DevOps platform authentication
By default, users can authenticate to SonarQube Cloud with their existing credentials on their DevOps platform service (DOP). No additional setup is required.
With the DevOps platform service authentication:
Just-in-Time user provisioning is used. When a user signs up with SonarQube Cloud for the first time through their DevOps platform (DOP), their DOP user account is automatically created in SonarQube Cloud.
The automatic member synchronization is supported with GitHub. See GitHub member synchronization for more information.
User login format
When creating a new user login, SonarQube Cloud systematically adds a random suffix to the login name to manage user misidentification risk.
Technical details
Primary authentication on the system is available through the SonarQube Cloud GitHub application and OAuth authentication with Bitbucket Cloud, Microsoft Azure DevOps, and GitLab. As a consequence, users don’t have a password specific to SonarQube Cloud itself but are protected to the level provided by the code repository platform.
Azure DevOps service authentication
The following applies for Azure DevOps service authentication in SonarQube Cloud:
ID tokens are used.
Both personal and organizations accounts are supported (the multi-tenant endpoint is used).
The following permissions are required:
On MS Graph:
User.read / Delegated
On AAD Graph:
User.read / Delegated
Related page
Last updated
Was this helpful?