API POST not working with User Token in SQ 6.7.5

sonarqube

(Ryan Weiss) #1

Must-share information (formatted with Markdown):

  • SonarQube 6.7.5
  • We are trying to use the APIs with the generated User Token and POSTs return a {“errors”:[{“msg”:“Insufficient privileges”}]} when the account is admin
  • This issue only happens when using the generated User Token. Authentication with the same user’s UN/PW works. We tried in another instance on 5.6.5 and it works. Any clue?

(Colin Mueller) #2

What API endpoint are you trying to use?

6.7.5 brought some consistency around permissions where even a user with “Administer System” permissions on an instance must also explicitly have administration rights on a project to perform actions on them.


(Ryan Weiss) #3

https:///api/settings/reset?keys=sonar.exclusions


(Ryan Weiss) #4

it removed my hostname which is expected


(Colin Mueller) #5
  1. Apologies for not seeing the part of your opening post where you mentioned UN/PW credentials of the user worked fine. So not a permissions issue.
  2. As noted in our Web API Docs, the token should go where you would expect the username to in a basic auth (un:pw) situation. Is this what you’re doing in your web API call?

Colin


(Ryan Weiss) #6

Ya we’re doing that. I drop the : after the user token.


(Julien Lancelot) #7

If you have a look at the link that @ColinHMueller has provided you, you could see the following important comment about the usage of user token :

curl -u THIS_IS_MY_TOKEN: https: //sonarqube .com /api/user_tokens/search
# note that the colon after the token is required in curl to set an empty password