Hi, folks -
Likely a pretty simple question. We’re currently on 2025.5 Enterprise edition, deployed as a standalone ec2 instance for now (so, zip file).
I’m trying to get a one-click login working with MS Entra ID - that is, I go to myapplications.microsoft.com, click on the “SonarQube” button, and am then authenticated with the instance. However, I’ve been unable to get this working fully.
What I thought should happen:
I click on SonarQube and I am then logged in, looking at the project list.
What does happen:
I click on SonarQube, and I’m taken to the login page, where I can then click “log in with SAML”, which then authenticates me and takes me back to the project list.
In order to get this far, we made some guesses about what the sign-on URL should be configured as from the EntraID side, since the documentation says this field is optional, but we are unable to save the IDP app without putting something there. If we set it to the same as the server base URL and click on the tile, we get taken to the project list, and then we have to click “login” at the top right to be taken to the login page, and then click “log in with SAML”, so the tile in myapps essentially only worked as a glorified bookmark.
With the sign-on URL set to $baseURL/users/sso/sign_in correction, we set it to: “$baseURL/sessions/new?return_to=%2Fprojects”, we at least end up at the login page directly, eliminating one click, but then still have to take additional action (clicking “log in with saml”).
Is this expected behavior? Am I just holding it wrong?