Specific Role Required to Configure SSO
To configure SSO for your program, you must be an Organization Owner. Organization Owners can log in using Username and Password.
Bugcrowd offers a Security Assertion Markup Language (SAML) based Single Sign-On (SSO) integration with Okta to help you create an easy and centralized way to log in to Crowdcontrol. SAML is an XML-based standard for SSO authentication that creates a simplified way to access the applications that you can use.
The steps to configure Okta for SSO are:
- Log in to your Okta account and click Admin.
- Hover over the Applications tab and click Applications.
- Click Add Application.
- Click Create New App.
- In Sign on method, select SAML 2.0 and click Create.
The General Settings page is displayed.
- Specify the following:
- App name: Specify Bugcrowd Inc as the app name.
- App logo: Click Browse, specify the Bugcrowd logo image, and click Upload Logo.
- Click Next.
The SAML Settings page is displayed.
To specify the information for this screen, you must access your Bugcrowd account.
- In Crowdcontrol, click your profile.
- Click Authentication.
- Click Single Sign-on (SSO).
The SSO Configuration for Demo Organization is displayed.
- Make a note of the Single sign on URL and SP Entity ID.
Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, that is logging out of Bugcrowd will not log you out of your SSO provider.
- Pause the screen and go to the next step.
- Go back to Okta > Configure SAML page (last step in the first section).
- Specify the following information:
- Single sign on URL: Paste the Single Sign on URL you copied from your Bugcrowd account.
- Audience URI (SP Entity ID): Paste the Single Sign on URL you copied from your Bugcrowd account.
- Name ID format: Select EmailAddress.
- Application Username: Select Email.
- In ATTRIBUTE STATEMENTS section, specify the following:
- Name: Select Role
- Value: Select user.Role
Click Next at the bottom of the page.
The Feedback page is displayed.
- Select I'm an Okta customer adding an internal app and This is an internal app that we have created and click Finish.
- Click View Setup Instructions.
The How to Configure SAML 2.0 for Bugcrowd Inc. Application screen is displayed.
- Make a note of the information from the following fields:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 Certificate
Navigate back to the Single Sign-On screen in Crowdcontrol and scroll to the SAML Settings section.
Paste the information you copied in the following fields:
- IdP Entity ID: Paste the Identity Provider Issuer information from Okta.
- IdP SSO Target URL and IdP SLO Target URL: Paste the Identity Provider Single Sign-On URL information from Okta.
- IdP Certificate: Paste the X.509 Certificate information from Okta.
Click SAVE AUTHENTICATION SETTINGS to save the information.
Domain verification is required for SSO to function properly.
All domains must be verified by Bugcrowd. You will not be able to login until the email address domains are verified.
- In Crowdcontrol, click your profile and then click Domains.
The Domain verification page is displayed.
- Specify the domain and click ADD DOMAIN.
A verification code is displayed.
- Add a TXT record at the domain's root with this code.
DNS verification may take up to 24 hours to succeed.
For information about adding a TXT record, consult your DNS provider.
For any additional help verifying domains, contact [email protected].
Updated 2 months ago