Welcome to Bugcrowd's Product Documentation Center

You'll find comprehensive guides and documentation to help you start working with Bugcrowd as quickly as possible.

Centrify

Single Sign On

Specific Role Required to Configure SSO

To configure SSO for your program, you must be an Organization Owner.
Organization Owners can log in using Username and Password.

Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Centrify to help you create an easy and centralized way to log in to Crowdcontrol. SAML is an XML-based standard for SSO authentication that creates a simplified way to access the applications that you can use.

The steps to configure Centrify for SSO are:

  1. Adding Bugcrowd to your Centrify Admin Portal
  2. Accessing SAML information in Bugcrowd
  3. Adding SAML information in Centrify
  4. Mapping Centrify to Crowdcontrol
  5. Verifying domain

Adding Bugcrowd to Your Centrify Admin Portal

  1. Log in to your Centrify Admin Portal.
  2. Click Apps, and then click Add Web Apps.

The Add Web Apps page is displayed.

  1. Click Custom.
  1. Click Add next to the SAML application.
  2. When the Add Web App page appears, click Yes to add the application.
  3. Close the Application Catalog.
    The Settings page for the application that you have added is displayed.

To specify the information for this screen, you must log in to your Bugcrowd account.

Accessing SAML Information in Bugcrowd

  1. In Crowdcontrol, click your profile.
  1. Click Authentication.
  1. Click Single Sign-on (SSO).

The SSO Configuration for Demo Organization is displayed.

  1. Copy the Single sign on URL and then go back to your Centrify account.

Single Logout

Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.

Adding SAML Information in Centrify

  1. Go back to Centrify > Configure SAML page (last step in the first section).
  2. In Assertion Consumer Service URL, paste the Single Sign on URL you copied from your Bugcrowd account.
  3. Navigate to Advanced Settings page.
  4. Specify the following:
    • setAudience: Past the Single Sign on URL you copied from your Bugcrowd account including the quotes.
    • Name ID Format: Select EmailAddress.
    • Application Username: Select Email.
  5. Save your changes.

Mapping Centrify to Crowdcontrol

  1. Keep the Centrify SAML Application Settings screen open and open a new window or tab.
  2. In the new window, navigate back to the Single Sign-On screen in Crowdcontrol and scroll to the SAML Settings section.
  3. Specify the following:
    • IdP Entity ID: Copy and paste the Centrify Issuer information from the Centrify window.
    • IdP SSO Target URL: Copy and paste the Centrify Identity Provider Sign-in URL information from the Centrify window.
  4. In the Centrify window, click Download in the Security Certificate section. Open the downloaded certificate in a text editor and copy the entire contents of the file.
  5. In the Crowdcontrol window, paste the certificate information in the IdP Certificate field.

Note:

Domain verification is required for SSO to function properly.

Verifying Domain

All domains must be verified by Bugcrowd. You will not be able to login until the email address domains are verified.

  1. In Crowdcontrol, click your profile and then click Domains.

The Domain Verification page is displayed.

  1. Specify the domain and then click ADD DOMAIN.
Add domain

Add domain

A verification code is displayed.

  1. Add a TXT record at the domain's root with this code.

Note:

DNS verification may take up to 24 hours to succeed.

Having troubles?

For information about adding a TXT record, consult your DNS provider.
For any additional help verifying domains, contact [email protected].

Updated 3 months ago


Centrify


Single Sign On

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.