HTTP header

You can delegate user authentication to third-party systems (proxies/servers) using HTTP header authentication.

When this feature is activated, SonarQube Server expects that the authentication is handled prior to any query reaching the server. The tool that handles the authentication should:

• Intercept calls to the SonarQube Server.

• Take care of the authentication.

• Update the HTTP request header with the relevant SonarQube Server user information.

• Re-route the request to SonarQube Server with the appropriate header information.

All the parameters required to activate and configure this feature are available in SonarQube Server configuration file. See the SSO AUTHENTICATION section in <sonarqubeHome>/conf/sonar.properties.

Using HTTP header authentication is an easy way to integrate your SonarQube Server deployment with an in-house SSO implementation.