How to find the owner of a token i have knowledge of

daniel · June 1, 2022, 3:33pm

Hi there,

what would be the most easy way for an admin to find out who a token belongs to - besides trying to trigger a project analysis.

Consider

i am an admin
i have knowledge of a token
i need to know who is the owner of that token

Is there something that i can trigger with this token (e.g. via WEB_API ) which might help me? Or some other way to research?

I am thinking that some action should leave traces in the logs which i am able to inspect and find out which user is logged with said request/action.

cheers,
Daniel

Colin · June 2, 2022, 9:11am

Issuing a web request to <sonarqube_url>/api/uesrs/current using the token will tell you who it belongs to.

curl -u mytoken: 'http://localhost:9000/api/users/current'

daniel · June 2, 2022, 12:32pm

yay, tyvm \o/ … sometimes one doesn’t see the forest for the trees (i did scour the api for a fit, but must have overlooked this one … ahh, no, it is marked internal and i did not tick that box )

system · June 9, 2022, 12:32pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.