Question regarding "api/projects/search" Web-API Call


(Christoph Forster) #1

Hi everybody,

can someone explain why the Web-API Call “api/projects/search” needs ‘System Administrator’ Permissions?

I understand that updating Projects needs System Administrator Rights but listing them?

Thanks in advance,

(G Ann Campbell) #2

Hi Christoph,

As included in the service description,

Search for projects or views to administrate them.

Specifically, this search shows all projects, portfolios, applications. It does not filter based on project view permissions. If you want to run a non-permissioned project search, use api/components/search_projects.


(Christoph Forster) #3

Hi Ann,

Thanks for the fast reply.
api/components/search_projects is exactly what I was looking for.

Currently it is not listed within the build-in documentation of SonarQube (http://localhost:9000/sonar/web_api) so I didn’t find it by myself.


(G Ann Campbell) #4

Hi Christoph,

TBH, I found it by sniffing what got called when I loaded the Projects page. It turns out it’s marked as Internal, so you incorporate it into automations at the peril of having it change out from under you without warning in a future version. I’ll raise the question internally about whether it should still be “internal”.


(Christoph Forster) #5


OK I will mark the call with a comment so that I don’t wonder why it possibly fails in future.


(Julien Lancelot) #6

Hi Christoph,

I think you should have a look at api/components/search?qualifiers=TRK.

Because as Ann have said, api/components/search_projects is internal as we may need to update it without keeping backward compatibility.