Setup in Microsoft Entra ID
This page explains how to register SonarQube Server in Microsoft Entra ID. This is the first step of SAML authentication setup with Microsoft Entra ID.
This page explains how to register SonarQube Server in Microsoft Entra ID. This is the first step of SAML authentication setup with Microsoft Entra ID. For an overview of the complete setup, see Introduction.
Step 1: Create the SAML application for SonarQube Server in MS Entra ID
1. In Microsoft Entra ID, go to Manage > Enterprise applications > All applications.
2. Select New application and then Create your own application.

3. Fill in the name and select the Integrate any other application you don’t find in the gallery option.

4. Select Create.
Step 2: Configure the application for SonarQube Server in MS Entra ID
1. Go to Single sign-on > SAML. The Set up Single Sign-On with SAML page opens

2. In the Basic SAML Configuration section of the page, select Edit, fill in the Identifier and the Reply URL fields as described below, and save.
3. In the Attributes & Claims section of the page, configure the attributes used by SonarQube Server as described below. To add an attribute, select Add new claim.
4. If you use the group synchronization feature (If a matching group is found in SonarQube Server, the Entra ID user account’s memberships in that group are synchronized in SonarQube Server.), add a group attribute as described below. Alternatively, you may use SCIM user and group provisioning, see With Microsoft Entra ID.
Group synchronization doesn’t work with Microsoft Entra ID’s nested groups.
Microsoft Entra ID SAML tokens have a limit regarding the number of groups a user can belong to (see the description of groups in the Claims in SAML Token table). In such cases, you might need to reduce the number of groups the user is in.
5. In the SAML Certificates section of the page, download Certificate (Base64). (You will have to copy-paste the downloaded certificate into SonarQube Server during the Setup in SonarQube Server.)

6. Assign users and groups as follows:
Go to Manage > Users and groups.
Select Add user/group to assign users or groups to the application.
Related pages
Last updated
Was this helpful?