SonarQube Cloud | Administering SonarQube Cloud | Managing your user accounts | Setting up SAML Single Sign On | Generic procedure | Step 1: Verify the user groups
Step 1: Verify the user groups of the enterprise's organizations
On this page
Before configuring SAML SSO, you must ensure that the automatic group synchronization can take place properly. To do so, verify that:
- The user groups defined in your IdP service exist in the relevant organizations of your SonarQube Cloud enterprise (i.e. a group with the same (context-sensitive) name exists in the relevant organization(s)).
- The user groups in SonarQube Cloud have the correct permissions.
To manage the user groups in SonarQube Cloud, see Managing the user groups in your organization.
Group definition example
The figure below shows a group definition example with Okta as IdP.
Microsoft Entra ID's SAML tokens have a limit regarding the number of groups a user can belong to (see the description of groups in the Claims in SAML Token table). In such cases, you might need to reduce the number of groups the user is in.
Related pages
- Step 2: Configure SAML SSO in your identity provider and in SonarQube Cloud
- Step 3: Terminate the SAML SSO setup
Was this page helpful?
© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
