Sign-on URL's value when configure Azure AD SSO for SonarQube

We are integrating Azure AD SSO with SonarQube.
（SonarQube Version： Developer Edition Version 7.9.2 (build 30863)）

When configuring Azure AD SSO, Sign-on URL is needed but we can’t find any information about it after we look through the SonarQube official document and Community.

The official document of Azure AD is mentioned that we should set below values for Sign-on URL, but we get “This page cannot be opened, the server with this page is not responding” error while set “https://servicescode-dev.westus.cloudapp.azure.com” for our dev environment.

The official document of Azure AD：
“チュートリアル: Microsoft Entra SSO と SonarQube の統合 | Microsoft Learn”

In the Sign-on URL text box, type a URL:
For Production Environment
https://servicessonar.corp.microsoft.com/
For Dev Environment
https://servicescode-dev.westus.cloudapp.azure.com

It’s appreciated if you can give me any suggestions or ideas.

Thanks in advance.

Hey there.

Their documentation isn’t particularly clear that you should be using your own SonarQube server URL here. You should substitute your own SonarQube URL + /oauth2/callback/saml

For example: https://mysonarserver/oauth2/callback/saml

Hi Colin,

Thank you very much.

We set our SonarQube URL + /oauth2/callback/saml for the Sign-on URL and we get another error.

You’re not authorized to access this page. Please contact the administrator.

Is there any ideas?

I’d start looking in your web.log (potentially with log level increased to DEBUG in the global Administration > System > Log level) for further details.

Here is our web log.
sonarqube_web.log (133.0 KB)

It looks like a SAML response isn’t being returned,Caused by: com.onelogin.saml2.exception.Error: SAML Response not found, Only supported HTTP_POST Binding.

This is a pretty generic error that usually implies some configuration issue on the IDP (Identity Provider, here Azure AD SSO) side.

• Can you share screenshots of your configuration in Azure AD SSO?
• Have you added users to the application you’ve created in Azure AD SSO (specifically the user you’re trying to login with?)

Here is our configuration.

SonarQube_AAD_SSO_Configuration1920×1545 149 KB

Have you added users to the application you’ve created in Azure AD SSO

yes.

Hi, Colin
Is there any update for this?

Hi @dangbunf ,

Can you show your SSO configuration in SonarQube ? And plz share the document which you referred ? Thanks.

Regards,
Khopi

hi, this is a pretty old one I see, but I am having the same issue.

sonarqube941×659 101 KB

image946×648 44.2 KB

Please advice as i want to activate SAML for SonarQube in Azure AD.

Everything has been setup in the sonarqube admin level.

If I do a test I get this:
You’re not authorized to access this page. Please contact the administrator.

sonarqube21433×378 41.3 KB

Hey team,

Did anyone manage to resolve this?
We are facing the exact same issue.

Regards,

Nikola

Hi @Nikola_Dacic ,

Do you have progress on this? If you are still looking for this, you can give a try to miniOrange SAML SSO plugin for SonarQube. You can refer to this document mO SonarQube SSO 3 to get started.

For further details, reach out to miniOrange HelpDesk, or drop an email on: support-atlassian@miniorange.atlassian.net . We’ll be happy to help.

Thanks,
Himanshu

About the Sign On Url configuration, I managed to integrate successfully the SonarQube with my Azure AD, setting the value as “https://YOUR_SONAR_HOST/sessions/new”.