Start Free
2025.1 | Instance administration | User management | Managing user authentication

Managing user authentication

On this page

Disabling forced user authentication

By default, authentication is forced. 

Authentication can be managed:

Disabling forced user authentication

You can disable forced user authentication, and allow anonymous users to browse projects and run analyses in your instance. To do so, you need the Administer System permission.

Accessible API endpoints if forced authentication disabled

If forced authentication is disabled, the following API endpoints are accessible without authentication:

  • api/components/search
  • api/issues/tags
  • api/languages/list
  • api/metrics/domains
  • api/metrics/search
  • api/metrics/types
  • api/plugins/installed
  • api/project_tags/search
  • api/qualitygates/list
  • api/qualitygates/search
  • api/qualitygates/show
  • api/qualityprofiles/backup
  • api/qualityprofiles/changelog
  • api/qualityprofiles/export
  • api/qualityprofiles/exporters
  • api/qualityprofiles/importers
  • api/qualityprofiles/inheritance
  • api/qualityprofiles/projects
  • api/qualityprofiles/search
  • api/rules/repositories
  • api/rules/search
  • api/rules/show
  • api/rules/tags
  • api/server/version
  • api/settings/login_message
  • api/sources/scm (for public repositories)
  • api/sources/show (for public repositories)
  • api/system/dbmigrationstatus
  • api/system/migrate_db
  • api/system/ping
  • api/system/status
  • api/system/upgrades
  • api/users/search
  • api/webservices/list
  • api/webservices/response_example

To disable forced authentication:

  1. Go to Administration > Configuration > General Settings > Security.
  2. Disable Force user authentication.

Was this page helpful?

© 2008-2025 SonarSource SA. All rights reserved.

Creative Commons License