HackerOne

To configure <a href="https://docs.hackerone.com/organizations/single-sign-on-sso-via-saml.html">single sign-on via SAML</a>, you need to verify domain ownership for your program.

Go to Organization Settings &gt; Authentication &gt; Verified Domains.

1. Note: You must be an organization administrator to add a verified domain. ​
 
 ​
 ​

Enter the domain name you want to verify in the Domain name field.

Choose the Verification Method of your domain. You can choose from: ​

Verification method options: DNS TXT, HTML meta-tag, Web file

1. Note: Use only the part of the domain name used in the email address of the users that will be logging in. For example: if an email address looks like <code>wiley@acme.com</code>, use <code>acme.com</code> as a domain name.

Follow the instructions on the page to allow HackerOne to verify you have ownership over the domain. Instructions will vary depending on the verification method you chose in step 4 above. You'll have to go to your DNS provider to manage settings on the domain. ​ Here's an example of using the DNS TXT record on Cloudflare to allow HackerOne to verify your domain: ​

1. Note: when using Amazon Route53 the <code>@</code> character isn't used. You can just leave the name value empty.

1. Go to Organization Settings &gt; Authentication &gt; Verified Domains.
 1. Note: You must be an organization administrator to add a verified domain. ​
 
 ​
 ​
2. Click Add verified domain.
3. Enter the domain name you want to verify in the Domain name field.
4. Choose the Verification Method of your domain. You can choose from: ​
 Verification method options: DNS TXT, HTML meta-tag, Web file
 1. Note: Use only the part of the domain name used in the email address of the users that will be logging in. For example: if an email address looks like <code>wiley@acme.com</code>, use <code>acme.com</code> as a domain name.
5. Click Add domain. ​

6. Follow the instructions on the page to allow HackerOne to verify you have ownership over the domain. Instructions will vary depending on the verification method you chose in step 4 above. You'll have to go to your DNS provider to manage settings on the domain. ​ Here's an example of using the DNS TXT record on Cloudflare to allow HackerOne to verify your domain: ​
 
 
 1. Note: when using Amazon Route53 the <code>@</code> character isn't used. You can just leave the name value empty.
7. Click Verify

Once your domain is successfully verified, the status of your domain will be changed to Verified. You can continue to set up your <a href="https://docs.hackerone.com/organizations/single-sign-on-sso-via-saml.html">SAML settings</a>.

Note: it can take a while for the DNS records to propagate. If at first verification fails please try again later. You can use an online DNS checker like <a href="https://dnschecker.org/" rel="nofollow noopener noreferrer" target="_blank">https://dnschecker.org/</a> to check if the DNS records have been propagated.

Domain Verification