SonarQube 8.4 SAML metadata

Hi,
I’m trying to enable SAML authentication on SonarQube 8.4 running on Kubernetes (GKE) environment.
Where can I get SSO documentation along with their Metadata required for SAML so that we can have the correct settings within Azure AD? There are instructions on configuring SAML at SonarQube end but my IAM team is asking for “Application Metadata, Application Entry ID (APP URL), App Reply URL and Sign On URL”, any idea where i can find this information ?

Thanks,
Krishna

Hi @krishnaarani,

Have you checked this tutorial? https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/sonarqube-tutorial#assign-the-azure-ad-test-user

This will give you an idea on what values to provide.

Here’s an example based on that aforementioned tutorial that I went through and annotated:
(Make sure to update your sonar.core.serverBaseURL in SonarQube also!)

Joe

There is no documentation or configuration options to identify the Service Provider metadata
Sonarqube neither publishes sp metadata in xml format, nor share the ACS URL
The entityID and ACS URL are critical information that sonarqube must provide to achieve SAML integration with any provider.

In my case I had to make a guess that the SP entityId is same as base URL
and ACS URL had to be sniffed out by capturing a SAML trace.
which would be

<base URL>/oauth2/callback/saml

This should be documented. Thanks

1 Like