# Self-hosted [Transport modes](https://modelcontextprotocol.io/specification/2025-11-25/basic/transports) define how the MCP server communicates with your client. Options include [Stdio](#local-server-stdio), [HTTPS](#https), and [HTTP](#http). Each mode includes a deployment example for configuring your client. See [Environment variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md) for details about required configuration values. > **Warning:** *User tokens* are required when setting up connected mode or an MCP Server between SonarQube Server and SonarQube for IDE. Binding won't work if you use *project tokens*, *global tokens*, or *scoped organization tokens* during setup. ## Local server (Stdio) For independent users who need a quick setup for their specific IDE or CLI. Run the official [mcp/sonarqube](https://hub.docker.com/r/mcp/sonarqube) container image using stdio transport for local development. This gives access to the full tool set. The stdio transport mode is the recommended and default mode for local development and single-user setups used by all MCP clients. It's also the mode used in your [Agentic Analysis](/agent-centric-development-cycle/features/agentic-analysis.md) and [Context Augmentation](/agent-centric-development-cycle/features/context-augmentation.md) workflow. The [common variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#common-variables) are required to initialize any transport mode you choose. **Docker example** > **Note:** Although the examples below use `docker`, any OCI-compatible container runtime works (for example, Podman, nerdctl, etc). Simply replace `docker` with commands specific to your preferred tool. ### SonarQube Cloud Use this code sample when using the container image to configure your MCP HTTP server for integrating with SonarQube Cloud. ```json { "mcpServers": { "sonarqube": { "command": "docker", "args": ["run", "-i", "--rm", "--init", "--pull=always", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_ORG", "mcp/sonarqube"], "env": { "SONARQUBE_TOKEN": "", "SONARQUBE_ORG": "" } } } } ``` > **Note:** SONARQUBE\_URL should be defined as `https://sonarqube.us` each time you use a SonarQube Cloud configuration (`SONARQUBE_TOKEN` + `SONARQUBE_ORG`) and want to connect to a US-region instance. See the [Connecting to SonarQube Cloud in the US region](/agent-centric-development-cycle/developer-tools/mcp-server/setup/environment-considerations.md#connecting-to-sonarqube-cloud-in-the-us-region) section for details. ### SonarQube Server Use this code sample when using Docker to configure your MCP server for integrating with SonarQube Server or SonarQube Community Build. ```json { "mcpServers": { "sonarqube": { "command": "docker", "args": ["run", "-i", "--rm", "--init", "--pull=always", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_URL", "mcp/sonarqube"], "env": { "SONARQUBE_TOKEN": "", "SONARQUBE_URL": "" } } } } ``` ## Remote server (HTTPS and HTTP) This setup is suited for a central server that multiple users will access, using their own clients. This setup uses the HTTPS transport mode for a shared team server. ### HTTPS HTTPS configurations are very similar to [HTTP](#http) but require SSL certificates. * For local development, use HTTP instead of HTTPS to avoid [SSL certificate](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#ssl-certificate) issues. * For production deployments with proper SSL certificates from a trusted CA, use HTTPS. **Docker example** > **Note:** Although the examples below use `docker`, any OCI-compatible container runtime works (for example, Podman, nerdctl, etc). Simply replace `docker` with commands specific to your preferred tool. #### SonarQube Cloud Use this code sample when using the container image to configure your MCP HTTPS server for integrating with SonarQube Cloud. The server uses the `SONARQUBE_TOKEN` environment variable for initialization. Clients connect to the server using the `Authorization: Bearer` header. ```bash # Start server (requires token for initialization) docker run --init --pull=always -p 8443:8443 \ -v $(pwd)/keystore.p12:/etc/ssl/mcp/keystore.p12:ro \ -e SONARQUBE_TRANSPORT=https \ -e SONARQUBE_HTTP_HOST=0.0.0.0 \ -e SONARQUBE_HTTP_PORT=8443 \ -e SONARQUBE_TOKEN="" \ -e SONARQUBE_ORG="" \ mcp/sonarqube ``` > **Note:** SONARQUBE\_URL should be defined as `https://sonarqube.us` each