Hi Team,
We have observed that some sonarqube API endpoints are accessible without authentication and exposing sensitive details.
Can you help with how can we disable SonarQube endpoints from public access.
Thanks !
Hi Team,
We have observed that some sonarqube API endpoints are accessible without authentication and exposing sensitive details.
Can you help with how can we disable SonarQube endpoints from public access.
Thanks !
Hey there.
Which API endpoints are you concerned about? Most unauthenticated access should be prevented by default with the global Administration > Security > Force User Authentication setting.