API Issue - Http://sonarurl//api/permissions/users?projectKey

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • how is SonarQube deployed: zip, Docker, Helm
  • what are you trying to achieve
  • what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Version - 10.3

Hi Team,

I am trying to get list of users for a project.

I am using the below api -


I am getting the users of that project but other than that i am getting some random list of users who are not part of that project.

Can you please let me know if there’s any problem with the API?



The APIs were built mainly to populate the interface. If you look at the part of the UI that call populates, you see the users and groups who have permissions at the top, and users/groups who don’t below that:

And that’s what you’re seeing in the results from your call, users who have permissions, which are populated in the permissions array in the user object, and users who don’t, which are represented by an empty permissions array.

Note that a) this is an internal API, meaning you use it at your own risk because it’s not guaranteed to be stable between releases, and b) we are actively working on replacing the API.



I need to get the list of sonarqube projects and their users. How can I get that using this api?

Is there any script available to get such list.

Also it should contain the users from group which are added in project.



You’ll need to script this yourself. You’ll also need to look up group membership manually.

Would you mind sharing why you need this?