I am looking to create local user even after enabling scim.
This is because we need to local user used an account for one group/team so that team does not use their personal token for scanning in cicd jobs.
Hi,
This is flagged for the PMs.
Ann
Thanks for your request @rajini
Once SCIM provisioning is enabled, all users and groups in SonarQube Server become read-only. The only supported actions are local group deletion and local user deactivation (for users not managed by SCIM). As a result, it’s not possible to manually create or manage local users through the SonarQube UI or API.
One possible approach is to create service accounts in your IdP and assign them to the SonarQube Server application. These accounts will be provisioned in SonarQube Server and can be used for automation purposes.
Another option we plan to introduce in the future is instance-level tokens with configurable permissions, allowing them to perform tasks such as running scans in CI/CD pipelines. Would this approach address your use case?
Hi Nour,
Yes i think its wise to have an option to create tokens with configurable permissions.
Because not all IDP supports service accounts.
Please let me know if the plan is going to be executed sooner.
@rajini Duly noted, thanks for your feedback and we will communicate on this forum when those tokens are available on SonarQube Server.
If you’re curious, checkout Scoped Organization Tokens which are already available on SonarQube Cloud.