Google

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Google to help you create an easy and centralized way to log in to Crowdcontrol. This section provides the steps to configure Google.

Specific Role Required to Configure SSO: To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.

Adding Bugcrowd to Your Google SSO Portal

  1. Log in to your Google SSO Portal account.

  2. Go to the Admin Console page and click the three bar drop down menu on the upper left corner.

    admin-console

  3. Click Apps.

    apps

  4. Click SAML apps.

    saml-apps

    The SAML Apps page is displayed.

  5. Click on the blue plus icon in the bottom right corner as shown.

    apps-page

    The Enable SSO for SAML Application pop-up window is displayed.

  6. Click SETUP MY OWN CUSTOM APP at the bottom of the window.

    custom-app

  7. Make a note of the SSO URL and Entity ID. Download the Certificate.

    SSO URL entity

    This information is required to map your Google account to Crowdcontrol.

  8. Click NEXT to continue the process.

    google-idp-info

    The Basic Information for your Custom App page is displayed.

  9. In Application Name, specify Bugcrowd and click NEXT.

    custom-app-basic

    The Service Provider Details page is displayed.

  10. Provide the SSO configuration information from Bugcrowd (Settings > Authentication > Single Sign-on (SSO)):

    • ACS URL: Paste the Single Sign On URL.
    • Entity ID: Paste the SP Entity ID.

    Click NEXT.

    acs-url-entity-id

  11. Set the Bugcrowd SAML app to On for everyone on the right side of the SAML Apps page.

    on-for-everyone

Mapping Google to Crowdcontrol

  1. Navigate to the Single Sign-On screen in Crowdcontrol and scroll to the SAML Settings section.

  2. Specify the following SAML information that you had made a note from Google:

    • IdP Entity ID: Paste the Entity ID from Google.
    • IdP SSO Target URL: Paste the SSO URL from Google.
    • IdP Certificate: Paste the complete certificate contents from Google.

    saml-info

    When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.

    Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

    Domain verification is required for SSO to function properly. For more information, see verifying domain.


Onboarding
Account Management
Security Program Management
Engagement Management
Reporting
Submission Management
Integration Management