Setup in SonarQube Community Build
This page explains how to set up SAML with Microsoft Entra ID in SonarQube Community Build.
This page explains how to set up SAML in SonarQube Community Build when using Microsoft Entra ID as the identity provider. This is the second step of SAML authentication setup with Microsoft Entra ID. For an overview of the complete setup, see Introduction to SAML with MS Entra ID.
Proceed as follows:
Open MS Entra ID to prepare the copy-paste of single-sign-on settings in SonarQube Community Build.
Configure SAML in SonarQube Community Build.
Open MS Entra ID
To prepare the copy-paste of single-sign-on settings in SonarQube Community Build:
In Microsoft Entra ID, go to Identity > Applications > Enterprise applications > All applications and select the application you created for SonarQube Community Build.
On the application’s page, select Single sign-on. You will need to retrieve values related to sections 1, 2, and 4. In section 2, select Edit first to open the Attributes & Claims page.

Configure SonarQube Community Build
Go to Administration > Configuration > General Settings > Authentication > SAML.
Select Create Configuration.

Fill in the fields as explained in the table below.
Application ID
Value in MS Entra ID:In the Basic SAML Configuration section (1), value of the Identifier(Entity ID) field.
Provider ID
Value in MS Entra ID:In the Set up <applicationForSonarQubeServer> section (4), value of the Microsoft Entra ID Identifier field.
Provider Name
Name of the Identity Provider displayed in SonarQube Server login page when SAML authentication is active.
SAML Login URL
Value in MS Entra ID:In the Set up <applicationForSonarQubeServer> section (4), value of the Login URL field.
Identity provider certificate
Certificate downloaded from SonarQube app in Microsoft Entra ID1).
SAML user login attribute
Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for Login.
For an example, see the SonarQube Server screenshot below.
SAML user name attribute
Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for Name.
For an example, see the SonarQube Server screenshot below.
SAML user email attribute
Optional. Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for email.
SAML group attribute
Optional (if you use the Just-in-Time provisioning’s group synchronization feature).
Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the groups
attribute.
1) See Step 2: Configure the application for SonarQube Community Build in MS Entra ID.
Below is a SonarQube Community Build screenshot with SAML user login and name value examples.

Save the configuration.
Before enabling SAML authentication on SonarQube Community Build, you can verify that the configuration is correct by selecting Test Configuration. This will initiate a SAML login and return useful information about the SAML response obtained from the identity provider.
Select Enable configuration.
Check that the SonarQube Community Build login form now contains a SAML login button. The text highlighed in the figure below can be configured through the Provider Name field of the SAML configuration in SonarQube Community Build.

Related pages
Last updated
Was this helpful?