Okta SSO federation

  • ALM used (GitHub)
  • CI system used (github Actions)
  • Scanner command used when applicable (private)
  • Languages of the repository(javascript, java, go, C)

Hi, Thank you for your help.

Our company has created an IP-restricted “organization” on github with an enterprise account and we use Okta SSO to log in.

Due to the benefits of sonarcloud, we are now considering its implementation and are evaluating it on a trial basis.

The private repositories other than ‘Organization’ can be analyzed by sonarcloud, but the repositories under ‘Organization’ fail to be added to sonarcloud.

From the perspective of source protection, we believe that SSO with Okta, IP address restriction of the access source, MFA, etc. are essential.

Please guide us on how to enable sonarcloud to analyze repositories that comply with these security levels.

Thank you very much.

I knew that there was some information in the community as follows, but I didn’t know if it was the latest information or not, so I was asking about this.

If it is not possible to officially support Okta and restrict IP addresses, then unfortunately we will not be able to sign up for a paid subscription.

I would appreciate it if you could comment on the plan to support Okta or why you cannot support it.

Thank you.

Hello @kuniaki_shindo,

Welcome to the community.

SonarCloud.io is hosted on AWS and it is not possible to assign Elastic IP address (persistent) to Load Balancers. This has not been a common request from customers but I understand your need.

AWS does suggest solutions to this problem so I will raise it with the product team to get it added to the list.

Have you tried SonarQube?

Kind regards,

Hello Mark, thank you for your comment and escalating to the team.

I am also using AWS, so I knew that the IP address cannot be fixed due to the placement of the sonarcloud server configuration.
I also know about sonarqube, but since my organization has many users, I was looking for a fully managed service that can scale without running the servers myself.

We hope that you will continue to support fixed source IP and SAML authentication.

Again I appreciate you.