Configuring SAML for Bugcrowd Tracker

REQUIRED ACCOUNT/PERMISSION LEVEL

Bitium: All account levels; must be an admin to set up

Bugcrowd Tracker: Must be an admin to set up

In Bitium:

  1. Go to “Manage Apps.”

  2. Select “Bugcrowd Tracker” from the list of installed apps.

  3. Select the “Single Sign-On” tab.

  4. From the dropdown, select “SAML Authentication.”

    Enabling SAML for Asana

    Select Single Sign-On Provider

  5. Copy the Entity ID, Login URL, Logout URL, and X.509 Certificate from Bitium.

    Enabling SAML for Asana

    SAML Configuration

In Bugcrowd:

  1. Navigate to Organization Settings by clicking the cog in the upper right corner.

  2. Click on “Authentication” tab.

  3. Click on “Single Sign-on (SSO)”.

  4. Copy the Organization Code from Bugcrowd.

    Enabling SAML for Asana

    Organization Code

  5. Paste the Entity ID copied from Bitium in Step 5 into the IdP Entity ID field in Bugcrowd.

  6. Paste the Login URL copied from Bitium in Step 5 into the IdP SSO Target URL field in Bugcrowd.

  7. Paste the Logout URL copied from Bitium in Step 5 into the IdP SLO Target URL field in Bugcrowd.

  8. Paste the X.509 Certificate copied from Bitium in Step 5 into the IdP Certificate in Bugcrowd.

    Enabling SAML for Asana

    SAML Settings

In Bitium:

  1. Paste the Organization Code copied from Bugcrowd in step 4 into the Organization field in Bitium.
  2. Click “Save Changes” in Bitium.

User Role Mapping

In Bitium:

  1. Create four Bitium groups for your Bugcrowd Roles, by clicking on “Manage Groups”. For our example, we’ve created groups named Admin, Analyst, Owner, and Viewer, though you can name them anything you’d like.

    Enabling SAML for Asana

    Create Groups in Bitium

  2. Assign appropriate users to each of those groups based on their Bugcrowd role.

  3. Navigate to the “Single Sign-On” tab in Bitium.

  4. Create four SAML Role fields (Click “Add another field” to add more than one field). Select the associated group from the dropdown, and choose a name for the attribute.

    Enabling SAML for Asana

    SAML Roles

  5. Click “Save Changes” in Bitium.

In Bugcrowd:

  1. Fill in the role names you’ve chosen in the previous step. Make sure these match the attributes you’ve named in Bitium.

    Enabling SAML for Asana

    User Role Mapping

  2. Click “Save Authentication Settings” in Bugcrowd.

Testing:

IDP Initiated Login

  1. From the Bitium Dashboard, click on the Bugcrowd Tracker app.
  2. You should be authenticated into the app.
SAML Enabled will be illuminated in green once completed.