Google

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Google to help you create an easy and centralized way to log in to Crowdcontrol. This section provides the steps to configure Google.

• Adding Bugcrowd to Your Google SSO Portal
• Mapping Google to Crowdcontrol

Specific Role Required to Configure SSO: To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.

Adding Bugcrowd to Your Google SSO Portal

1. Log in to your Google SSO Portal account.

2. Go to the Admin Console page and click the three bar drop down menu on the upper left corner.

   

3. Click Apps.

   

4. Click SAML apps.

   

   The SAML Apps page is displayed.

5. Click on the blue plus icon in the bottom right corner as shown.

   

   The Enable SSO for SAML Application pop-up window is displayed.

6. Click SETUP MY OWN CUSTOM APP at the bottom of the window.

   

7. Make a note of the SSO URL and Entity ID. Download the Certificate.

   

   This information is required to map your Google account to Crowdcontrol.

8. Click NEXT to continue the process.

   

   The Basic Information for your Custom App page is displayed.

9. In Application Name, specify Bugcrowd and click NEXT.

   

   The Service Provider Details page is displayed.

10. Provide the SSO configuration information from Bugcrowd (Settings > Authentication > Single Sign-on (SSO)):

    • ACS URL: Paste the Single Sign On URL.
    • Entity ID: Paste the SP Entity ID.

    Click NEXT.

    

11. Set the Bugcrowd SAML app to On for everyone on the right side of the SAML Apps page.

    

Mapping Google to Crowdcontrol

1. Navigate to the Single Sign-On screen in Crowdcontrol and scroll to the SAML Settings section.

2. Specify the following SAML information that you had made a note from Google:

   • IdP Entity ID: Paste the Entity ID from Google.
   • IdP SSO Target URL: Paste the SSO URL from Google.
   • IdP Certificate: Paste the complete certificate contents from Google.

   

   When copying and pasting the Certificate contents, make sure that all the information is properly copied including the lines -—-BEGIN CERTIFICATE—–\ and “—–END CERTIFICATE—–.

   Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

   Domain verification is required for SSO to function properly. For more information, see verifying domain.

---