Generate metadata for SonarQube SAML SSO

I am using SonarQube Enterprise with version and SAML plugin version 1.1.0 (build 181).
I am configuring SSO with ADFS,

Is there anyway to generate SSO metadata ?

What is SonarQube SAML endpoint to inserted in Location of AssertionConsumerService tag ?

Currently I am using https://sonarqube/auth/realms/sonarqube/protocol/saml
but upon testing the ADFS service, it shows

The request specified an Assertion Consumer Service URL ‘https://sonarqube/oauth2/callback/saml’ that is not configured on the relying party ‘https://sonarqube’.

Assertion Consumer Service URL: https://sonarqube/oauth2/callback/saml

Relying party:

How do i get SSO metadata so I can provide the metadata to ADFS provider setting?


I am also finding the solution for this. Did you get a solution yet?

I know this is a long time ago–but maybe this will help others:

$adfsUri = “https://<your_ADFS_endpoint>/FederationMetadata/2007-06/FederationMetadata.xml”

$federationMetadata = Invoke-WebRequest -Uri $adfsUri

$metadata = $federationMetadata.Content

[xml]$SPMetadata = $Metadata
$SPAssertionConsumerServiceURL = SPMetadata.EntityDescriptor.SPSSODescriptor.AssertionConsumerService | ? {.Binding -eq “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”} |
% {$
$SPIssuerURI = $SPMetadata.EntityDescriptor.entityID
$SPSignatureCertificate = SPMetadata.EntityDescriptor.SPSSODescriptor.KeyDescriptor | ? {.use -eq “signing”} |
Select-Object -Last 1 |
% {$

Write-Host “SP Issuer URI: $SPIssuerURI”
Write-Host “SP Assertion Consumer Service URL: $SPAssertionConsumerServiceURL”
Write-Host “SP Signature Certificate:”
Write-Host $SPSignatureCertificate

Set-Clipboard -Value $SPSignatureCertificate

This will provide you some elements that can be directly cut-n-pasted into the entries within SonarQube.

Hi all,

Did anyone find any solution to generate metadata file ? If yes, plz share it. Thanks


The metadata file is usually generated on demand by your Identity Provider (IdP) and shared with the Service Provider (SP) [SonarQube]. The IdP metadata XML file would contain the IdP certificate, the entity ID, the redirect URL, and the logout URL. For Active Directory Federated Services (AD FS), for example, the script above shows the typical path if you had that provider available within your environment.