Delegated Auth via Okta SAML

richard-lw · June 21, 2021, 4:01pm

SonarQube Version 8.9 (build 43852)

We are currently using LDAP auth and would like to migrate over to using Okta SAML. I followed this community post to configure Okta SAML: SonarQube and SAML Authentication with Okta

After configuring Okta SAML, I received this prompt on my first login:

Is this suggesting that the original users authenticating via LDAP are sourced from our LDAP and that those users will not be linked to the Okta SAML user? If we associate the email address to “another user account” does that mean any issues the LDAP user had will not be transferred over to the Okta SAML user?

It sounds as if this will treat a user logging in via Okta SAML as a completely new user.

Chris · July 19, 2021, 12:09pm

Hi Richard,

SonarQube is able to connect to different authentication methods, but when you start using one for a given user account, you can’t simultaneously use another method for the same account.
This message is misleading and we’ll fix it soon.

If you want to change the authentication methods for your users from LDAP to SAML, you should use the Web API. I invite you to read how to “Migrate users to a new authentication method” in this documentation page.

Chris