Skip to main content
Skip table of contents

Sonarqube SAML Integration

This document explains how to implement Monosign with Sonarqube. It covers Single Sign-On. Before you continue, it is better to start with Sonarqube’s Single Sign-On implementation page.

Monofor has no responsibility to do Sonarqube configurations. If you need support please contact Sonarqube Support Services.

📑 Instructions

This documentation contains 4 main steps for integration.

  1. Creating an Application on Monosign

  2. Configuration Single Sign-On for Sonarqube

  3. Assign a user to the Sonarqube application

  4. Sign In Test

1- Creating an Application on Monosign

Create application on Monosign and configure your access policy. Once you create, click “Keys” and add a new Access Key for SAML Key for access.

This information will be necessary during the configuration of the application.

Property

Value

Options

Key Type

SAML

Rest API, OAuth 2.0, JWT, OIDC/OpenID, SAML, RADIUS, Access Gateway, LDAP, AuthN/Z Server

Expiration

Lifetime

Lifetime or Specific Date/Time - By Default Lifetime is Enabled.

Configuration details for the Sonarqube application are provided as follows:

image-20250312-110509.png
image-20250312-110704.png
image-20250312-110753.png
image-20250312-110851.png

Change Assertion Consumer URL, Audience, Entity Id, Name Id, Idp Description, Attribute Mapping and Group Mapping.

Property

Value

Assertion Consumer URL

https://<Sonarqube-FQDN-OR-IP>:<PORT>/oauth2/callback/saml

Audience

APPLICATION-ID on SONARQUBE

Entity Id

APPLICATION-ID on SONARQUBE

Name Id

UserName

Idp Description

APPLICATION-ID on SONARQUBE

Attribute Mapping

Attribute : UserName

Value : {{UserName}}

Attribute : Email

Value : {{Email}}

Attribute : Name

Value : {{Profile.FormattedName}}

Group Mapping

Enable

To ensure that the application has access to user groups, follow these steps:

  1. If the application hasn't been configured yet, click the “Edit” option for the application.

  2. In the application settings, navigate to the “Source, Provider, and Profile” tab.

  3. Configure the “User Access Type“ and “User Group Access Type” as “Only Assigned Users.”

Configuring this setting will allow the application to access by user groups when users sign in.

Property

Description

Options

User Access Type

Defines which Users will access to this application.

Only Assigned Users
All Users

User Group Access Type

Defines application’s user group access

Only Assigned Users
Assigned Users and Defined Sources
All Users

Profile Access Type

Defines Application’s user’s profile access

Restricted - Only restricted user profile attributes
All - All user profile attributes

2- Configuration Single Sign-On for Sonarqube

As it highlighted at the beginning of document, please check out the Sonarqube’s SSO configuration page first.

Please add your Sonarqube settings to the application. The following information is needed for your configuration.

Below information needed before configure the Sonarqube.

Property

Value

Application ID

The identifier used on the Identity Provider for registering SonarQube.

Provider Name

Monosign

Provider Id

https://account.monofor.com/saml/468dcbfb-f55c-4235-a8d8-1d362b98865c

SAML login url

https://account.monofor.com/saml/468dcbfb-f55c-4235-a8d8-1d362b98865c/login

Identity Provider certificate

Monosign SAML certificate

SAML user login attribute

UserName

SAML user name attribute

Name

SAML user email attribute

Email

SAML group attribute

Groups

Download Monosign IdP certificate.

image-20250312-110921.png

Open Sonarqube AdministrationConfigurationGeneral SettingsAuthenticationSAML → Configuration

image-20250312-112427.png
image-20250312-112521.png

Save configuration. Then click Test Configuration for testing SAML works or not.

image-20250312-114433.png

Now, go back to Monosign and give access to your users and try login.

3- Assign a user to the Sonarqube application

Please follow below instructions on how to assign a user to the Sonarqube application. In this example john.smith will assign to the application access.

4- Sign In Test

Now try login. Navigate to the Sonarqube application login page. Click Log in with Monosign.

image-20250312-114639.png

If everything is well configured, the page will be redirected to Monosign’s login page. It can be log in passwordless with QR code or type username and password.

image-20250312-115032.png

When the user logged in, the page will be redirected to the Sonarqube page.

image-20250312-114927.png
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.