Use GitLab OAuth login in SonarQube login page
Branch: master
Clone or download
Gabriel Allaigre
Gabriel Allaigre Fix parent
Latest commit d8430a7 Mar 28, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
doc Fix readme Jan 25, 2018
src Fix parent Mar 28, 2018
.gitignore first commit Mar 17, 2016
.gitlab-ci.yml add synchronize groups with gitlab functionality Jan 2, 2018
.travis.yml fix jdk for travis Mar 7, 2017
CHANGELOG gitlab Mar 17, 2016 fix pom Mar 3, 2017 Update sonar to 7.0 Mar 28, 2018
pom.xml Fix parent Mar 28, 2018

Sonar Auth GitLab Plugin

Inspired by

The version 1.3.2 is directly in the SonarQube update center

Version 1.4.0-SNAPSHOT

  • Change secret field to text field
  • Update sonar-plugin to 7.0

Version 1.3.2

  • Fix bug with group & ldap #20
  • Add option to ignore Certificate for access GitLab #18

Download 1.3.2 version

Version 1.3.1

  • Fix bug with sync #16

Download 1.3.1 version

Version 1.3.0

  • Add default v4 api
  • Add sync groups option with GitLab (use exception for not sync, example admin account)
  • Add custom groups for user

Download 1.3.0 version

Version 1.2.2

  • Add option to change scope for GitLab (since 9.2, scope is api)

Download 1.2.2 version


Enables user authentication and Single Sign-On via GitLab.

Uses GitLab OAuth login in SonarQube login page.



For SonarQube >=5.6:

For SonarQube >=5.4:

Other Plugin: Add Reporting in GitLab commit


Warning : In SonarQube, must have Server base URL with HTTPS

  • In GitLab, create Application OAuth : Admin Settings -> Application

Fill name SonarQube and fill redirect URI with '' (replace url).

Gitlab Add

Copy Application Id and Secret in Settings of Sonarqube.

Gitlab App

  • In SonarQube: Administration -> General Settings -> GitLab -> Authentication

Sonar Settings

Variable Comment Type
sonar.auth.gitlab.enabled Enable GitLab users to login. Value is ignored if client ID and secret are not defined
sonar.auth.gitlab.url URL to access GitLab
sonar.auth.gitlab.applicationId Application ID provided by GitLab when registering the application
sonar.auth.gitlab.secret Token of the user who can make reports on the project, either global or per project
sonar.auth.gitlab.allowUsersToSignUp Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server
sonar.auth.gitlab.scope Scope provided by GitLab when access user info, either global or per project, default read_user
sonar.auth.gitlab.groups Set groups, use , for multi
sonar.auth.gitlab.sync_user_groups Enable synchronization between GitLab and SonarQube groups. SonarQube users groups will be the same as GitLab's
sonar.auth.gitlab.groups Defaults groups, which will be added to SonarQube default group and syncs groups if enabled
sonar.auth.gitlab.api_version GitLab API version
sonar.auth.gitlab.user_exceptions List of usernames to keep intact (e.g. admin list), use , for multi
sonar.auth.gitlab.ignore_certificate Ignore Certificate for access GitLab, use for auto-signing cert (default false) Administration, Variable