List group permissions


I’m working on automation to set the group permissions for my organization(s) and their projects. Although setting and removing permissions is straightforward, I can’t find anything in the web_api documentation to see the current permissions that a group has. Without that information it is impossible to create reconciliation logic, other than forcibly writing the values on each run. Furthermore, it is rather important to be able to automatically check that setting the permissions has worked.

Is there such an endpoint and did I just not find it? Managing our organizations by hand is not an option and this is blocking further adoption of SonarCloud for us.

I was about to fill a new feature request when I found this: . So it appears the endpoints are there, but marked as internal.

For now this gives me enough to work with, though I hope the endpoints become public soon :).

Hello @reinoudk,

Welcome to SonarSource community :wave:, I hope you will enjoy it.
Happy New Year by the way :slight_smile:

Concerning your topic, I just wanted to notify you that it was not left unnoticed. Your post prompted internal discussions. And indeed the internal APIs already exists. The SonarCloud :sonarcloud: Team is evaluating if they could be made public (ie formally supported).
Note that SonarQube and SonarCloud now have a separate code base and lifecycle, and the Feature Request you noticed was logged for SonarQube :sonarqube:, not SonarCloud :sonarcloud:. The same feature does not necessary make it in SonarQube and SonarCloud at the same time. Even sometimes it makes it at some point in one product and never in the other (although this is unlikely to be the case for that particular one).


1 Like

Hi @OlivierK,

Apologies for my (very) late reply.
Do you know if there are any plans for making this endpoint public? I recently noticed that the internal endpoint cannot be used anymore with a regular token, just a JWT as used in the web ui. Which is in itself of course valid, but not being able to manage group permissions using the API causes a lot of manual work for us.