## Settings
-Property| Description | Default value | Required
----|------------------------------------------------------------------------------------------------------------------------------------|-----------|--------------------------------------------------------------------------
-`sonar.auth.saml.enabled`| Is SAML authentication enabled on SonarQube? | | Yes
-`sonar.auth.saml.applicationId`| The ID under which SonarQube is known by the Identity Provider. | sonarqube | Yes
-`sonar.auth.saml.providerName`| Name of the Identity Provider displayed in the login page when SAML authentication is active. | SAML | Yes
-`sonar.auth.saml.providerId`| The ID of the Identity Provider. | | Yes
-`sonar.auth.saml.loginUrl`| The Url where the Identity Provider expect to receive SAML requests. | | Yes
-`sonar.auth.saml.certificate.secured`| The public X.509 certificate used by the Identity Provider to authenticate SAML messages. | | Yes
-`sonar.auth.saml.user.login`| The name of the attribute where the Identity Provider will put the authenticated user login. | | Yes
-`sonar.auth.saml.user.name`| The name of the attribute where the Identity Provider will put the authenticated user name. | | Yes
-`sonar.auth.saml.user.email`| The name of the attribute where the Identity Provider will put the authenticated user email. | | No
-`sonar.auth.saml.group.name`| The attribute defining the user group in SAML. Users are associated to the default group if this attribute is not defined. | | No
-`sonar.auth.saml.signature.enabled`| Is SonarQube expected to sign the SAML requests? If enabled both the service provider private key and certificate must be provided. | | No
-`sonar.auth.saml.sp.privateKey.secured`| The PKCS8 private key without password used by SonarQube to sign SAML messages and to decrypt encrypted SAML responses. | | Only if SonarQube requests signature or responses encryption is enabled.
-`sonar.auth.saml.sp.certificate.secured`| The public key part of the previously provided private key. | | Only if SonarQube requests signature is enabled.
+| Property | UI Name | Description | Required |
+|------------------------------------------|-------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|
+| `sonar.auth.saml.enabled` | Enabled | Controls whether SAML authentication is enabled on SonarQube. | Yes |
+| `sonar.auth.saml.applicationId` | Application ID | The ID under which SonarQube is known to the Identity Provider. | Yes |
+| `sonar.auth.saml.providerName` | Provider Name | The name of the Identity Provider displayed in the login page when SAML authentication is active. | Yes |
+| `sonar.auth.saml.providerId` | Provider ID | The ID of the Identity Provider. | Yes |
+| `sonar.auth.saml.loginUrl` | SAML login url | The URL at which the Identity Provider expects to receive SAML requests. | Yes |
+| `sonar.auth.saml.certificate.secured` | Identity provider certificate | The public X.509 certificate used by the Identity Provider to authenticate SAML messages. | Yes |
+| `sonar.auth.saml.user.login` | SAML user login attribute | The name of the attribute that the Identity Provider will use to store the authenticated user login. | Yes |
+| `sonar.auth.saml.user.name` | SAML user name attribute | The name of the attribute that the Identity Provider will use to store the authenticated user name. | Yes |
+| `sonar.auth.saml.user.email` | SAML user email attribute | The name of the attribute that the Identity Provider will use to store the authenticated user email. | No |
+| `sonar.auth.saml.group.name` | SAML group attribute | The attribute defining the user group in SAML. If this attribute is not defined, users are associated with the default group. | No |
+| `sonar.auth.saml.signature.enabled` | Sign requests | Controls whether SonarQube is expected to sign the SAML requests. If enabled, both the service provider's private key and certificate must be provided. | No |
+| `sonar.auth.saml.sp.privateKey.secured` | Service provider private key | The PKCS8 private key without password used by SonarQube to sign SAML requests and to decrypt encrypted SAML responses. | This is only required if `sonar.auth.saml.signature.enabled` is set to `true` or the Identity Provider sends encrypted SAML responses. |
+| `sonar.auth.saml.sp.certificate.secured` | Service provider certificate | The public key part of the previously provided private key. | This is only required if `sonar.auth.saml.signature.enabled` is set to `true`. |
+
+### Testing
+After all the mandatory settings are filled, the SAML integration with the Identity Provider can be tested by clicking the **Test configuration** button.
+A new tab will open with more information regarding the success of the integration, attributes received from the Identity Provider, and any warnings or errors that occur.
## SAML configuration related information and limitations
projects / sonarqube.git / commitdiff
