When authenticating through Azure DevOps, can you please advise which permissions are required to be set?
Additionally, please inform us whether the SonarCloud application is a multi-tenant application?
These are answers required by our IT department in order to allow access through Azure DevOps.
Hi @Ryan_Adler
Here are the 2 permissions we need :
Allows the app to see and update the data you gave it access to, even when users are not currently using the app. This does not give the app any additional permissions.
Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
And yes, SonarCloud app is multi-tenant.
HTH,
Mickaël
Hi Mickael,
My IT is also asking for this information, is it up to date ?
thanks for you reply
Frédéric
Hi Mickael,
My IT is know asking for a lot of specific technical details, could someone help with these ? I guess all sections are not relevant for you, sorry about that. If there’s an URL describing all of this, I didn’t find it.
thanks for your help.
Frédéric
| Application is available in Azure gallery ? | |
|---|---|
| Application name from Azure Gallery | |
| App Registration type if not in Azure Gallery | |
| TLS version | |
| Domains to allow into application | |
| Application domain owner verification type ? | |
| BNP Paribas application dedicated url | |
| Installation document | |
| Firewall flow matrix | |
| Proxy flow matrix | |
| Application tenant verification method ? |
| Application SAMLv2 protocol settings (application already published into Azure Gallery) | Claims with SAMLv2 protocol | ||||
|---|---|---|---|---|---|
| Application metadata XML file available ? | Source AD Attribute | Application claim | Claim Format/Transformation | ||
| Application metadata URL (if any) | |||||
| Identifier (Entity ID) | |||||
| Reply URL (Assertion Consumer Service URL) | |||||
| Reply URL redirect method | |||||
| Sign on URL | |||||
| Relay State URL (if any) | |||||
| Logout URL (if any) | |||||
| Response signing certificate issued by Azure ? | |||||
| Certificate alert recipients (email addresses) |
| Application OpenID Connect protocol settings | Additional claims with OpenID Connect (only if not included into Scopes) | ||||
|---|---|---|---|---|---|
| Identifier | Source AD Attribute | Application claim | Claim Format/Transformation | ||
| Reply URL (if any) | |||||
| Client Secret ? | |||||
| Use a certificate as Secret ? | |||||
| Certificate alert recipients (email addresses) | |||||
| Graph API permissions ? | |||||
| Graph API url | |||||
| Send scope openid | |||||
| Send scope profile | |||||
| Send scope email | |||||
| Other scope names to send |
| Provisioning settings | SCIM provisioning attributes | |||
|---|---|---|---|---|
| Provisioning method | Azure AD Attribute | Application attribute | ||
| SCIM URL | ||||
| SCIM alert recipients (email addresses) | ||||
| SCIM Secret Token ? |
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
Hi @fredolaredo,
And sorry for the very late reply.
Are you actually facing an issue with logging in via Azure DevOps? There should be no configuration required on your side.
Or are you trying to fill out a form for new vendors? If that’s the case then the community forum isn’t the right place, you should go through our contact form which will allow you to discuss it with one of our salespeople.
Hi Grégoire
Actually we are getting the Azure admins to implement the Sonarcloud policy tomorrrow, we’ll see.
Frederic