Start Free
10.7 | Instance administration | Authentication and provisioning | GitLab | Provisioning modes | Just-in-Time provisioning

GitLab Just-in-Time provisioning mode

On this page

The Just-in-Time (JIT) provisioning is the default provisioning mode. User accounts are created in SonarQube when GitLab users log in for the first time. With this mode, you can use the group synchronization and user access restriction features described below.

Group synchronization

Groups are used in SonarQube to manage user permissions.

With the group synchronization:

  • The synchronization occurs each time a user logs in to SonarQube with their GitLab credentials.
  • If a matching group is found in SonarQube, the GitLab account's memberships in that group are synchronized in SonarQube. The groups match if the SonarQube group name matches the GitLab group URL. For example, the SonarQube group my-gitlab-group/sub-group matches the GitLab group whose URL is https://gitlab.com/my-gitlab-group/sub-group. (The name check is case-sensitive; The default built-in sonar-users group is excluded from the synchronization.) 
  • Manually added group memberships of JIT-provisioned users are reset in SonarQube at synchronization time.

User access restriction (Allowed groups)


Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License