401 unauthorized for POST /api/projects/delete

I’m using SonarQube v8.2 (build 32929). I’m trying to delete a project with a user via /api/projects/delete. I’m passing credentials for a user in the System Administrators group. I get 401 Unauthorized.

I’ve tried in both PowerShell and with the RESTED Firefox add-on. In PowerShell, I’m trying this:

$SQEndpoint = "https://mysqinstance.com/api/projects/delete"
$AuthHeader = "Basic adminlogin:adminpassword"
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($AuthHeader)
$EncodedHeader =[Convert]::ToBase64String($Bytes)
$Headers = @{ Authorization = $EncodedHeader }
$Body = @{ project = $ProjectKey }
Invoke-WebRequest -Uri $SQEndpoint -Body $Body -Method Post -Headers $Headers

Note that this also doesn’t work if I use a valid token on the second line, like so:

$AuthHeader = "Basic 0f9b3e47c4c9dc212c4a0db640c8cfe90c764d18:"

Similar requests through the RESTED Firefox add-on yield identical results.

Figured it out. This

$Bytes = [System.Text.Encoding]::Unicode.GetBytes($AuthHeader)

should have been this

$Bytes = [System.Text.Encoding]::ASCII.GetBytes($AuthHeader)

Additionally, the project parameter is a query parameter, and not expected in the body data of the request, which is weird. The documentation should make it clear when parameters are expected in the body vs. as a query string parameter or path parameter.

1 Like