Security features

SonarQube Server comes with a number of global security features:

• On-board authentication and authorization mechanisms.

• The ability to force users to authenticate before they can see any part of a SonarQube Server instance.

• The ability to delegate to authentication.

• Enforce an Azure OpenAI Service endpoint URL domain when Enabling AI-generated fix suggestions.

Additionally, it’s possible to configure at a group or user level who can:

• See that a project even exists.

• Access a project’s source code.

• Administer a project (set exclusion patterns, tune plugin configuration for that project, etc.).

• Administer Quality Profiles, Quality Gates, and the SonarQube Server instance itself.

Another aspect of security is the encryption of settings such as passwords. SonarQube Server provides a built-in mechanism to encrypt settings.

See:

• User accounts

• Managing groups

• Managing permissions

• Setting project permissions

• Sensitive settings