Start FreeLog in
SonarCloud | Advanced setup | Web API

Web API

On this page

Authenticating to the Web API Sending an API request Taking into account the API rate limiting

SonarCloud provides a web API to access its functionalities from applications. 

The web services composing the web API are documented within SonarCloud, through the URL https://sonarcloud.io/web_api. You can also access the web API documentation from the top bar in Cloud by selecting the help button:

Authenticating to the Web API

Administrative web services are secured and require the user to have specific permissions. 

To authenticate to the Web API, we recommend that you use the bearer authentication scheme. With this scheme, a SonarCloud token is used:

  • A token is generated in SonarCloud UI.
    See Managing your tokens.
  • The token is provided through the Authorization: Bearer <myToken> header.
    See Sample API request below.

Sending an API request

To make a request, you need to find the HTTP method and the right path for the operation that you want to use. 

Sample API request

If, for example, you want to use the Web API to extract measures, you can make a “GET MEASURES” call to the /api/measures endpoint in order to extract measures of a given metric for a given project. For this example, a possible request and response are shown below.

Request
curl --request GET \
  --url 'https://sonarcloud.io/api/measures/component?metricKeys=ncloc%2Ccode_smells%2Ccomplexity&component=my_project_key' \
  --header 'Authorization: Bearer my_token'
Response


{
   "component": {
      "id": "id",
      "key": "my_project_key",
      "name": "my_project_name",
      "qualifier": "TRK",
      "measures": [
         {
            "metric": "complexity",
            "value": "4214"
         },
         {
            "metric": "code_smells",
            "value": "8595",
            "bestValue": false
         },
         {
            "metric": "ncloc",
            "value": "51667"
         }
      ]
   }
}

Taking into account the API rate limiting

Some of SonarCloud's APIs are rate-limited in order to ensure that we can continue to deliver the service smoothly and with optimum performance. In most cases, you should take this into account when automating tasks and processes by using the SonarCloud Web API. 

Your API calls will fail with a 429 status code when the rate limit has been reached. If this happens, wait a few minutes before retrying the operation. 

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License