Welcome to Bugcrowd's Product Documentation Center

You'll find comprehensive guides and documentation to help you start working with Bugcrowd as quickly as possible.

Okta

Single Sign On

Security Assertion Markup Language (SAML) is an XML-based standard for single sign-on (SSO) authentication that creates a simplified way to access applications that you have rights to use. Bugcrowd offers a SAML-based SSO integration with Okta to help you create an easy and centralized way to log in to Crowdcontrol.

1. Add Bugcrowd to Your Okta Apps Portal

The first thing you need to do is log in to your Okta account and add Bugcrowd to your apps portal. This simply allows you to configure the Okta settings for logging in to Crowdcontrol.

To add the Bugcrowd app, first click the "Admin" button on the to right of the screen.

Okta Home Screen

Okta Home Screen

Hover over the "Applications" tab and click on "Applications" form the drop down menu.

Okta Applications Drop Down Menu

Okta Applications Drop Down Menu

Click on the "Add Application" button.

Okta Add Application Screen

Okta Add Application Screen

Then click on the "Create New App" button.

Okta Create New App Button

Okta Create New App Button

You will now begin the set-up process. First, add "Bugcrowd Inc" as the app name during the general settings step. Then, click "next".

General Setting Step

General Setting Step

You will be taken to step 2 which is to configure SAML. To get the information you need for this screen you will need to log-in to your Bugcrowd account.

Enable SAML Step

Enable SAML Step

Specific Role Required to Configure SSO

To configure SSO for your program, you must be an Organization Owner.

2. Accessing SAML Information in Bugcrowd

From Crowdcontrol, go to your Organization Settings.

Go to your Organization Settings

Go to your Organization Settings

When the Organization Settings appear, select Authentication.

Select the Authentication tab

Select the Authentication tab

Then click the Single Sign-on (SSO) option.

Single Sign-On Button

Single Sign-On Button

When the SAML Settings appear, you will want to copy the "SAML Consumer URL" and then navigate back to your Okta account.

SSO Settings

SSO Settings

Single Logout

Bugcrowd only supports logouts Identity Provider (IdP) initiated logouts, which means that logging out of Bugcrowd will not log you out of your SSO provider.

3. Adding SAML Information in Okta

Navigate back to Okta at the screen you left off on.

In the "Single Sign on URL" field paste the "SAML Consumer URL" you copied from your Bugcrowd account.

In the "Audience URL" field past the "SAML Consumer URL" you copied from your Bugcrowd account. IMPORTANT: after you paste the code in the field you will need to delete everything after the organization code. In the example below the full URL code is bugcrowdsandbox.com/organizations/mregwrnqpy/sso/acs however, for this field it would be bugcrowdsandbox.com/organizations/mregwrnqpy.

For the "Name ID Format" field change the dropdown to "EmailAddress".

For the "Application Username" field change the dropdown to "Email".

Okta Enable SAML Step

Okta Enable SAML Step

Under the "Attribute Statements" section add "Role" to the Name field and add "user.Role" to the Value field. Then, click "next" at the bottom of the screen.

Attributes Statements Fields

Attributes Statements Fields

To finish configuration click on the "I'm an Okta customer adding an internal app" and check the "This is an internal app that we have created".

Then, click "finish".

Final configuration step

Final configuration step

4. Mapping Okta to Crowdcontrol

Next, you will need to map Okta information over to Crowdcontrol. Click the "View Setup Instructions" button.

Settings Sections

Settings Sections

You will be taken to the screen below with all the information you will need to map over to Control. Copy the information in each of the 3 fields.

Okta mapping information for Crowdcontrol

Okta mapping information for Crowdcontrol

Navigate back to the Single Sign-On screen in Crowdcontrol and scroll down the "SAML Settings" section.

In the "IdP Entity ID" field paste the Okata "Identity Provider Issuer" information.

In both the "IdP SSO Target URL" paste the Okta "Identity Provider Single Sign-On URL" information.

In the "IdP Certificate" field paste the Okta "X.509 Certificate" information.

Crowdcontrol SAML Settings Section

Crowdcontrol SAML Settings Section

Save the Authentication Settings when finished.

5. Verify Domain

Lastly, all domains must be verified by Bugcrowd - users will not be able to login until the email address domains are verified.

Navigate back to the Crowdcontrol platform 'organization settings' page - select 'domains'.

Select the domain tab

Select the domain tab

Enter the domain and then select 'add domain'

Add domain

Add domain

A verification code will be provided - add a TXT record at the domain's root with this code. DNS verification may take up to 24 hours to succeed.

Copy and past verification code as a TXT record

Copy and past verification code as a TXT record

Having troubles?

Consult your DNS provider for instructions on adding a TXT record

Contact support@bugcrowd.com for any additional help verifying domains

Okta

Single Sign On