Okta's bug bounty program
We believe community researcher participation plays an integral role in protecting our customers and their data. We appreciate all security submissions and strive to respond in an expedient manner.
Okta is an integrated identity service that connects people to their applications from any device, anywhere, anytime. The Okta Identity Cloud provides directory services, single sign-on, strong authentication, provisioning, and mobile device management. It comes with built-in reporting and integrates deeply with cloud, mobile, and on-premise applications, directories, and identity management systems.
Account Creation
In order to participate in Okta’s bug bounty program you are required to have a Bugcrowd account.
Here’s what to expect:
- Enter your Bugcrowd ID (BCID)
- (2) accounts will be created
- https://bugcrowd-BCID-1.oktapreview.com
- https://bugcrowd-BCID-2.oktapreview.com
- (2) emails will be sent to your registered Bugcrowd address
Testing
All scope, payout, and account setup details can be found on our Okta bug bounty page.
Resources
Please check our current release notes to see what's new. New code is released weekly.
Out of Scope
The site you are currently visiting is out of scope for the Bug Bounty program. All scope, payout, and account setup details can be found on our Okta bug bounty page.