-
Type:
Improvement
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 8.7
-
Component/s: Authentication & Authorization
-
Labels:
-
Edition:Community
-
Production Notes:None
Why
It's not possible on a SonarQube instance to update the authentication system from one to another, without losing user permissions & preferences and issues assignment.
For instance, it should be possible to migrate from LDAP to SAML easily.
What
- As a SonarQube Administrator, I want SonarQube users to be able to authenticate with the new authentication system. I need to do it occasionally, I don't need to have a special UI to do that.
- As a SonarQube User, as soon as I was migrated to the new authentication system, I cannot authenticate to the old authentication system (If I do so, I'll lose all my permissions, preferences, and issues assignment).
- As a SonarQube User, when I was migrated to the new authentication system, I expect to keep my permissions, preferences, and issues previously assigned to me.
Out of scope:
- Migrating external users to local users.
How
A new web service should be created to allow to update the identity provider of a user:
- Action: POST api/users/update_identity_provider
- Description: Update identity provider information. It's only possible to migrate to an installed identity provider. Be careful that as soon as this information has been updated for a user, the user will only be able to authenticate on the new identity provider.
- Permission: Requires Administer System permission
- Parameters:
- login: (Mandatory) User login
- newExternalProvider: (Mandatory) New external provider. Only authentication system installed are available.
- newExternalIdentity: (Optional) New external identity, usually the login used in the authentication system.
Note about newExternalProvider : it should contain sonarqube, which is the identity provider id used for local users and for LDAP.
- relates to
-
SONAR-12475 Drop login generation strategy when using an Identity Provider
-
- Closed
-
-
SUPPORT-20960 Loading...
-
SUPPORT-22903 Loading...
- is related to
-
SUPPORT-22479 Loading...
-
SUPPORT-22743 Loading...
-
SUPPORT-22957 Loading...
-
SUPPORT-23165 Loading...
-
SUPPORT-23209 Loading...
- links to