Google

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Google to help you create an easy and centralized way to log in to Crowdcontrol. This section provides the steps to configure Google.

• Adding Bugcrowd to Your Google SSO Portal
• Adding SAML Information into Bugcrowd
• Adding SAML Information into Google
• Verifying Domain

Specific Role Required to Configure SSO: To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.

Adding Bugcrowd to Your Google SSO Portal

1. Log in to your Google SSO Portal account.

2. Go to the Admin Console page and click the three bar drop down menu on the upper left corner.

   

3. Click Apps.

   

4. Click SAML apps.

   

   The SAML Apps page is displayed.

5. Click on the blue plus icon in the bottom right corner as shown.

   

   The Enable SSO for SAML Application pop-up window is displayed.

6. Click SETUP MY OWN CUSTOM APP at the bottom of the window.

   

7. Make a note of the SSO URL and Entity ID. Download the Certificate.

   

Adding SAML Information into Bugcrowd

1. In Crowdcontrol, click Settings and then click Authentication.

   

2. Click Single Sign-on (SSO).

   

   The SSO Configuration for Demo Organization is displayed.

3. Specify the following SAML information from Google into the Crowdcontrol SAML settings:

   • IdP Entity ID: Copy and pase the SP Entity ID.
   • IdP SSO Target URL: Copy and paste the SSO URL.
   • IdP Certificate: Copy and paste the certificate contents.

   When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.

   Next step is to transfer the Crowdcontrol SSO configuration information into Google. To do this, make a note of the SP Entity ID and the Single Sign On URL.

   Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

Adding SAML Information into Google

1. Go back to SAML Google set up window (last step in the first section).

2. Click NEXT to continue the process.

   

   The Basic Information for your Custom App page is displayed.

3. In Application Name, specify Bugcrowd and click NEXT.

   

   The Service Provider Details page is displayed.

4. Provide the Crowdcontrol SSO configuration information that you had made a note:

   • ACS URL: Paste the Single Sign On URL.
   • Entity ID: Paste the Entity ID.

   Click NEXT.

   

5. Set the Bugcrowd SAML app to On for everyone on the right side of the SAML Apps page.

   

   Domain verification is required for SSO to function properly.

Verifying Domain

All domains must be verified by Bugcrowd. You will not be able to login until the email address domains are verified.

1. In Crowdcontrol, go to Settings and then click Domains.

   

   The Domain verification page is displayed.

2. Specify the domain and click Add Domain.

   

   A verification code is displayed.

3. Add a TXT record at the domain’s root with this code.

   

   DNS verification may take up to 24 hours to succeed.

   For information about adding a TXT record, consult your DNS provider. For any additional help verifying domains, send an email to support@bugcrowd.com.

---