Sonarqube SAML Integration
This document explains how to implement Monosign with Sonarqube. It covers Single Sign-On. Before you continue, it is better to start with Sonarqube’s Single Sign-On implementation page.
Monofor has no responsibility to do Sonarqube configurations. If you need support please contact Sonarqube Support Services.
📑 Instructions
This documentation contains 4 main steps for integration.
Creating an Application on Monosign
Configuration Single Sign-On for Sonarqube
Assign a user to the Sonarqube application
Sign In Test
1- Creating an Application on Monosign
Create application on Monosign and configure your access policy. Once you create, click “Keys” and add a new Access Key for SAML Key for access.
This information will be necessary during the configuration of the application.
Property | Value | Options |
|---|---|---|
Key Type | SAML | Rest API, OAuth 2.0, JWT, OIDC/OpenID, SAML, RADIUS, Access Gateway, LDAP, AuthN/Z Server |
Expiration | Lifetime | Lifetime or Specific Date/Time - By Default Lifetime is Enabled. |
Configuration details for the Sonarqube application are provided as follows:
Change Assertion Consumer URL, Audience, Entity Id, Name Id, Idp Description, Attribute Mapping and Group Mapping.
Property | Value |
|---|---|
Assertion Consumer URL |
|
Audience |
|
Entity Id |
|
Name Id |
|
Idp Description |
|
Attribute Mapping |
|
Group Mapping | Enable |
To ensure that the application has access to user groups, follow these steps:
If the application hasn't been configured yet, click the “Edit” option for the application.
In the application settings, navigate to the “Source, Provider, and Profile” tab.
Configure the “User Access Type“ and “User Group Access Type” as “Only Assigned Users.”
Configuring this setting will allow the application to access by user groups when users sign in.
Property | Description | Options |
|---|---|---|
User Access Type | Defines which Users will access to this application. | Only Assigned Users |
User Group Access Type | Defines application’s user group access | Only Assigned Users |
Profile Access Type | Defines Application’s user’s profile access | Restricted - Only restricted user profile attributes |
2- Configuration Single Sign-On for Sonarqube
As it highlighted at the beginning of document, please check out the Sonarqube’s SSO configuration page first.
Please add your Sonarqube settings to the application. The following information is needed for your configuration.
Below information needed before configure the Sonarqube.
Property | Value |
|---|---|
Application ID | The identifier used on the Identity Provider for registering SonarQube. |
Provider Name |
|
Provider Id |
|
SAML login url |
|
Identity Provider certificate | Monosign SAML certificate |
SAML user login attribute |
|
SAML user name attribute |
|
SAML user email attribute |
|
SAML group attribute |
|
Download Monosign IdP certificate.
Open Sonarqube Administration → Configuration → General Settings → Authentication → SAML → Configuration
Save configuration. Then click Test Configuration for testing SAML works or not.
Now, go back to Monosign and give access to your users and try login.
3- Assign a user to the Sonarqube application
Please follow below instructions on how to assign a user to the Sonarqube application. In this example john.smith will assign to the application access.
4- Sign In Test
Now try login. Navigate to the Sonarqube application login page. Click Log in with Monosign.
If everything is well configured, the page will be redirected to Monosign’s login page. It can be log in passwordless with QR code or type username and password.
When the user logged in, the page will be redirected to the Sonarqube page.
