Start Free
10.7 | Instance administration | Authentication and provisioning | GitLab | Setting up authentication

Setting up GitLab authentication and provisioning

On this page

You can delegate in SonarQube the authentication to GitLab by using one of the following provisioning modes:

You need the global Administer System permission in SonarQube to set up the authentication delegation.

Setup overview

The SonarQube Server uses a GitLab OAuth 2 application to manage the authentication delegation to GitLab and the user or group synchronization. SonarQube Server uses a “GitLab Configuration” record to access the GitLab application. 

Step 1: Create a GitLab application for authentication and provisioning

  1. Create a GitLab OAuth 2 application: see the GitLab documentation.
  2. Specify the following settings in your GitLab application:
    • Name: Your app's name, such as SonarQube.
    • Redirect URI: <Your SonarQube URL>/oauth2/callback/gitlab. For example, https://sonarqube.mycompany.com/oauth2/callback/gitlab.
    • Scopes: Select api if you plan to enable group synchronization with Just-in-Time or enable automatic provisioning. Select read_user otherwise.
  3. Save your application. GitLab takes you to the application's page, where you can find your Application ID and Secret you’ll need in Step 2 below.

Step 2: Configure in SonarQube GitLab authentication and provisioning

This step is different depending on your SonarQube Edition.

Community Edition
  1. In SonarQube, go to Administration > Configuration > General Settings > Authentication > GitLab.
  2. Select Enabled.
  3. Fill the following fields with information from the GitLab application created in Step 1: 
    • GitLab URL: Enter https://gitlab.com or your own GitLab server URL where applicable. 
    • Application ID
    • Secret
  4. Set the options you want to use:
From the Developer Edition

1. In SonarQube, go to Administration > Configuration > General Settings > Authentication > GitLab.

2. In GitLab configuration, select Create configuration. The New GitLab Configuration dialog opens.

3. Fill the fields of GitLab configuration with information from the GitLab application created in Step 1: 

    • Application ID
    • GitLab URL: Enter https://gitlab.com or your own GitLab server URL where applicable. 
    • Secret

4. Select the Synchronize user groups option if you want to enable group synchronization at user login:

    • In Just-in-Time provisioning mode, this means that group synchronization is enabled.
    • In automatic provisioning mode, this means that users’ group memberships are also synchronized at user authentication time (and not only on an hourly basis). 

5. Select Save configuration. The configuration is created.

6. Select Test configuration to check the configuration. Correct it if necessary.

7. You can now enable the automatic provisioning option by selecting Automatic user, group, and permission provisioning. See Enabling automatic provisioning.
If you don’t want to use the automatic provisioning option, you can configure JIT provisioning options in the Provisioning > Just-in-Time provisioning section: see Managing Just-in-Time provisioning mode.


Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License