Google

• Step 1: Get Google Identity Provider (IdP) Information
• Step 2: Set up Bugcrowd as a SAML Service Provider (SP)
  • Accessing SAML Information in Bugcrowd
• Step 3: Update Bugcrowd SSO Configuration in Google Admin Console
• Step 4: Enable the Bugcrowd app in Google Admin Console

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Google to help you create an easy and centralized way to log in to Crowdcontrol. This section provides the steps to configure Google.

Specific Role Required to Configure SSO: To configure SSO for your Security program, you must be an Organization Owner. Organization Owners can log in using Username and Password.

Step 1: Get Google Identity Provider (IdP) Information

1. Log in to the Google Admin page for your Google Workspace.

2. Go to Google Admin Portal page, and click the three bar drop down menu in the upper left corner. Click on Apps and select Web and mobile apps.

   

3. Click Add app and select Add custom SAML app.

   

   The App details page is displayed.

4. In the App name field, enter Bugcrowd and add the logo.

   

5. Click Continue.

6. Google Identity Provider Details page is displayed. Make a note of the SSO URL and Entity ID fields. Download or copy the Certificate. This information is required to map your Google account to Crowdcontrol.

   

7. Click continue and leave the Admin console open. You’ll continue with the configuration wizard after performing the next step in Bugcrowd.

   

Step 2: Set up Bugcrowd as a SAML Service Provider (SP)

Accessing SAML Information in Bugcrowd

1. Sign into Bugcrowd as an Organization Owner, and click on Organization and then navigate to Settings.

2. Click Authentication.

   

3. Click Single Sign-on (SSO).

   

   The SSO Configuration for Organization is displayed.

4. Scroll to the SAML Settings section.

   

5. Specify the following SAML information that you had made a note from Google:

   • IdP Entity ID: Paste the Entity ID from Google.
   • IdP SSO Target URL: Paste the SSO URL from Google.
   • IdP Certificate: Paste the complete certificate contents from Google.

   

   When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.

   Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

Step 3: Update Bugcrowd SSO Configuration in Google Admin Console

1. Scroll to Single Sign-On Settings section.

2. Make note of the SP Entity ID and Single sign on URL fields. You will need them when you return to the Google Admin console.

   

3. Return to the Google Admin console browser tab.

4. On the Google Identity Provider details page, click Continue.

5. On the Service provider details page, update the values from Bugcrowd.

   • ACS URL: Paste the Single Sign On URL.
   • Entity ID: Paste the SP Entity ID.

6. Click Continue.

   

Step 4: Enable the Bugcrowd app in Google Admin Console

1. In the Admin console, go to Menu.

2. Click on Apps, and then select Web and mobile apps.

3. Select Bugcrowd.

   

4. Click User access and then select View details.

   

5. To turn the service on for your organization, click On for everyone.

6. Click Save.

   

   Domain verification is required for SSO to function properly. For more information, see verifying domain.

---