time you use a SonarQube Cloud configuration (`SONARQUBE_TOKEN` + `SONARQUBE_ORG`) and want to connect to a US-region instance. See the [Connecting to SonarQube Cloud in the US region](/agent-centric-development-cycle/developer-tools/mcp-server/setup/environment-considerations.md#connecting-to-sonarqube-cloud-in-the-us-region) section for details. #### SonarQube Server Use this code sample when using the container image to configure your MCP HTTPS server for integrating with SonarQube Server or SonarQube Community Build. The server uses the `SONARQUBE_TOKEN` environment variable for initialization. Clients connect to the server using the `Authorization: Bearer` header. ```bash # Start server (requires token for initialization) docker run --init --pull=always -p 8443:8443 \ -v $(pwd)/keystore.p12:/etc/ssl/mcp/keystore.p12:ro \ -e SONARQUBE_TRANSPORT=https \ -e SONARQUBE_HTTP_HOST=0.0.0.0 \ -e SONARQUBE_HTTP_PORT=8443 \ -e SONARQUBE_TOKEN="" \ -e SONARQUBE_URL="" \ mcp/sonarqube ``` **Client configuration** > **Warning:** Deprecation notice: Passing the token via the `SONARQUBE_TOKEN` header is deprecated for HTTP(S) transport. > > * For HTTP(S) transport: use the `Authorization: Bearer ` header. This is mandatory for SonarQube Cloud embedded MCP, and recommended for all other HTTP(S) configurations. > * For stdio transport: no change: `SONARQUBE_TOKEN` as an environment variable is unchanged. > > See [common variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#common-variables) for details. When connecting to an HTTPS transport server, clients must include the `Authorization` header with a Bearer token in all requests. ```json { "mcpServers": { "sonarqube": { "type": "https", "url": "https://:8443/mcp", "headers": { "Authorization": "Bearer " } } } } ``` ### HTTP > **Important:** The HTTP transport mode is not recommended. Use [Stdio](#local-server-stdio) for local development or [HTTPS](#https) for multi-user production deployments. Enable HTTP transport for unencrypted multi-user scenarios where more than one client will connect to a shared server. The [common variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#common-variables) are required for initialization, in addition to the listed [HTTP variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#http-variables) that clients will need to access the server. After setup, each client must provide its own user token for access. **Client configuration** When connecting to an HTTP transport server, clients must include the `Authorization` header with a Bearer token in all requests. ```json { "mcpServers": { "sonarqube": { "type": "http", "url": "http://:8080/mcp", "headers": { "Authorization": "Bearer " } } } } ``` ### Service endpoints When running in **HTTPS** or **HTTP** transport mode, the server exposes a few unauthenticated service endpoints in addition to the MCP endpoint at `/mcp`. These endpoints are for service-to-service use (monitoring, orchestration, client compatibility checks) and don't require an `Authorization` header. | Endpoint | Method | Description | Example response | | --------- | ------ | ------------------------------------------------------------------------------------------ | ---------------------- | | `/health` | `GET` | Liveness probe. Returns `200 OK` with an empty body once the server is accepting requests. | *(empty body)* | | `/info` | `GET` | Returns the MCP server version as JSON. Useful for verifying the deployed server version. | `{"version":"1.16.0"}` | These endpoints are not available when running with the **Stdio** transport. ## Using the configuration generator Use the official SonarQube MCP Server configuration generator to get a configuration snippet for your setup. To do this: 1. Identify your agent. 2. Find your [common variables](/agent-centric-development-cycle/developer-tools/mcp-server/reference/environment-variables.md#common-variables). 3. Enter the information into the [SonarQube Server configuration generator](https://mcp.sonarqube.com/config-generator.html) and select the local (stdio) or remote server option. 4. Paste the generated configuration into your configuration file. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sonarsource.com/agent-centric-development-cycle/developer-tools/mcp-server/setup/self-hosted.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.