How to stop Sonarqube from creating users automatically using SAML SSO login

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) community 7.9.1
  • what are you trying to achieve : signon using SAML SSO, upon successful authentication with IdP, if user does not exist in SonarQube then one is created - we want to disable user creation.
  • what have you tried so far to achieve this all options that are available in sonar

This is not possible. Can you discuss why this is a requirement for you?

Thank you for reply. So lets say that we have 1000 users, we don’t want all (or anyone) of them to be able to go through via SAML SSO and have an account created. We are going through a federated solution and the only assertions we are getting back are names, email

If you don’t want any users to authenticate through SAML… why configure SAML authentication at all?

Thx for reply again, so we dont have to enter our passwords and enrichment data is picked up and updated from IdP. So I guess this is not possible ? Other tools allow this

Any movement on this?
We are currently running 8.1.0 but i couldn’t find anything that would allow us to configure this. something like the ’ Allow users to sign-up’ settings that github integration does have would help us out a lot.

What we do for all our other tools is setting up SSO and regulate actual access to the tool by creating users in the tool. As we currently aren’t able to set this up this is preventing us from using SSO for sonarqube which is a shame. Any other ways around this would be greatly appreciated as well :slight_smile:

Hi,

Seems like this is long pending.

In case anyone still looking for the disabling New User Creation feature, give a try to miniOrange SAML SSO plugin for SonarQube. It provides an option to disable new user creation.

For further information or assistance, you can reach out to us at miniOrange Help Desk.

Thanks,
Himanshu