How to create rule for taint engine for java api?

I can found Security Engine Custom Configuration | SonarQube Docs. But it seem can’t to create a code rule…
How to use Taint Engine(or Data-Flow-Analysis) in extension?
And, the java api has any api reference?
Need help, Thank you.

Hello and welcome to the community! Please keep it at one thread per topic. I have removed the other duplicated post.

Can you share what version of SonarQube you are using? Custom taint configurations are only available in the Enterprise and Data Center Editions of SonarQube.

You can find the API reference in SonarQube itself: Web API | SonarQube Docs

In case you plan to do more than adding custom configuration, that is unfortunately not possible with sonar-security. There is no public API for the security engine.

Can you tell me what rule you planned to add? Thanks!