Sonar authentication api

Hi,I’m now calling sonarqube api using basic HTTP, but have some problems.
At first I called api/authentication/logout using my username and password, it returned status code 200(success). But when I called api/authentication/login using the same username and password, it returned status code 401. Does this mean no authorized? I have browse permission on some projects.

Hello,

Logout api does not require login/password, so don’t assume that you’re password is correct just because the logout api is returning 200.

Thank you for your answer. My username and password are all correct, I can successfully login sonar web site and browser some projects. I’m confused why I can’t call login api.

I’m concerned about your quotes in the body. I just tried on localhost with this payload, works great. Can you try with singles quotes ? You should get a JWT-SESSION cookie back.

I tried but failed, got nothing in cookies field. My account is not admin in the sonar server, which permission should I have?(actually I only have some projects browser permission).

Hi,

api/authentication/logout is not meant to be used directly.

If you want to do some API calls, you should use a user token.

Regards

Yes, token is better than username/password. I found it’s easy to call API when I put token in http headers.