Registering SonarCloud in Microsoft Entra ID
This page explains how to register SonarCloud in Microsoft Entra ID. This is the first step of SAML SSO setup with Microsoft Entra ID. For an overview of the complete setup, see Transitioning your enterprise to SAML SSO.
Step 1: Create the SonarCloud application
- In Microsoft Entra ID, go to Applications > Enterprise applications > All applications.
- Select New application and then Create your own application.
- Fill in the name and select the Integrate any other application you don't find in the gallery option.
- Select Create.
Step 2: Configure the SonarCloud application
1. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Single sign-on > SAML.
2. In the Basic SAML Configuration section, select Edit, fill in the Identifier and the Reply URL fields as described below, and save.
Identifier and Reply URL fields
Field | Description |
---|---|
Identifier | Copy-paste the SP Identity ID field from the SonarCloud UI. To do so:
|
Reply URL | Copy-paste the SSO URL field from the SonarCloud UI. Proceed as explained for the SP Identity ID field above. |
3. In the Attributes & Claims section, configure the attributes used by SonarCloud as described below. To add an attribute, select Add new claim.
Attributes
Attribute used by SonarCloud | Description | Attribute value in Microsoft Entra ID |
---|---|---|
Login | A unique name to identify the user in SonarCloud. | userprincipalname |
Name | The full name of the user. | givenname |
The email of the user. | mail |
4. Select Add a group claim, and configure the group attribute as described below. Once done, the option to add a group will be unavailable and the group attribute will be listed with the other attributes in the Add new claim tab.
Group attribute
The group attribute is used for automatic group synchronization.
Parameter or option | Value |
---|---|
Group Claims | Groups assigned to the application |
Source attribute | sAMAccountname or Cloud-only group display names |
Emit group name for cloud-only groups | Selected. |
5. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Users and groups.
6. Select Add user/group to assign groups to the application.
7. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Properties.
8. Set the Visible to users? option to No. (This is because SonarCloud doesn't support IdP-initiated SSO).
Retrieving the SAML SSO information of the application
To retrieve the information required when configuring SAML SSO in SonarCloud (second step of the SAML SSO setup):
- From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Single sign-on > SAML and retrieve the corresponding value from the SAML SSO information as explained below.
SAML SSO information
Field in SonarCloud | Value in MS Entra ID |
---|---|
Login URL | In the Set up <sonarCloudApplication> section: value of the Login URL field. |
X.509 Certificate | In the SAML certificates section, download Certificate (Base64) and copy-paste it to this field. |
User name attribute | In the Attributes & Claims section, value of the givenname attribute. |
User login attribute | In the Attributes & Claims section, value of the objectID attribute. |
User email attribute | In the Attributes & Claims section, value of the emailaddress attribute. |
Was this page helpful?