Setup in Ping Identity

This page explains how to register SonarQube Server in PingOne (or PingFederate). This is the first step of SAML authentication setup with Ping Identity.

This page explains how to register SonarQube Server in PingOne. The procedure with PingFederate is similar (The properties and values to be configured are the same.). This is the first step of SAML authentication setup with Ping Identity. For an overview of the complete setup, see Introduction to SAML with Ping Identity.

Step 1: Create the SAML application for SonarQube Server

  1. In PingOne, go to Applications > Applications.

  2. Select the + icon.

Create a new application in PingOne

  1. Enter the application name and description.

Enter the new application's name in PingOne

  1. In Choose Application Type, select SAML Application.

  2. Select Configure.

  3. Select the Manually Enter option and set:

    • ACS URL (Assertion Consumer Service): Must be in the format: <sqServerBaseUrl>/oauth2/callback/saml Example: https://my-sonarqube.com/oauth2/callback/saml

    • Entity ID: Identifier of the application for SonarQube Server in PingOne Example: sonarqube

  4. Select Save.

Step 2: Configure the application

  1. Go to the Attribute mappings tab of the application for SonarQube Server you created in step 1 (To retrieve the application, go to Applications > Applications and open the application details page.).

Configure the attribute mappings in PingOne

  1. Select the pencil icon and the +Add button to add an attribute mapping: select a PingOne user attribute and map it to an attribute in the application. See the example below.

SAML attribute mapping example
SAML attribute in the application
PingOne user attribute
Description

saml_subject

User ID

login

Family Name

A unique name to identify the user in SonarQube Server.

name

Given Name

User name.

email

Email Address

User email address.

group_names

Group Names

Required only if you use the group synchronization feature with Just-in-Time provisioning. See Just-in-Time provisioning.

  1. Select Save.

  2. Go to the Configuration tab and select the Download Metadata button to download the SAML metadata containing your X.509 certificate.

Step 3: Enable the application

  1. In PingOne, retrieve the application: go to Applications > Applications and open the application details page.

  2. In the top right corner of the application, select the toggle button.

Enable the application in PingOne

Step 4: Assign users and groups to the application

  1. To create users, go to Identities > Users and select + Add User.

  2. To create a group:

    • Go to Identities > Groups.

    • Select + to create and save a group.

    • On the page of the new group, open the Users tab, and add users to the group.

Related pages

PreviousIntroduction to SAML with Ping IdentityNextSetup in SonarQube Server

Last updated

Was this helpful?