Retrieve Security Hotspots through Web API


how to get security hotspots for a project through api call?


Hey there.

I’ve moved your thread to a new topic instead of bumping an older (mostly unrelated) one.

What version of SonarQube are you using? And, to fulfill my own curiosity, why do you want to retrieve this data?

Hi colin,

I am using sonarqube 8.6… I want to retreive the security hotspots generated for a project in sonarqube in json format.

previously for 8.0 version…security hotspots were part of issues and I could retrive them through api format like this->

now as I could see security hotspots are no longer part of issue type…Now how should I form my api to get the securityhotspots generated for a particular sonar project?

I got that, but I was curious Why? :smiley: What do you use the information for outside of SonarQube? It’s useful to understand why our users try and do what they do.

You can find Web APIs related to Hotspots under the api/hotspots domain of web services. Some will be marked Internal (check the box in the upper left of the Web API documentation for your SonarQube instance)

because sonar doesnt provide a way to download the issues generated. I found a way to do an api call and the resulted json is then used to extract the content to an excel sheet so that people can work on the issues even when they are offline…

I checked the section u mentioned but…what is hotspot parameter there? and how can we get SH’s for a particular project key?this wasnt mentioned there…

Take a look at the Internal APIs.

Got it thankyou

Hey Colin,

could you please help me with this.