Google

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Google to help you create an easy and centralized way to log in to Crowdcontrol. This section provides the steps to configure Google.

Specific Role Required to Configure SSO: To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.

Adding Bugcrowd to Your Google SSO Portal

  1. Log in to your Google SSO Portal account.

  2. Go to the Admin Console page and click the three bar drop down menu on the upper left corner.

    admin-console

  3. Click Apps.

    apps

  4. Click SAML apps.

    saml-apps

    The SAML Apps page is displayed.

  5. Click on the blue plus icon in the bottom right corner as shown.

    apps-page

    The Enable SSO for SAML Application pop-up window is displayed.

  6. Click SETUP MY OWN CUSTOM APP at the bottom of the window.

    custom-app

  7. Make a note of the SSO URL and Entity ID. Download the Certificate.

    SSO URL entity

Adding SAML Information into Bugcrowd

  1. In Crowdcontrol, click your profile.

    profile-click

  2. Click Authentication.

    authentication

  3. Click Single Sign-on (SSO).

    SSO

  4. Specify the following SAML information from Google into the Crowdcontrol SAML settings:

    • IdP Entity ID: Copy and pase the SP Entity ID.
    • IdP SSO Target URL: Copy and paste the SSO URL.
    • IdP Certificate: Copy and paste the certificate contents. saml-info

    When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.

    Next step is to transfer the Crowdcontrol SSO configuration information into Google. To do this, make a note of the SP Entity ID and the Single Sign On URL. sp-entity-sso-url

    Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

Adding SAML Information into Google

  1. Go back to SAML Google set up window (last step in the first section).

  2. Click NEXT to continue the process.

    google-idp-info

    The Basic Information for your Custom App page is displayed.

  3. In Application Name, specify Bugcrowd and click NEXT.

    custom-app-basic

    The Service Provider Details page is displayed.

  4. Provide the Crowdcontrol SSO configuration information that you had made a note:

    • ACS URL: Paste the Single Sign On URL.
    • Entity ID: Paste the Entity ID.

    Click NEXT.

    acs-url-entity-id

  5. Set the Bugcrowd SAML app to On for everyone on the right side of the SAML Apps page.

    on-for-everyone

    Domain verification is required for SSO to function properly.

Verifying Domain

All domains must be verified by Bugcrowd. You will not be able to login until the email address domains are verified.

  1. In Crowdcontrol, click your profile and then click Domains.

    domains

    The Domain Verification page is displayed.

  2. Specify the domain and click ADD DOMAIN.

    add-domain

    A verification code is displayed.

  3. Add a TXT record at the domain’s root with this code.

    unverified-domain

    DNS verification may take up to 24 hours to succeed.

    For information about adding a TXT record, consult your DNS provider. For any additional help verifying domains, send an email to support@bugcrowd.com.


Onboarding
Account Management
Program Management
Reporting
Submission Management
Integration Management