I’m having problems with sonarqube.us login using GitHub account. Last week everything was working fine and now getting Sorry, but we couldn't verify your authorization to access this page. error which is strange as I was able to login last week.
Is there a way to find what is the actual error message - reson behind login problems?
Also checked bit Azure DevOps, BitBucket and SSO those work just fine.
Hi,
Welcome to the community and thanks for this report!
Can you provide your login and Org ID?
Thx,
Ann
My login is the same as my email and I’m not sure where to find org ID.
Hi,
Thanks. Are there any errors in your browser console?
Thx,
Ann
No, all requests end with status 200 or 204 and I’m redirected to https://sonarqube.us/sessions/unauthorized.
Hi,
Thanks for checking. I’ve flagged this for the folks with backend access.
Ann
Hi @krzysztofdrozd and thanks for reaching out.
Are other people in your organization still able to access sonarqube.us with their GitHub account?
Just in case you’re using the URL of a project you’re not allowed to, could you make sure you login through SonarQube Cloud
Hi,
@nour.zerhouni yes, we still have problem. Probably it’s related to IP whitelisting in GH. We checked IPs that SQC published for US region and they are allowed but GH still returns error about invalid IP.
Hi @krzysztofdrozd,
You’ve correctly identified the issue!
When you log in with GitHub on SonarQube Cloud, the authentication goes through Auth0, our authentication provider. During this process, Auth0 makes server-to-server API calls to GitHub’s API (to fetch your profile, emails, and organization memberships) from Auth0’s own outgoing IP addresses, not from SonarCloud’s published IP ranges. This is why adding SonarCloud’s IPs didn’t resolve the issue.
Since your GitHub organization has an IP allowlist configured, GitHub is blocking these API calls from Auth0’s IPs.
The recommended solution is to grant the SonarQube Cloud OAuth App a bypass of your organization’s IP allowlist in GitHub:
Go to your GitHub Organization → Settings → Security → IP allow list
Find the section for installed OAuth apps and enable bypass access for the SonarQube Cloud application
Let us know if this resolves the issue!