Struggling to Set sonar.auth.saml.certificate.secured via API for SonarQube SAML Automation

JaxStar · May 27, 2025, 8:54pm

Hello everyone,

I’m trying to automate the creation of SonarQube with SAML integration for Azure Entra ID using Infrastructure as Code (IaC).

I’m attempting to set the SAML settings via the SonarQube web API. The only property that isn’t changing is sonar.auth.saml.certificate.secured.

Does anyone know how to pass this base64 certificate via curl? Or is there any other way to automate this part of the SAML configuration?

Thanks in advance for your attention!

Colin · May 28, 2025, 12:29pm

Hey there.

This is working just fine for me.

colinmueller@Colins-MacBook-Air ~ % curl -u TOKEN: -X POST 'http://localhost:9000/api/settings/set?key=sonar.auth.saml.sp.certificate.secured&value=VALUE' -i

What have you been trying with curl? Some example commands might illustrate the difference!

JaxStar · May 28, 2025, 8:19pm

Hi @Colin, thanks for the feedback.

Wouldn’t it be sonar.auth.saml.certificate.secured insted of sonar.auth.saml.sp.certificate.secured?

For this documentation:

I am running the following curl command

curl -u $TOKEN: -x post "http://localhost:9000/api/settings/set" \
  -d "key=sonar.auth.saml.certificate.secured" \
  -d "value=-----BEGIN CERTIFICATE----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCL7Kf20Llpfidz
ASTcnS4X7pLcv8g0hqCafZsHsJWCW+pyC+xlpkf9wadX9L+3B3v8uY8/D95tOija
LlQPAWQQsRiiCZO/JwTA+J6DRsSeiiKM2fAVNKpY70FmMsKS+bUlVR+xa0lAA5zT
4GeiUnQiXBBLKyMdl2rpy7aOPJU4ucBIr5upb4G5AoGAHIDrrHifye2WRrsvjQwf
cS4+PLFnms5Ef6IpgLBaxM55Hst7jh/OvinugCVeTrHl8LJJBIJWlKDRELpBlPwV
6qPB4d7cx4DD1UPElZwaDZzawbq1A2FarKoaLAti8P8bMEJvqkDqeozudlvXMUmQ
zHF0yKQjqaBVAObkWwmvIBA= -----END CERTIFICATE-----" -i

The command only shows an example of how I’m passing the certificate, it’s not the real value, for security reasons. hahahah

Maybe I don’t know how to send my certificate via curl.

Can you tell me the most recommended way to send my certificate via curl?

Colin · May 29, 2025, 12:29pm

You’re right! Should be sonar.auth.saml.certificate.secured. I pulled a different value when I was testing the API calls.

I tried it out, and it works IF I change -x post to -X POST. Can you give that a try?

JaxStar · May 29, 2025, 5:44pm

Thanks for the guidance @Colin

I managed to get curl working by sending the file directly through this curl:

curl -u $TOKEN: -X POST "http://localhost:9000/api/settings/set" \
  -d "key=sonar.auth.saml.certificate.secured" \
  --data-urlencode "value@certificate.cer" -i

But is there another way besides sending the file?

But anyway, thanks for your attention.

Success

Topic		Replies	Views
Difficulty setting SAML x509 certificate through Web API SonarQube Server / Community Build sonarqube , web_api , saml , kubernetes	4	1691	February 8, 2022
SAML authentication plugin automatic install SonarQube Server / Community Build saml	3	1334	March 7, 2019
SAML authentication - automated deployment SonarQube Server / Community Build	4	345	December 12, 2023
Unable to pass property sonar.auth.saml.certificate.secured in sonar.properties file SonarQube Server / Community Build	1	20	December 15, 2024
SAML Authentication Failure in Sonarqube 2025.1 LTA Version SonarQube Server / Community Build	1	58	May 26, 2025

Struggling to Set sonar.auth.saml.certificate.secured via API for SonarQube SAML Automation

Related topics