search
Start Free

Managing JIT provisioning

Once you’ve set up GitLab authentication and provisioning with the Just-in-Time (JIT) provisioning mode, you can set or change JIT provisioning mode options.

You need the global Administer System permission in SonarQube Community Build to perform this setup.

hashtag
Setting up the group synchronization

You can enable the group synchronization. The group synchronization requires that you manually create the user groups in SonarQube Community Build: see below.

circle-exclamation

If you enable the group synchronization, you cannot manage group memberships manually and existing manually added group memberships of JIT-provisioned users are reset in SonarQube Community Build during synchronization.

  1. Go to Administration > Configuration > General Settings > Authentication > GitLab.

  2. Select or unselect the Synchronize user groups option.

  3. Save.

chevron-rightCreating the user groups in SonarQube Community Buildhashtag

To allow group synchronization, you must create in SonarQube Community Build a group for each GitLab group and subgroup you want to synchronize: see Managing groups.

You must name the SonarQube Community Build group according to the URL of the GitLab group or subgroup. Be aware that that name check is case-sensitive.

Examples:

  • If the URL of the GitLab group is https://gitlab.com/my-gitlab-group, the name of the SonarQube Community Build group mus be my-gitlab-group.

  • If the URL of the GitLab group is https://gitlab.com/my-gitlab-group/sub-group, the name of the SonarQube Community Build group must be my-gitlab-group/sub-group.

circle-info

To set the group permissions at the system level, see Managing permissions.

hashtag
Blocking/Authorizing the sign-up of new users

You can block the signup of new users with SonarQube. This may be useful if you want to manage user provisioning through an API.

To block or authorize the sign-up of new users with SonarQube Community Build:

  1. Go to Administration > Configuration > General Settings > Authentication > GitLab.

  2. Unselect or select the Allow new users to sign up option.

  3. Save.

circle-info

With SonarQube Server, you can restrict access to SonarQube by defining Allowed groups. For more information, see Feature comparison table.

hashtag
Related pages

PreviousSetting up authenticationNextDisabling authentication

Last updated

Was this helpful?