Quickstart secrets detection

Get secrets detection running with the SonarQube CLI in a few minutes.

This setup example shows how to use the SonarQube CLI to authenticate to SonarQube Cloud, install the Secrets Detection Binary, and install the secrets hook in Claude Code to prevent secrets from leaking in your interactions with Claude Code.

Prerequisites

The SonarQube CLI is installed on your machine. See the Quickstart guide if needed.
Claude Code is installed on your machine.

Step 1: Authenticate to SonarQube Cloud

Either run this command from your terminal:

sonar auth login <- optional

When using login <- optional, you only access a default of 100 secret patterns.

Or, authenticate to get all the secrets patterns supported by Sonar:

sonar auth login -o <YourSonarQubeCloudOrganization> -t <YourSonarQubeUserToken>

User tokens are required when authenticating your SonarQube CLI with SonarQube Cloud or SonarQube Server. Note that the CLI will not function properly if project tokens, global tokens, or scoped organization tokens are used during the setup process.

Step 2: Install the Secrets Detection Binary

Install the binary:

sonar install secrets

Check the installation:

sonar install secrets --status

Step 3: Install the secrets hook in Claude Code

Install the hook globally to make it available to all of your projects:

sonar integrate claude -g

PreviousQuickstart guide NextUsing SonarQube CLI

Last updated 57 minutes ago

Was this helpful?

Good afternoon

hashtagPrerequisites

hashtagStep 1: Authenticate to SonarQube Cloud

hashtagStep 2: Install the Secrets Detection Binary

hashtagStep 3: Install the secrets hook in Claude Code

Prerequisites

Step 1: Authenticate to SonarQube Cloud

Step 2: Install the Secrets Detection Binary

Step 3: Install the secrets hook in Claude Code