Setup in SonarQube Server

This page explains how to setup in SonarQube Server SAML with Microsoft Entra ID. This is the second step of SAML authentication setup with Microsoft Entra ID.

This page explains how to set up SAML in SonarQube Server when using Microsoft Entra ID as the identity provider. This is the second step of SAML authentication setup with Microsoft Entra ID. For an overview of the complete setup, see Introduction to SAML with Microsoft Entra ID.

Proceed as follows:

  1. Open MS Entra ID to prepare the copy-paste of single-sign-on settings in SonarQube Server.

  2. Configure SAML in SonarQube Server.

Open MS Entra ID

To prepare the copy-paste of single-sign-on settings in SonarQube Server:

  1. In Microsoft Entra ID, go to Identity > Applications > Enterprise applications > All applications and select the application you created for SonarQube Server.

  2. On the application’s page, select Single sign-on. You will need to retrieve values related to sections 1, 2, and 4. In section 2, select Edit first to open the Attributes & Claims page.

Locate in MS Entra ID the field values to be copy-pasted to SonarQube

Configure SonarQube Server

  1. Go to Administration > Configuration > General Settings > Authentication> SAML.

  2. Select Create Configuration.

Select the Create Configuration button to create a new SonarQube configuration for SAML

  1. Fill in the fields as explained in the table below.

Field in SonarQube Server
Description

Application ID

Value in MS Entra ID:In the Basic SAML Configuration section (1), value of the Identifier(Entity ID) field.

Provider ID

Value in MS Entra ID:In the Set up <applicationForSonarQubeServer> section (4), value of the Microsoft Entra ID Identifier field.

Provider Name

Name of the Identity Provider displayed in SonarQube Server login page when SAML authentication is active.

SAML Login URL

Value in MS Entra ID:In the Set up <applicationForSonarQubeServer> section (4), value of the Login URL field.

Identity provider certificate

Certificate downloaded in Step 2 of Setup in Microsoft Entra ID.

SAML user login attribute

Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for Login.

For an example, see the SonarQube Server screenshot below.

SAML user name attribute

Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for Name.

For an example, see the SonarQube Server screenshot below.

SAML user email attribute

Optional. Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the attribute to be used for email.

SAML group attribute

Optional (if you use the Just-in-Time provisioning’s group synchronization feature). Value in MS Entra ID:In the Attributes & Claims section (2), select Edit and retrieve the Claim name (URL type value) of the groups attribute.

Below is a SonarQube Server screenshot with SAML user login and name value examples.

SAML user login and name value examples in SonarQube

  1. Save the configuration.

  2. Before enabling SAML authentication on SonarQube Server, you can verify that the configuration is correct by selecting Test Configuration. This will initiate a SAML login and return useful information about the SAML response obtained from the identity provider.

  3. Select Enable configuration.

  4. Check that the SonarQube Server login form now contains a SAML login button.

SonarQube Server login form with login button for SAML

Related pages

PreviousSetup in Microsoft Entra IDNextSetup of security features

Last updated

Was this helpful?