Skip to main content

CRA Compliance Tool integration — shared workspace and SSO

The CRA risk-assessment and technical-documentation workflow is now built into CVD Portal under Compliance → Products (https://cvdportal.com/products); see the Products workspace guide. This page covers the legacy integration for users of the standalone PortaRegulus CRA Compliance Tool (https://app.cra.portaregulus.com), which could sync products into CVD Portal and open it through a sign-in handoff.

If you arrived from the CRA Compliance Tool

Clicking Open CVD Portal in the CRA app signs you in here automatically.

  • First-time users join a shared integration workspace as a read-only Member. The header chip shows "Member · read-only". You can view submissions and their details, but changing status, severity, or settings requires a workspace admin.
  • If your email address already has its own CVD Portal account, you are signed into that account instead. Your own workspace does not contain the products or reports you saw in the CRA app. Those live in the separate shared integration workspace. The banner shown on arrival explains this.

To go back, use the CRA Compliance Tool link in the sidebar's Account section (shown to shared-workspace users).

Products you did not create

Products in the shared workspace's hardware registry are synced from CRA app registrations. Each carries the CRA app's product id as its identifier, which keeps reports linked to the right product even after renames.

Where reports live

Vulnerability reports are called submissions here. See them under Submissions (https://cvdportal.com/submissions). The CRA app's Vulnerability Disclosure page shows the same reports filtered to one product, and its row links open the matching submission detail page here.