Issues linking existing accounts to Azure SSO

SonarQube Cloud
, ,
1

I don’t really know where to start with this, I am confusing myself more and more with each snippet of troubleshooting I do. Apologies for the brain dump I am about to write!

I have two issues:

1. BitBucket users not able to loging using Azure/EntraIS SSO

So we have an Enterprise which has Azure/EntraID SSO configured.
Under that we have only one organisation which is bound to BitBucket.

I can log in to the platform using SSO and I can see everything.
I can also login using BitBucket and see everything.
I am an admin for all.

I have tried to replicate this for a standard user.
My chosen test user is able to log in using BitBucket and their account appears in the Members section of my Organisation.

I have added them to the users/groups in Enterprise app configuration in Azure/EntraID.
But when they log in, their name does not appear in the same Members list so I cannot assign any groups to them and they cannot see anything.

2. Azure DevOps users cannot be added to groups

To complicate things even more, I have another bunch of users who wish to bind to Azure DevOps.
I have created a new test Organisation for this and bound it.

If I log in with my Azure DevOps account, when I log back in as admin (using SSO or BitBucket) so that I can add this DevOps linked account to the correct group, the organisation has vanished from my admin view.
It must still be there because if I try to recreate it I get the message “This Azure DevOps organization has already been bound to a SonarQube Cloud organization.”

So, where has it gone? How do I admin it?

I am not really having a great time with this and the whole integration/account management side of things is way too overcomplicated.

Please help!
Also, how do I get some premium support to help with this?

  • ALM used → Bitbucket Cloud & Azure DevOps
  • CI system used → Bitbucket Cloud & Azure DevOps
  • Scanner command used when applicable (private details masked) → N/A
  • Languages of the repository → English
  • Only if the SonarCloud project is public, the URL → N/A
    • And if you need help with pull request decoration, then the URL to the PR too → N/A
  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting) → See above
  • Steps to reproduce → See above
  • Potential workaround → No workaround
6

Hi @Becky

Thank you for the detailed explanation and for sharing your feedback – I’m really sorry you’re having such a frustrating experience with this setup. I’ll try to help clarify both issues.

1. Bitbucket users not able to login using Azure/EntraID SSO

One thing to double-check is:

  • Ensure that the group your standard user belongs to in Entra ID is assigned to your Enterprise application.
  • Confirm that this group also exists in your SonarQube Cloud organisation (in most cases, you need to create it manually).
  • Make sure that the group in SonarQube Cloud has the appropriate permissions assigned to it so that members can see what they need.

2. Azure DevOps users cannot be added to groups

You mentioned:

I have created a new test Organisation for this and bound it.

Can you clarify which user account you were logged in with when creating this organisation? That user becomes the admin of the organisation, so you should be able to log in with that account to administer it.

From there, you can:

  • Configure SSO for that organisation.
  • Assign your SSO user as an admin, so you can manage both organisations with the same admin account if needed.

I really appreciate you taking the time to write all of this out. I’m sorry the integration and account management process has been so complex – your feedback is highly valuable, and we’ll take it into account to improve our onboarding experience.

For premium support , a member of our support team will reach out to gather more details and assist you further.

Thank you

1 Like