Skip to end of metadata
Go to start of metadata

Table of Contents

The first question that should be answered when setting the security strategy is: Can anonymous users browse the SonarQube instance or is authentication be required? To force user authentication, log in as a System administrator and go to Administration > Configuration > General Settings > Security and set the Force user authentication property to true. To allow users to sign up for a SonarQube account, set the Allow users to sign up property to true

Creating a User

A user is a set of basic information: login, password, name and email.

To create a new user, go to Administration > Security > Users > Create User:

Changing your Password

To change your password, log in and go to My_Name > My profile > Change password:

LDAP plugin

When the LDAP plugin is installed and activated, it is no longer possible for users to change their passwords. Then, only system administrators can do so through Administration > Security > Users by clicking on the padlock icon. Note that this password is only used when the LDAP server is not reachable and the authentication mechanism fall back to the SonarQube built-in mechanism.

Technical Users

Technical users that are authenticated against SonarQube's own database of users, rather than against any external tool (LDAP, Active Directory, Crowd, etc.) can be created.

Similarly, all non-local accounts will be authenticated only against the external tool. By default admin is a technical account. Technical accounts are configured in SONARQUBE_HOME/conf/ in the (default value = admin) property as a comma-separated list.

Default Admin Credentials

When installing SonarQube, a default user with Administer System permission is created automatically:

  • Login: admin
  • Password: admin


I lost the admin password

In case you lost the admin password of your SonarQube instance, you can reset it by executing the following query:

update users set crypted_password = '88c991e39bb88b94178123a849606905ebf440f5', salt='6522f3c5007ae910ad690bb1bdbf264a34884c6d' where login = 'admin'

This will reset the password to admin.

  • No labels