[Help Needed] SonarQube SSO and SCIM with OneLogIn

Nino_Corcuera_Flores · September 5, 2023, 2:32pm

Hi!

I’m having an issue with the SSO and SCIM set up of our SonarQube to OneLogIn. I’m including them both in the same topic since they are connected.

I’ve recently set up the our SSO for Sonarqube using OneLogIn. I’ve followed this guide.

When I test the configuration I get a success message

When i try to login via the OneLogIn portal I’m getting the error. This message comes up either when the SAML configuration is disabled or enabled.

When I do our SCIM provisioning. I generated a user token from our admin account and put that in OneLogIn and the SCIM url and I’m getting the error below when I try to provision a user via OneLogIn.

User failed creating in app. Authorization failure. The authorization header is invalid or missing

We’re also getting this error when we use the token via API
Invalid IAP credentials: Unable to parse JWT

We currently have the Enterprise Edition 10.0.0.68432 version.

Colin · September 7, 2023, 5:48pm

Hey there.

SCIM is very specifically supported for Okta and Azure AD – which is why we don’t document a more generic implementation.

Regarding this issue:

It looks like the Host header needs to be preserved in the configuration of whatever is serving your SonarQube server over HTTPS (nginx, httpd, IIS)… what is responsible for proxying your SonarQube server over HTTPS?