9.9 | Instance administration | Authentication | GitLab

Was this page helpful?

On this page

Start Free


You can delegate authentication to GitLab using a dedicated GitLab OAuth application.

Creating a GitLab OAuth app

You can find general instructions for creating a GitLab OAuth app here.

Specify the following settings in your OAuth app:

  • Name: Your app's name, such as SonarQube.
  • Redirect URL<Your SonarQube URL>/oauth2/callback/gitlab. For example, https://sonarqube.mycompany.com/oauth2/callback/gitlab.
  • Scopes: select api and read_user

After saving your application, GitLab takes you to the app's page. Here you find your Application ID and Secret.

Setting your authentication settings in SonarQube

  • Enabled: Set to true.
  • GitLab URL: https://gitlab.com for cloud version of Gitlab, otherwise your self-hosted GitLab server URL
  • Application ID: The application ID is found on your GitLab app's page.
  • Secret: The secret is found on your GitLab app's page.
  • Allow users to sign up: enable to allow new users to authenticate. When disabled, only existing users will be able to authenticate to the server.
  • Allowed groups: this is to restrict users allowed on SonarQube to certain GitLab groups. Only members of these groups (and sub-groups) will be allowed to authenticate. Please enter the group slug as it appears in the GitLab URL, for instance if the group URL is https://gitlab.com/my-gitlab-group, then enter my-gitlab-group.
  • Synchronize user groups: For each GitLab group they belong to, users will be assigned to a group with the same name (if it exists) in SonarQube.
    On SonarQube, groups you want to synchronize must be named according to their GitLab URL:
    • https://gitlab.com/my-gitlab-groupmy-gitlab-group
    • https://gitlab.com/my-gitlab-group/sub-groupmy-gitlab-group/sub-group

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License