After upgrade to SonarQube Developer Edition v2025.1 (102418) SAML authentication failed

Hi all,

after upgrading to SonarQube * Developer Edition v2025.1 (102418) our SAML authentication via Authentik is no longer working. It worked well with former SonarQube Editions.

When i test the SAML configuration in my Admin panel i get the following error:

`* Invalid assertion [_e4e785f8e0af47a48ffb2143d611ab03] for SAML response [_ced1d2061f174b6d93957649bfd0f89e]: Condition '{urn:oasis:names:tc:SAML:2.0:assertion}AudienceRestriction' of type 'null' in assertion '_e4e785f8e0af47a48ffb2143d611ab03' was not valid.: None of the audiences within Assertion '_e4e785f8e0af47a48ffb2143d611ab03' matched the list of valid audiances`

We deleted the Configuration scheme and set it completely new. However the error keeps the same.
We need assistance in here since our colleagues are no longer able to work in SonarQube.

Greetings,
Martina

Hi Martina,

The Release upgrade notes list what you should be aware of before you take any given upgrade, and we urge you to read them each time.

For 2025.1 there’s a change to be made to SAML configuration.

 
HTH,
Ann

Hi Ann,

i’ve read it. But we do not make SAML with Microsoft nor do we use PingOne so this is not of interest for us.

Nevertheless we were able to fix the Problem by deleting and recreating the whole SAML. It seemed that there was a non visible space soewhere at the end of the ID entries.

Fortunately, the previous SonarQube versions had no problems with this; the SAML with Authentik worked perfectly there.

Greetings,
Martina