Integrating with SonarQube Restful API

About

SonarQube provides web API to access its functionalities from applications. Services such as administrative web services are secured and require the user to have specific permissions. The methods for authenticating the users are detailed below.

Authentication

User Token (Recommended)**

Types of tokens

User Token: These tokens can be used to run analysis and to invoke web services, based on the token author's permissions

Project Analysis Token^1^ : These tokens can be used to run analysis on a specific project.

Global Analysis Token^2^ : These tokens can be used to run analysis on every project.

^1^In order to create this type of token, the user should have Global Execute Analysis permission or Execute Analysis permission on the token's associated project

^2^In order to create this type of tokens, the user should have Global Execute Analysis permission

Generating a token

UI Method

You can generate new tokens at User > My Account > Security

The form at the top of the page allows you to generate new tokens by specifying the token details

Once you click the Generate button, you will see the token value. Copy it immediately; ***once you dismiss the notification you will not be able to retrieve it.\

Command Line Method

Parameters

Command ^1^ (https://gist.github.com/InfoSec812/aa246a7ac80d30093fcb660244420901)

Sample Response

^1^Certain API functions require additional permissions, these are listed in the linked web API documentation page

*List of all API services can be found at https://sonarqube.mdtproductdevelopment.com/web_api/. *