Configuring SAML for HackerOne

REQUIRED ACCOUNT/PERMISSION LEVEL

Bitium: All account levels; must be an admin to set up

HackerOne: Must be an admin to set up

In Bitium:

  1. Go to “Manage Apps.”

  2. Select “HackerOne” from the list of installed apps.

  3. Select the “Single Sign-On” tab.

  4. From the dropdown, select “SAML Authentication.”

    Select SAML Authentication

  5. Copy the Login URL and the X.509 Certificate from Bitium. Email both of these items to HackerOne support or your account manager and let them know you would like SAML enabled for your account.

  6. Click the “Save Changes” button.

NOTE: If you would like users to continue accessing HackerOne with their usernames & passwords until SAML setup is complete, do not click “Save Changes” until after HackerOne responds to your email with confirmation that they have enabled SAML testing.

In HackerOne:

  1. When HackerOne responds to your email and confirms they have enabled SAML testing mode on your account, login to HackerOne.

  2. Navigate to the Security tab, under Profile Settings.

  3. Click the green “Test SAML Integration” button.

  4. View results of the test:

    • If the test is successful, respond to HackerOne to let them know and they will fully enable SAML on your account. At this point it will be possible to login via SAML from the Bitium dashboard, or by entering your email address on the HackerOne login page.

      Configuring SAML for HackerOne

      HackerOne Authentication Settings

    • If the test is not successful, please contact Bitium support at support@bitium.com.

HackerOne supports JIT provisioning so it will also be possible to create new user accounts in HackerOne by assigning the app to a user in Bitium and having them login from there.
SAML Enabled will be illuminated in green once completed.