Yeah, thanks, we solve it, it was the HttpOnly; condition in the cookie, you just need to disabled it, i used a curl -u user:password “https://sonar…/api/change_log_level” with level=DEBUG.
then i saw a error: login failure [cause|Wrong CSFR in request]
this derivate to: Wrong CSFR in request
I hope this helps someone