- $100 – $25,000 per vulnerability
We believe community researcher participation and building a secure foundation plays an integral role in protecting our customers and their data. We appreciate all security submissions and strive to respond in an expedient manner.
Okta is a cloud-based identity service that connects people to their applications from any device, anywhere, anytime. The Okta Identity Cloud provides directory services, single sign-on, strong authentication, provisioning, mobile device management and API access management. It comes with built-in reporting, and integrates deeply with cloud, mobile and on-premises applications, directories and identity management systems.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email firstname.lastname@example.org. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.
In addition to the above standard disclosure terms, by participating in this program, you're agreeing to abide by Okta's Vulnerability Disclosure Policy and Supplemental Terms.
This bounty requires explicit permission to disclose the results of a submission.