SAML Okta Log in Issue "Not Authorized"

ALM used (Okta)

SonarQube Version: 8.9.6.50800

Error observed: We are swapping from LDAP log in to SAML. Configured it per the guide (found at SonarQube and SAML Authentication with Okta) and migrated existing users using the guide for that (found at Migrating SonarQube Users Between Identity Providers (with a focus on LDAP → SAML)) and all appears to be well, mostly. When we click on the button in Okta, and it takes us to SonarQube to log us in, we get the error:

“You’re not authorized to access this page. Please contact the administrator.”

Only thing is, I AM the administrator. From here if we click the home link below the error, and then click on the SAML log in on that page, it works fine and logs you in perfectly, but we want to make it so the button works.
Per the guide, we have the Single Sign on, Recipient and Destination URLs all set to:
https:///oauth2/callback/saml and the log in themselves are working, so I assume this is one of those issues where its something small I missed somewhere.

Steps to reproduce: Try to log into SonarQube by clicking the app button in Okta

Any help would be appreciated.
Thanks!

Hello @zrvirgo,

Are you able to directly log in to SonarQube using SAML?

Just for you to know there is already a known limitation about it: [SONAR-12688] Allow usage of Okta to authenticate with SAML - SonarSource

2 Likes