HackerOne

This guide provides the steps required to configure provisioning for HackerOne.com.

<a href="#h_2c8f85407c">Step-­by-­Step Configuration Instructions</a>

<a href="#h_1c2dd88686">Troubleshooting Tips</a>

The following provisioning features are supported:

- New users created through OKTA will also be created in the third-party application.

- Okta will push all updates to the user’s profile to the third-party application.

- Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third-party application.
- Note: In this application, deactivating a user involves revoking login access while retaining the user's HackerOne information as inactive.

- You can reactivate user accounts in the application.

- OKTA can also push newly created groups to the third-party application.

- Push New Users
 - New users created through OKTA will also be created in the third-party application.
- Push Profile Updates
 - Okta will push all updates to the user’s profile to the third-party application.
- Push User Deactivation
 - Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third-party application.
 - Note: In this application, deactivating a user involves revoking login access while retaining the user's HackerOne information as inactive.
- Reactivate Users
 - You can reactivate user accounts in the application.
- Push Groups
 - OKTA can also push newly created groups to the third-party application.

Before you configure provisioning for Hackerone.com, you must contact your CSM or the HackerOne Support team to activate the feature.

Step-­by-­Step Configuration Instructions

To get started, contact your HackerOne CSM and let them know you want to use Okta for login and user provisioning. Your CSM will enable SCIM for your organization.

In your organization settings on HackerOne, go to Authentication &gt; SCIM Provisioning.

Copy the Bearer token and store it securely.

1. Click Add SCIM credentials 
 Add SCIM credentials screen
2. Copy the Bearer token and store it securely. 
 SCIM bearer code

Next open OKTA and navigate to your Applications

Follow the steps <a href="https://docs.hackerone.com/en/articles/8490526-okta-sso-setup-via-saml">here</a> to set up your SAML integration.

1. Note: If you’ve set up your SAML integration before using the <a href="https://www.okta.com/integrations/hackerone/" rel="nofollow noopener noreferrer" target="_blank">HackerOne application</a>, SCIM will not be available. You can follow the steps as described <a href="https://docs.hackerone.com/en/articles/8490526-okta-sso-setup-via-saml">here</a> and skip steps 6 and 10 - 13. Use this new application to set up SCIM provisioning.

Open your HackerOne SCIM application created above.

In the General tab click Edit behind App Settings.

Check the Enable provisioning features box

Set the Authentication Mode to HTTP HeaderPaste the URL from the SCIM credentials page into the SCIM connector base URL box.

Enter your email in the Unique identifier field for users box.

Enter the API Token you stored above behind Authorization.

Select the provisioning actions you want to use

Click Test Connector Configuration; if successful, a verification message appears at the top of the screen.

Select To App in the left panel, then select the Provisioning Features you want to enable.

You can now assign people to the app (if needed) and finish the application setup.

1. Follow the steps <a href="https://docs.hackerone.com/en/articles/8490526-okta-sso-setup-via-saml">here</a> to set up your SAML integration.
 1. Note: If you’ve set up your SAML integration before using the <a href="https://www.okta.com/integrations/hackerone/" rel="nofollow noopener noreferrer" target="_blank">HackerOne application</a>, SCIM will not be available. You can follow the steps as described <a href="https://docs.hackerone.com/en/articles/8490526-okta-sso-setup-via-saml">here</a> and skip steps 6 and 10 - 13. Use this new application to set up SCIM provisioning.
2. Open your HackerOne SCIM application created above.
3. In the General tab click Edit behind App Settings.
4. Check the Enable provisioning features box
 App settings screen
5. Click Save
6. Click the Provisioning tab.
7. Click Edit.
8. Set the Authentication Mode to HTTP HeaderPaste the URL from the SCIM credentials page into the SCIM connector base URL box.
9. Enter your email in the Unique identifier field for users box.
10. Enter the API Token you stored above behind Authorization.
11. Select the provisioning actions you want to use
 SCIM connection setup
12. Click Test Connector Configuration; if successful, a verification message appears at the top of the screen.
13. Click Save.
14. Select To App in the left panel, then select the Provisioning Features you want to enable.
 Provisioning to the app
15. Click Save.
16. You can now assign people to the app (if needed) and finish the application setup.

Initial activation of Okta provisioning in HackerOne requires contacting your CSM. Please reach out with any questions during your configuration process.

- Initial activation of Okta provisioning in HackerOne requires contacting your CSM. Please reach out with any questions during your configuration process.

Note: When Okta deactivates users, HackerOne removes them from your organization. Users lose login access but their data remains as 'inactive users.' Contact your CSM to permanently delete user data.

Contents

Features

Requirements

Step-by-Step Configuration Instructions