Start FreeLog in
SonarCloud | Administering your SonarCloud | Managing your user accounts | Setting up SAML Single Sign On | Registering SonarCloud in IdP | Microsoft Entra ID

Registering SonarCloud in Microsoft Entra ID

On this page

This page explains how to register SonarCloud in Microsoft Entra ID. This is the first step of SAML SSO setup with Microsoft Entra ID. For an overview of the complete setup, see Transitioning your enterprise to SAML SSO.

Step 1: Create the SonarCloud application

  1.  In Microsoft Entra ID, go to Applications > Enterprise applications > All applications.
  2. Select New application and then Create your own application.
  3. Fill in the name and select the Integrate any other application you don't find in the gallery option. 
  4. Select Create.

Step 2: Configure the SonarCloud application

1. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Single sign-on > SAML.

2. In the Basic SAML Configuration section, select Edit, fill in the Identifier and the Reply URL fields as described below, and save.

Identifier and Reply URL fields
FieldDescription
Identifier

Copy-paste the SP Identity ID field from the SonarCloud UI. To do so:

  1. Retrieve your SonarCloud enterprise.
  2. Select Administration > SAML Single Sign On (SSO).
  3. Select the copy tool at the far right of the SP Identity ID field.
  4. Paste the field value in Microsoft Entra ID.
Reply URLCopy-paste the SSO URL field from the SonarCloud UI. Proceed as explained for the SP Identity ID field above.

3. In the Attributes & Claims section, configure the attributes used by SonarCloud as described below. To add an attribute, select Add new claim.

Attributes
Attribute used by SonarCloudDescriptionAttribute value in Microsoft Entra ID
LoginA unique name to identify the user in SonarCloud. userprincipalname
NameThe full name of the user.givenname
EmailThe email of the user.mail

4. Select Add a group claim, and configure the group attribute as described below. Once done, the option to add a group will be unavailable and the group attribute will be listed with the other attributes in the Add new claim tab.

Group attribute

The group attribute is used for automatic group synchronization.

Parameter or optionValue
Group ClaimsGroups assigned to the application
Source attributesAMAccountname or Cloud-only group display names
Emit group name for cloud-only groupsSelected.

5. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Users and groups

6. Select Add user/group to assign groups to the application.

7. From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Properties.

8. Set the Visible to users? option to No. (This is because SonarCloud doesn't support IdP-initiated SSO).

Retrieving the SAML SSO information of the application

To retrieve the information required when configuring SAML SSO in SonarCloud (second step of the SAML SSO setup):

  • From the Manage section of the SonarCloud application in Microsoft Entra ID, go to Single sign-on > SAML and retrieve the corresponding value from the SAML SSO information as explained below.
SAML SSO information
Field in SonarCloudValue in MS Entra ID 
Login URLIn the Set up <sonarCloudApplication>  section: value of the Login URL field.
X.509 CertificateIn the SAML certificates section, download Certificate (Base64) and copy-paste it to this field.
User name attributeIn the Attributes & Claims section, value of the givenname attribute.
User login attributeIn the Attributes & Claims section, value of the objectID attribute.
User email attributeIn the Attributes & Claims section, value of the emailaddress attribute.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License