Sonar authentication api

Hi,I’m now calling sonarqube api using basic HTTP, but have some problems.
At first I called api/authentication/logout using my username and password, it returned status code 200(success). But when I called api/authentication/login using the same username and password, it returned status code 401. Does this mean no authorized? I have browse permission on some projects.

7AC68D44-FD82-498e-846F-E2F1D392A6FB.png722×602 13.7 KB

AD02AD38-EEBA-4063-871A-C68EBAB273AA.png734×607 13.7 KB

Hello,

Logout api does not require login/password, so don’t assume that you’re password is correct just because the logout api is returning 200.

Thank you for your answer. My username and password are all correct, I can successfully login sonar web site and browser some projects. I’m confused why I can’t call login api.

I’m concerned about your quotes in the body. I just tried on localhost with this payload, works great. Can you try with singles quotes ? You should get a JWT-SESSION cookie back.

image.png887×558 33.8 KB

I tried but failed, got nothing in cookies field. My account is not admin in the sonar server, which permission should I have?(actually I only have some projects browser permission).

092202F6-EB23-4262-952D-D022573E630C.png716×468 13.7 KB

Hi,

api/authentication/logout is not meant to be used directly.

If you want to do some API calls, you should use a user token.

Regards

Yes, token is better than username/password. I found it’s easy to call API when I put token in http headers.