Administering your users

This article describes how to onboard, manage permissions and delete user accounts in SonarQube Cloud.

Onboarding users

Whether through a DevOps platform or an SSO identity provider, when users first sign up with SonarQube Cloud, their account is automatically created in SonarQube Cloud.

At login time, users are automatically added to organizations in the following cases:

  • With a DevOps platform (DOP) service, through the GitHub member synchronization. In this case, you cannot add DOP users manually.

  • In an SSO-enabled enterprise, through group synchronization wiht the identity provider. You cannot add SSO users manually.

Otherwise, you must manually add the DOP users to their organization, see Adding organization members for more information.

In an SSO-enabled enterprise, DOP users can be added manually to organizations.

Managing the user permissions

As an organization admin, you can set:

Viewing audit logs

This feature is available with the Enterprise license.

As an Enterprise admin, you can access audit logs through the Audit logs API. To authenticate to the Web API, see Web API.

Audit logs are retained for 180 days.

List of logged events
Event type
Description
For more details

authentication.user_login

An SSO user logs in to SonarQube Cloud.

authentication.user_logout

An SSO user logs out of SonarQube Cloud.

user.create

An SSO user account is created.

user.remove

An SSO user account is removed.

permission_template.create

An organization admin creates a permission template.

permission_template.delete

An organization admin deletes a permission template.

org.add_user

A user is added to an organization.

org.remove_user

A user is removed from an organization.

org.add_group

A group is created in the organization.

org.remove_group

A group is removed from the organization.

org.add_permission

An organization-related permission is added to a user or group.

org.remove_permission

An organization-related permission is removed from a user or group.

org.membersync_enabled

An organization admin enables the GitHub member synchronization.

org.membersync_disabled

An organization admin disables the GitHub member synchronization.

portfolio.add_permission

A portfolio admin adds a portfolio-related permission to a user or group.

portfolio.remove_permission

A portfolio admin removes a portfolio-related permission from a user or group.

project.apply_permission_template

A project admin applies a permission template to their project.

project.add_permission

A project admin adds a project-related permission to a user or group.

project.remove_permission

A project admin removes a project-related permission from a user or group.

group.create

A group is created in an organization.

group.remove

A group is removed from an organization.

Deleting a DOP account

You can only delete your own account, see Deleting your account. If you want to delete another user’s DevOps platform (DOP) account:

  • If the GitHub member synchronization is used, remove the user from the GitHub organization.

  • Otherwise, remove the user’s DOP account from the SonarQube Cloud organizations they are a member of, see Adding organization members.

Deleting an SSO account

You can only delete your own account, see Deleting your accountfor more details.

To prevent an SSO user from logging in to your SonarQube Cloud organizations, remove their access rights from the identity provider.

Enabling/disabling the GitHub member synchronization

When you import a GitHub organization to SonarQube Cloud, GitHub member synchronization is enabled by default. If you disable it, members will no longer be added or removed automatically and membership in GitHub-based organizations must be managed manually, as it is with other repository platforms.

To enable/disable the GitHub member synchronization for your organization:

  1. Retrieve your organization. See Retrieving your organizations for more details.

  2. Open the Members page.

  3. Select Configure synchronization. The Members Management dialog opens.

  4. Select the manual or automatic option and Save.

Last updated

Was this helpful?