Sonarcloud IP binding

Sumitpalucc · May 18, 2023, 5:17am

Hi Team,
Can you let me know If we can bound the Sonarcloud with specific IPs so that we can only access from limited locations.

Regards
Sumit

Colin · May 19, 2023, 6:54am

Hey there.

Do you mean to limit access to your SonarCloud organization by only accepting requests from certain IP ranges? I can confirm that’s not a possibility at the moment. Let me know if you meant something else.

Other useful resources might include our security statement.

Sumitpalucc · May 19, 2023, 9:22am

Hi Colin,

Thanks for your above response.
We want that who has access to the Sonarcloud will only able to use Sonar via some controlled process so can you please suggest some mechanism for that.

Regards
Sumit

Colin · May 22, 2023, 8:49am

Right now, that can only be handled via your authentication provider (controlling who can login and from where).

Sumitpalucc · June 1, 2023, 5:57am

Hi Colin,

Thanks for the above response.

Can we integrate Sonarcloud with LDAP? If yes can have some documentation regarding it.

Regards
Sumit

Colin · June 1, 2023, 8:25am

You can authenticate via the DevOps Platform (Github, Gitlab, etc.), which might delegate authentication to some SAML setup, but not by connecting directly to an AD server.

Sumitpalucc · June 12, 2023, 5:46am

Hi Colin,

Thanks for your above response.

We have Gitlab as a SCM tool hosted in private server, how can we connect it with the SonarCloud securely?

Please share some documentation regarding it.

Regards
Sumit

Colin · June 12, 2023, 8:45am

SonarCloud can only be connected to Gitlab.com – not Gitlab self-hosted. You may be interested in SonarQube which integrates with on-prem DevOps Platforms.

Sumitpalucc · June 21, 2023, 1:21pm

Hi Colin,

Thanks for your above response.

Is there anything like Hardware binding option, restricting project code download option in the Sonarcloud?
If yes, please help me with the documentation for it.

Regards
Sumit

Colin · June 23, 2023, 8:37am

While you can restrict who can see source code – any user that has that permission will have full access to your code. I’m not sure what you mean by “Hardware binding” in this context.

kthompso · January 4, 2024, 7:07pm

Is there any plan to implement an IP Restriction feature in SonarCloud? Many of the authentication provider setups wouldn’t support this (e.g. github.com accounts), and authentication provider based access doesn’t cover the use case of API tokens.

Colin · January 5, 2024, 1:40pm

@kthompso It’s on our list, particularly as we plan to cover more Enterprise use-cases with SonarCloud this year.

Topic		Replies	Views
General SonarCloud Authentication and Access Management Questions SonarQube Cloud authentication	3	2197	August 5, 2024
Restricting Public Access to SonarCloud SonarQube Cloud sonarqube-cloud	6	826	August 5, 2024
Connecting my Github Org to Sonar Cloud SonarQube Cloud	7	23	March 20, 2025
SonarCloud Security Questions SonarQube Cloud	2	574	July 7, 2021
How secure is my program code when integrate SonarCloud with Azure DevOps SonarQube Cloud iam , sonarqube-cloud	8	4584	July 23, 2020

Sonarcloud IP binding

Related topics