passwords (TOTP) for added protection against credential compromise.

API Key Authentication

For CI/CD pipeline and automation access. Generate API keys with scoped permissions from the Administration panel. Keys can be revoked individually and have configurable expiration dates.

Next Steps

Administration: License, notifications, and security settings Projects and Scanning: Create projects and run your first scan Audit and Triage: Review and manage vulnerability findings