Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-8715

Allow provisioning of non-local users



      As a SonarQube admin I do not necessarily have enough LDAP rights to manage groups in my corporate LDAP server (and use Group Mapping feature of LDAP Plugin). I therefore wish to provision LDAP users within SonarQube, so that I can assign them to groups and give them permissions before they even did a first log-in (e.g. as part of an onboarding process).

      As a SonarQube admin I wish to transition SonarQube authentication from local (because team was small so far) to LDAP-managed (thanks to LDAP Plugin) without losing all the group/permission management I have already done, nor having users lose their preferences and/or issues assigned to them.

      Current situation:

      • a user created in SonarQube is considered local, externalProvider=sonarqube
      • a user logged-in via LDAP (thanks to LDAP Plugin) is considered not local, externalProvider=sonarqube
      • other authentication plugins result in non local users with externalProvider of their own
      • whether a user is local or not cannot be changed

      Potential solution:
      A first step would be to allow /api/users/create (and api/users/update) to set whether user is local or not. That would already cover the main use-cases above.


          Issue Links



              • Assignee:
                julien.lancelot Julien Lancelot
                nicolas.bontoux Nicolas Bontoux
              • Votes:
                0 Vote for this issue
                5 Start watching this issue


                • Due: