Hello there!

Need Help? We are right here!

miniOrange Email Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

SAML Single Sign On (SSO) for SonarQube
miniOrange provides a ready to use solution for SonarQube. This solution ensures that you are ready to roll out secure access to your SonarQube site within minutes.


miniOrange has developed a better and more robust SAML Single Sign On plugin for SonarQube, the most recommended code analytics platform. SonarQube is one of the most popular code inspection tools and loved by developers and companies all around the world for its simplicity, precision, and verbosity of the analysis. For adding its value, miniOrange's SonarQube SAML Single Sign On plugin brings seamless SSO experience to the SonarQube users

miniOrange has developed a SAML SP which is not only more flexible but also has a lot more features. We also have overcome, the limitations of the existing SAML plugin.

A list of all features with description is given below. By using such, rich-in-features, plugin your team can focus on writing and developing better code while we take care of their secure Single Sign On.

SonarQube Single Sign On (SSO) Plugin

SAML Single Sign On (SSO) for SonarQube package acts as a SAML Service Provider which can be configured to establish the trust between the plugin and SAML capable Identity Providers to securely authenticate the user to the SonarQube application.

SAML Single Sign On (SSO) for SonarQube allows users to sign into SonarQube Server with your SAML 2.0 capable Identity Provider. We support all known IdPs - miniOrange, Google Apps, ADFS, Okta, OneLogin, Azure AD, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, PingOne, RSA, Oracle, Bitium, etc.

Features of SonarQube SAML SSO Plugin

Feature Description Availability
On-the-fly User Creation Auto-create users in SonarQube after SSO, if the user is not already present in SonarQube. Free
SSO Binding Types We have support for HttpRedirect binding and HttpPost binding types:
  • HttpRedirect: The SAML Request message is sent as a GET request to IdP when HTTP-Redirect is selected.
  • HttpPost: The SAML Request message is sent as a POST request to IdP when HTTP-Post is selected.
Signed Request We support the signed login request sent to the IdP, which provides an additional security layer. Free
Encrypted Assertion Seamlessly works with IdP which supports Encrypted Assertion. Free
Test Configuration Using this feature, you can easily validate your SAML response and data. Free
Force Authentication User will be forced to re-authenticate with Identity Provider (IdP) when he accesses the SonarQube Instance, irrespective of the SSO session at IdP. Free
Group Mapping It will map user's group attributes receiving from IdP with the groups present in SonarQube. Free
Supported IdPs We have support for all the Identity Providers (IdPs) like ADFS, OKTA, Azure AD, OneLogin, etc and many more.
Find setup guidelines for your IdP below.
Import IdP Metadata Using File/URL/Text Import IdP metadata dynamically instead of manually copying them. Premium
Auto Redirect to IdP Auto redirection takes the user to the IdP's login page instead of showing the default login page. Premium
Import & Export Plugin Configurations Export your configuration in file format, So after upgrading versions or changing platform you can easily import them. Even in case of troubleshooting, share configuration with us, so we could provide proper technical support. Premium
Multiple IdP Support Configure and use more than one IdP at a time. Premium
NameID Formats NameID is a unique identifier of the user. Some IdPs require a specific NameID format for SSO to work properly. Premium
On-the-fly Group Mapping The app will assign users to groups or create new groups during SSO. In order to use this method, the Group Attribute field is required. Premium
Certificate Rollover In the situation where the IdP Signing certificate is changed on a periodic basis, the plugin can be configured to ping the IdP’s metadata URL at configured time intervals and update the configured Signing Certificate. Premium
Customize SP Certificates You can have your own customized Public and Private certificates, which will enhance the security even more. Premium
Single Logout We provide the SP Initiated Single Logout feature. It will log out you from both SonarQube as well as your Identity Provider. Premium
SLO Binding Types We have provided two binding types for Single Logout operation.
HTTP Redirect and HTTP Post.
Customize Login, Logout and Error Template These features provide an option to design your own login, logout, and error handling page for the Application. Premium


Download plugin from below link and follow the given instructions to setup plugin in SonarQube environment.

Setup Instructions

Guidelines for IdP Configuration

ADFS Auth0 AuthAnvil
Azure AD Bitium CA Identity
Centrify Google Apps KeyClock
miniOrange Okta OneLogin
OpenAM Oracle PingFederation
PingOne RSA SecureID SalesForce
Shibboleth2 Shibboleth3 SimpleSAML

If you can't find your IdP in above list, follow the general configuration steps given below.

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com