- Adding Bugcrowd to Your Google SSO Portal
- Adding SAML Information into Bugcrowd
- Adding SAML Information into Google
- Verifying Domain
Specific Role Required to Configure SSO: To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.
Adding Bugcrowd to Your Google SSO Portal
Log in to your Google SSO Portal account.
Go to the Admin Console page and click the three bar drop down menu on the upper left corner.
Click SAML apps.
The SAML Apps page is displayed.
Click on the blue plus icon in the bottom right corner as shown.
The Enable SSO for SAML Application pop-up window is displayed.
Click SETUP MY OWN CUSTOM APP at the bottom of the window.
Make a note of the SSO URL and Entity ID. Download the Certificate.
Adding SAML Information into Bugcrowd
In Crowdcontrol, click your profile.
Click Single Sign-on (SSO).
Specify the following SAML information from Google into the Crowdcontrol SAML settings:
- IdP Entity ID: Copy and pase the SP Entity ID.
- IdP SSO Target URL: Copy and paste the SSO URL.
- IdP Certificate: Copy and paste the certificate contents.
When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.
Next step is to transfer the Crowdcontrol SSO configuration information into Google. To do this, make a note of the SP Entity ID and the Single Sign On URL.
Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.
Adding SAML Information into Google
Go back to SAML Google set up window (last step in the first section).
Click NEXT to continue the process.
The Basic Information for your Custom App page is displayed.
In Application Name, specify Bugcrowd and click NEXT.
The Service Provider Details page is displayed.
Provide the Crowdcontrol SSO configuration information that you had made a note:
- ACS URL: Paste the Single Sign On URL.
- Entity ID: Paste the Entity ID.
Set the Bugcrowd SAML app to On for everyone on the right side of the SAML Apps page.
Domain verification is required for SSO to function properly.
All domains must be verified by Bugcrowd. You will not be able to login until the email address domains are verified.
In Crowdcontrol, click your profile and then click Domains.
The Domain Verification page is displayed.
Specify the domain and click ADD DOMAIN.
A verification code is displayed.
Add a TXT record at the domain’s root with this code.
DNS verification may take up to 24 hours to succeed.
For information about adding a TXT record, consult your DNS provider. For any additional help verifying domains, send an email to firstname.lastname@example.org.