mgx0
November 7, 2025, 1:56pm
1
Must-share information (formatted with Markdown ):
Hi, i’m using 25.7.0.110598 deployed on-premise, using Helm.
i’m trying to stop using deprecated API Endpoints.
POST api/users/create api/v2/users-management/users
GET api/user_groups/add_user GET /api/v2/authorizations/group-memberships
there are more i’m replacing with new v2 API calls. But one of them i found not implemented
i need to remove user from an authorization group. before I used (the already deprecated) endpoint user_groups/remove_user DELETE /api/v2/authorizations/group-memberships
however, it seems not to be implemented and gives me 405 and {“message”:“Method not supported.”}
i also did not find implementation where the CREATE and SEARCH is implemented: sonarqube/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/membership/request at 25.11.0.114957 · SonarSource/sonarqube · GitHub
is this really not implemented while the old call is deprecated?
thank you
Colin
November 7, 2025, 2:08pm
2
Hey there.
DELETE api/v2/authorizations/group-memberships certainly exists, and returns a 204 when you successfully delete a user.
colinmueller@colins-macbook-air-1 ~ % curl -X DELETE "http://localhost:9000/api/v2/authorizations/group-memberships/2e1661c5-33c6-4564-8970-00eee38f3a0d" -H "Authorization: Bearer TOKEN" -v
* Host localhost:9000 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
* Trying [::1]:9000...
* Connected to localhost (::1) port 9000
> DELETE /api/v2/authorizations/group-memberships/2e1661c5-33c6-4564-8970-00eee38f3a0d HTTP/1.1
> Host: localhost:9000
> User-Agent: curl/8.7.1
> Accept: */*
> Authorization: Bearer TOKEN
>
* Request completely sent off
< HTTP/1.1 204
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src 'self'; base-uri 'none'; connect-src 'self' http: https:; font-src 'self' data:; frame-src; img-src * data: blob:; object-src 'none'; script-src 'self' 'sha256-D1jaqcDDM2TM2STrzE42NNqyKR9PlptcHDe6tyaBcuM='; style-src 'self' 'unsafe-inline'; worker-src 'self'
< SonarQube-Authentication-Token-Expiration: 2025-12-07T01:00:00+0100
< Cache-Control: no-cache, no-store, must-revalidate
< Date: Fri, 07 Nov 2025 14:07:04 GMT
<
* Connection #0 to host localhost left intact
How are you calling the API?
Your update path is:
25.7 → 25.11
You may find these resources helpful:
mgx0
November 7, 2025, 2:15pm
3
Hey Colin,
thanks for the answer. Currently on 25.7.0 i’m calling it like this:
curl -H “Authorization: Bearer TOKEN” -X DELETE -v http://sonarqube:9000/sonarqube/api/v2/authorizations/group-memberships?id=6817f2f9-b697-4f4f-abf6-8039a14f5374
Trying 10.43.150.196:9000…
Connected to sonarqube (10.43.150.196) port 9000 (#0)
DELETE /sonarqube/api/v2/authorizations/group-memberships?id=6817f2f9-b697-4f4f-abf6-8039a14f5374 HTTP/1.1
Host: sonarqube:9000
User-Agent: curl/7.88.1
Accept: /
Authorization: Bearer squ_29465456c01c8d26fbf791be3d0564393ad227ff
< HTTP/1.1 405
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< Content-Security-Policy: default-src ‘self’; base-uri ‘none’; connect-src ‘self’ http: https:; font-src ‘self’ data:; img-src * data: blob:; object-src ‘none’; script-src ‘self’ ‘sha256-hK8SVWFNHY0UhP61DBzX/3fvT74EI8u6/jRQvUKeZoU=’; style-src ‘self’ ‘unsafe-inline’; worker-src ‘self’
< Cache-Control: no-cache, no-store, must-revalidate
< vary: accept-encoding
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Fri, 07 Nov 2025 14:14:20 GMT
<
Connection #0 to host sonarqube left intact
{“message”:“Method not supported.”}
we will certainly upgrade soon, but am I using it correctly? in 25.7.0 it shall have been already working, but maybe i’m using it wrongly.
i was reading this REST docs: SonarQube
Colin
November 7, 2025, 2:18pm
4
It needs to be /sonarqube/api/v2/authorizations/group-memberships/6817f2f9-b697-4f4f-abf6-8039a14f5374
No query parameter (?id=)
mgx0
November 7, 2025, 2:21pm
5
oh god, i’m sorry
1 Like
Only the latest version of SonarQube Community Build is considered active, so you’ll need to update and see if the situation is still replicable before we can help you.
everything works fine. thanks for the fast response!