Sonar Enterprise Version v2025.1 (102418) installed on windows VM.
SSO authentication - Ping Federate.
Users are logging with Ping Federate, But in the SAML there are no groups assigned. Even then user creation is happening and default sonar-users group is assigned. How to restrict the user creation if there are no groups in the SAML response.
Hey there.
It’s typically up to the identity provider (here, Ping Federate) to authorize whether or not the user should have access to an application and, therefore, send along the SAML response that lets the user authenticate to SonarQube.
Keep in mind that if for some reason, it isn’t possible at the Identity Provider level (I’m not super familiar with Ping Federate), you can always manage the default permissions of users and groups if you want to keep things hidden unless the user belongs to a certain group.