we already have a working community edition, where we are using sonar-auth-aad-plugin-2.0.1.jar to allow integration with our Windows (Microsoft) users over Azure and therefore having Microsoft login. We are also using Group Sync. This approach simplify user management.
Now, we would like to try developer edition, so we installed a new instance on another VM:
SonarQube Developer edition (still ) without license, v2025.4.2 (112048)
Database was copied from the community edition instance
SonarQube is deployed in a Windows Server VM, running as win service, behind a reverse proxy.
Same sonar-auth-aad-plugin setting as in the old version
Same Azure app registration, with added new Redirect URIs
sonar.core.serverBaseURL was updated to the different url (server)
Same IIS reverse proxy config
The issue we are having is, that the Microsoft Login is not working in the latest phase, on the SonarQube server. Microsoft accepts the request, but after the redirect on SonarQube, the initial login page reloads.
In the web.log the following line is suspicious
2025.10.02 03:35:09 DEBUG web[cf3d2b72-1a11-4d25-be07-3b35fcc9398c][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|fe80:0:0:0:18f9:9fa4:798e:e6b8%15|192.168.25.1:53537][login|]
The logs are attached below.
I know this is a plugin, and therefore not your product, but can you nevertheless give me any hint what could be configured wrong? Alternatively, what could we use to administer the access of our users?
Why not raise an issue with the maintainer of the plugin on GitHub?
I would make sure that you have configured the option Allow users to sign-up (sonar.auth.aad.allowUsersToSignUp) under Administration > Configuration > Azure Active Directory.
Most of our Enterprise users are using SAML. This is available even in Community Build!
thank you for your reply. I followed your suggestion and installed the “sonar.auth.aad.allowUsersToSignUp: Administration > Configuration > Azure Active Directory“, of course, I also installed the enterprise app registration as described in the documentation.
Unfortunately, the behavior is as with the third party add in: After clicking the Login button the SonarQube page just reloads.
However I found a detail that might help. After clicking the Login, the response is in both cases 302 Found, but the difference is in the Location header. On the working instance is https://login.microsoftonline.com/… as expected, but on the not working, is SonarQube server itself, what does not make sense (see 302 Found - HTTP | MDN)
What do you thing is the cause for this? A SonarQube settings or a reverse proxy configuration? I double checked the latest and found anything. Any suggestion is appreciate.
Thanks for the follow-up. TBH I wrote that section of the docs (it was originally a community guide) and it crossed my mind but I didn’t think it was relevant here because the error message was different! Glad you figured it out.
