Welcome to Bugcrowd's Product Documentation Center

You'll find comprehensive guides and documentation to help you start working with Bugcrowd as quickly as possible.

OneLogin

Single Sign On

Security Assertion Markup Language (SAML) is an XML-based standard for single sign-on (SSO) authentication that creates a simplified way to access applications that you have rights to use. Bugcrowd offers a SAML-based SSO integration with OneLogin to help you create an easy and centralized way to log in to Crowdcontrol. If you don't have OneLogin set up, you should read their getting started guide.

1. Add Bugcrowd to Your OneLogin Apps Portal

The first thing you need to do is log in to your OneLogin account and add Bugcrowd to your apps portal. This simply allows you to configure the OneLogin settings for logging in to Crowdcontrol.

To add the Bugcrowd app, select Apps > Add Apps.

Add apps from OneLogin

Add apps from OneLogin

Search for 'Bugcrowd.'

Search for Bugcrowd apps

Search for Bugcrowd apps

Select the Bugcrowd app.

Select the Bugcrowd app

Select the Bugcrowd app

When the Configuration form appears, you can modify any of the configuration settings that control how the Bugcrowd app appears in your portal and the connector version you want to use. You must choose the SAML 2.0 option as your connector.

Configure the Bugcrowd app

Configure the Bugcrowd app

After you make your changes, save the settings. A new set of tabs appear that let you configure rules, parameters, SSO, access policies, and users for the Bugcrowd app.

Select the SSO tab.

The SSO tab

The SSO tab

This page displays all of the information you'll need to add to Crowdcontrol later. Keep the following information readily available:

  • The x.509 certificate and its fingerprint
  • The issuer URL
  • SAML 2.0 endpoint
  • SLO endpoint

Now that you've added Bugcrowd to your apps portal in OneLogin, you're ready to configure Crowdcontrol to use the single sign-on service.

Specific Role Required to Configure SSO

To configure SSO for your program, you must be an Organization Owner.

2. Add Your Identity Provider's SSO Settings to Crowdcontrol

From Crowdcontrol, go to your Organization Settings.

Go to your Organization Settings

Go to your Organization Settings

When the Organization Settings appear, select Authentication.

Select the Authentication tab

Select the Authentication tab

Then click the Single Sign-on (SSO) option.

Select the Single Sign-on option

Select the Single Sign-on option

When the SAML Settings appear, enter in the data you saved from OneLogin earlier.

Add the SSO settings from OneLogin

Add the SSO settings from OneLogin

The option names on the Single Sign-on form in Crowdcontrol do not map exactly to the ones in OneLogin. To help you figure out what's what, here's a mapping for each option in Crowdcontrol to each option in OneLogin:

SSO option mappings

SSO option mappings

Crowdcontrol Options
OneLogin Options

IdP Certificate

X.509 Certificate

IdP Certificate Fingerprint

Fingerprint

IdP Entity ID

Issuer URL

IdP SSO Target URL

SAML 2.0 endpoint

IdP SLP Target URL

SLO endpoint

When you add the X.509 certificate, you need to copy everything the entire contents of the certificate, including the BEGIN and END headers, as shown below.

-----BEGIN CERTIFICATE-----
TTDMTSCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
m3LtH40luvg0sd0ng4evAT0mMYh4rdYDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMTIxMjMwMDg1OTQ0WjBF 
t4c0fN746vaInA1KxYEeI1Rx5KXY8zIdj6a7hhphpj2E04LDdw7r495dv3UgEgpR
C3Fayua4DRHyZOLmlvQ6tIChY0ClXXuefbmVSDeUHwc8YufRAERp2GfQnL2JlPUL
B7xxt8BVc69rLeHV15A0qyx77CLSj3tCx2IUXVqRs5mlSbq094NBxsauYcm0A6Jq
vA==
-----END CERTIFICATE-----

After you are done, save the settings. Crowdcontrol displays the SSO configuration for your program. Copy the top line item "Onelogin SAML Code" as you will need it in the next step.

Single Sign-on configuration for your company

Single Sign-on configuration for your company

Navigate back to your Onelogin account and head to the Bugcrowd "Configuration" tab. Paste the "Onelogin SAML Code" you just received in Crowdcontrol the step before this.

Onelogin configuration screen

Onelogin configuration screen

3. Domain Verification

All domains must be verified by Bugcrowd - users will not be able to login until the email address domains are verified.

Navigate back to the Crowdcontrol platform 'organization settings' page - select 'domains'.

Select the domains tab

Select the domains tab

Enter the domain and then select 'add domain'

Add domain

Add domain

A verification code will be provided - add a TXT record at the domain's root with this code. DNS verification may take up to 24 hours to succeed.

Copy and past verification code as a TXT record

Copy and past verification code as a TXT record

Having troubles?

Consult your DNS provider for instructions on adding a TXT record

Contact support@bugcrowd.com for any additional help verifying domains

4. Logging in Using SSO

After you have enabled SSO, your team members can navigate to the Company Apps area of OneLogin and click the Bugcrowd app to log in. If SSO is set up properly, members will be logged in to Crowdcontrol.

Bugcrowd platform

Bugcrowd platform

OneLogin

Single Sign On