Issues with Web API v2

ftlvz · September 24, 2025, 10:09am

I’m trying to call the basic example

curl --request GET \
  --url 'https://api.sonarcloud.io \
  --header 'Authorization: Bearer <my_token>'

where of course I’m replacing <my_token> with an actual token I generated from SonarQube CLoud’s Web UI.

I only receive “403 Forbidden” responses.

If I invoke some endpoint, like the /projects one, I receive the following error:

{
“message”: “Invalid key=value pair (missing equal-sign) in Authorization header (hashed with SHA-256 and encoded with Base64): ‘[REDACTED+’.”
}

Using the same token I can invoke API v1 without any issue, so I really don’t understand what’s wrong.

Can you help me, please?

Colin · September 24, 2025, 1:26pm

Hello! Although it’s not immediately obvious from the documentation, the correct endpoint to use is https://api.sonarcloud.io/projects/projects.

This issue has already been reported internally. Resolving it unfortuantely isn’t straightforward, but we want to fix it in the near-term.

This guide might help you reverse engineer specific endpoints.

system · November 3, 2025, 10:27am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Authentication for Web API v2 SonarQube Cloud authentication , web_api_v2 , sonarqube-cloud	5	37	January 21, 2026
Not able to connect to API SonarQube Server / Community Build web_api	3	443	May 4, 2023
SonarCloud API - authentication using token SonarQube Cloud	3	10152	February 27, 2021
Unable to get response from Sonarqube web api endpoints in Postman SonarQube Server / Community Build	14	3811	February 7, 2022
Sonarcloud Web API - Insufficient privileges SonarQube Cloud web_api , sonarqube-cloud	3	2380	August 3, 2020