Title here
Summary here
Set System-Wide Notifications
DefectDojo has two different kinds of notifications: Personal (sent to a single account) and System (which are sent to all users).
Both an accountโs Personal Notifications and the global System Notifications can be configured from the same page: โ๏ธConfiguration > Notifications in the sidebar.
Configure System notifications (Classic UI)
You will need Superuser access to change System-wide notifications.
- Start from the Notifications page (โ๏ธ Configuration > Notifications in the sidebar).
- From the Scope drop down menu, you can select which set of notifications you wish to edit.
- Select System Notifications.
- Check the notification delivery method which you wish to use for each type of notification. You can select more than one.
To set destinations for system wide email notifications (Email, Slack or MS Teams), see our Guide.
Template Notifications
Superusers also have access to a “Template” form. The Template Form allows you to set the default Personal Notifications that are enabled for any new user.
Where System Notifications Are Sent
System notifications will be sent to:
- the single email address specified in System Settings (if enabled)
- any DefectDojo users with accounts and appropriate RBAC permissions
- the System-wide Slack or Teams account.
As with any notification in DefectDojo, System Notifications will only be sent to users that have access to the relevant data. So even if Product Notifications are set up System-Wide, users will only receive notifications for the Products that they have access to view.
This restriction does not apply to System Notifications that are sent to a specific Email or Slack channel.
See our guide on Role-Based Access Control for more information on RBAC and setting permissions.
However, the connected System Email, Slack and Teams accounts cannot apply RBAC as they are not associated with a specific DefectDojo user. All selected system-wide notifications will be sent to these locations, so you should ensure that these channels can only be accessed by specific people in your organization.