How to disable SonarQube API endpoints from accessing publicly

Hi Team,

We have observed that some sonarqube API endpoints are accessible without authentication and exposing sensitive details.

Can you help with how can we disable SonarQube endpoints from public access.

Thanks !

Hey there.

Which API endpoints are you concerned about? Most unauthenticated access should be prevented by default with the global Administration > Security > Force User Authentication setting.