We’re excited to announce the launch of a new feature designed to make SSO setup easier and more reliable.
What’s new? Improved SSO configuration experience Simplified setup using metadata URL Configuration Validation: Before enabling a newly created SSO connection, creators can now test and validate the configuration to ensure it works as expected. This reduces the risk of misconfigurations and minimizes the need for troubleshooting..
Why this matters:
This enhancement empowers admins to confidently roll out SSO connections with fewer errors, improving trust and reducing troubleshooting time.
Looking ahead:
This launch lays the foundation for even more robust SSO capabilities. Next, we plan to extend support to custom OIDC connections, introduce guided Entra ID integration, and more.
Stay tuned for upcoming updates as we continue to build a more flexible and powerful SSO experience.
Go check it out!
The new flow is available starting today to Enterprise customers under the Enterprise administration section.
Please note that the new flow will only appear if you don’t have any existing SAML configuration with the old flow. This is meant to protect existing enterprises with SAML from any confusion.
We’d love to hear your feedback!
If you encounter any issues, feel free to reach out in this thread.
Hi, in our company we have a standard that says we should use SSO for authentication, but use the targeted applications environment for authorization. Meaning that when we enable SSO for SQ, we prefer to not use Entra ID groups but keep the group / user maintenance we currently have in SonarCloud. Like with the DOP accounts, but then without the accounts being DOP. Would be great if group synchronization is not mandatory, but optional.
For us using SSO means control on who can access SonarCloud. It would also mean control on adding users (only those validated through SSO) and user maintenance. E.g. if an account is no longer provided through SSO, would be good if it can be removed automatically.
Hope these are all options that become available on the cloud solution.
Thank you for your feedback – I’ve logged it for our future improvements. Your use case is very interesting, and I believe it would be valuable to discuss it together so I can fully understand the ideal approach for your organization’s authentication and authorization needs.
I understand that you want to use SSO for authentication and DOP for authorization. Currently, in SQC, DOP accounts are separate from SSO accounts and operate independently.
Do you expect these identities to be linked? I have a few other questions to clarify your expectations. If you’re open to it, please feel free to book a time slot in my agenda.
Improved SSO configuration experience