Step 2: Configure SSO with the setup assistant

Currently, only SAML SSO is supported.

If you use Okta or Microsoft Entra ID, go to the following pages:

• Configuring SAML SSO with Okta
• Configuring SAML SSO with Microsoft Entra ID

Otherwise, proceed as follows: 

1. In SonarQube Cloud, retrieve your enterprise.
2. Select Administration > Single Sign-On. The Single Sign-On page opens.
3. Select Open Configuration and then Get Started. The setup assistant opens.
4. Select Custom SAML and select Next. 
5. Follow the steps described below.

Step 1: Create the SonarQube Cloud application in your identity provider

1. Create the SonarQube Cloud application in your identity provider.
2. Copy the Service Provider Identity ID field value from the setup assistant and paste it into the corresponding field in your identity provider.
3. Copy the Single Sign-On URL field value from the setup assistant and paste it into the corresponding field in your identity provider.
4. In the setup assistant, select Next to go to the step 2. Configure Connection.

Step 2: Configure the connection

The operation is different depending on whether your identity provider supports the SAML metadata URL field (URL used by SonarQube Cloud to access metadata information) or not.

Metadata URL supported

1. In your SonarQube Cloud application in your identity provider, copy the value of the field corresponding to the SAML metadata URL . 
2. Paste it into the Metadata URL field in the Automatic tab of the setup assistant page.
3. In the assistant, select Create Connection and Proceed. SonarQube Cloud is trying to connect to your Identity Provider. If the connection is established, the assistant moves to step 3. Attribute Mapping.

Metadata URL not supported

1. In the assistant, select the Manual tab.
2. In your identity provider, copy the value of the SSO login URL field and paste it into Single Sign-On Login URL in the assistant.
3. In your identity provider, download the certificate and upload it to the assistant.
4. In the assistant, select Create Connection and Proceed. SonarQube Cloud is trying to connect to your Identity Provider. If the connection is established, the assistant moves to step 3. Attribute Mapping.

Step 3: Set up the attributes

1. In your identity provider, create the attributes for name, login, email, and groups (the group attribute is used for automatic group synchronization). To do so, for each attribute, copy the attribute name from the assistant and paste it into the attribute's name field in your identity provider.
2. In the assistant, select Next to go to the step 4. Test SSO.

Step 4: Test SSO

Select the Test Connection button. The test is started and the results are displayed on the page as illustrated below.

If the test was successful, select Done. 

Related pages

• Step 1: Verify the user groups of the enterprise's organizations
• Step 3: Invite users to sign in with SSO
• Step 4: Terminate the SAML SSO setup
• Editing your SSO configuration
• Deleting your SSO configuration