Start FreeLog in
SonarQube Cloud | Administering SonarQube Cloud | Managing your user accounts | Setting up SAML Single Sign On | Registering SonarQube Cloud in IdP | Okta

Registering SonarQube Cloud in Okta

On this page

This page explains how to register SonarQube Cloud in Okta. This is the first step of SAML SSO setup with Okta. For an overview of the complete setup, see Transitioning your enterprise to SAML SSO.

Step 1: Create the SonarQube Cloud application

1. In Okta, under Applications, select Create App Integration.

2. In the Sign-in Method dialog, select SAML 2.0.

3. Select Create.

4. Fill in the fields and options as described below in the various steps.

Steps' fields and options
StepField or optionDescription
General settingsApplication label

SonarQube Cloud application name. 

Example: SonarQube Cloud.


Do not display application icon to usersSelect this option. (This is because SonarQube Cloud doesn't support IdP-initiated SSO).
SAML settingsSingle sign on URL

Copy-paste the SSO URL field from the SonarQube Cloud UI. To do so:

  1. Retrieve your SonarQube Cloud enterprise.
  2. Select Administration > SAML Single Sign On (SSO).
  3. Select the copy tool at the far right of the SSO URL field.
  4. Paste the field value in Okta.

Audience URI (SP Entity ID)Copy-paste the SP Identity ID field from the SonarQube Cloud UI. Proceed as explained for the SSO URL field above.

ResponseSelect Signed.

Assertion SignatureSelect Signed.

Signature AlgorithmSelect RSA-SHA256.
SAML settings: Advanced settings
If you want to enable assertion encryption, expand Show Advanced Settings 

Assertion EncryptionSelect Encrypted.

Encryption AlgorithmSelect AES256-GCM for high security.

Key Transport Algorithm Select RSA-OAEP.

Encryption CertificateThe public X.509 certificate used by the identity provider to authenticate SAML messages.

5. Under Attribute Statements, add three attribute mappings as described below.

Attribute statements mappings

Mapping for nameMapping for loginMapping for email (optional)
Namenameloginemail
Name formatUnspecifiedUnspecifiedUnspecified
Valueuser.firstNameuser.loginuser.email

6. Under Group Attribute Statements, enter the values as described below.

Group attribute statements values

Group Attribute Statements
Namegroups
Name formatUnspecified
FilterChoose Matches regex and set the value to .*.

7. In the Feedback dialog, select Finish to confirm the creation of the SonarQube Cloud application.

Step 2: Set up the group synchronization

In Okta:

  1. Go to the Assignments tab of the SonarQube Cloud application and assign the user groups to the SonarQube Cloud application. 
  2. Enable the group synchronization in the SonarQube Cloud application: 
    • Go to SAML > Provisioning.
    • In the SAML group attribute field, enter groups (Name value of the Group Attribute Statements)

Retrieving the SAML SSO information of the application

To retrieve the information required when configuring SAML SSO in SonarQube Cloud (second step of the SAML SSO setup):

  1. In Okta, go to the Sign On tab of the SonarQube Cloud application.
  2. Next to the SAML Signing Certificates subsection, select the View SAML setup instructions button.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License