Sonarqube Jenkins Webhook 403


We use SonarQube Developer Edition Version 9.9.2 and Jenkins (I have followed this doc Jenkins extension for SonarQube)

I added a webhook for quality gate (https://jenkins.cross/sonarqube-webhook/). But this webhook is always in error with this log:

Failed to send webhook 'jenkins' | url=https://jenkins.cross/sonarqube-webhook/ | message=Unexpected response code for CONNECT: 403

I don’t find any other logs with DEBUG mode in Sonar. No log in Jenkins.

I try to POST webhook manually with the payload and it’s OK with code HTTP 200. In this case I see log in Jenkins for my call.

So it seems that Sonar call never reach Jenkins. It’s the same issue that this post it seems: Jenkins - SonarQube Integration: Webhook retrieves 403, where can I find logs? - Stack Overflow

The rest of the process works well (the Sonar scan)


Welcome to the community!

403 is a permissions error. Presumably when you make the call manually, you’re doing it from a client that’s already logged in(?) to Jenkins. The docs should help.


With the manual call I’m not logged in and I still have a status 200.

The documentation does not speak about Webhook authentication with Sonar.

Same problem here but no solution: Webhook Server Unreachable


There’s a suggestion in the thread you referenced to increase your server log level and check the logs for more details. Did you try that?


Compute and Web Engine are already in Debug mode. There’s no more log than what’s in my first message (without DEBUG mode there is no log at all).
The ce.log show SUCCESS for globalWebhooks.


Sorry, but I’m not sure what more to tell you. Since the error is coming from Jenkins, you should probably investigate this on the Jenkins side.


The error is not coming from Jenkins:

So there is a problem with the Sonar call but we don’t have any log, we don’t know what’s the problem.

I thought it might be a certificate problem but I use a Java Trustore with the Jenkins certificate and it works well with other application.

I use Docker compose to run Sonar image. I mount the keystore to


as describe in the documentation here Server installation troubleshooting | SonarQube Docs


Have you tried searching (outside this community) Jenkins 403?


I tried something with certificate. I extracted Sonarqube image cacerts, add my jenkins certificate and add this updated cacerts to Sonar container but no change, always this “Server Unreachable” in Webhooks.

So no one at Sonarqube can tell us why a simple http call fails in their application?


You’ve been quite clear that Jenkins returns a 403.

I founds lots of relevant-looking results when I searched “Jenkins 403”.


But no… Can you read this: Sonarqube Jenkins Webhook 403 - #8 by apiel

The call never reach Jenkins. It’s an issue with Sonar.


The 403 is not coming from SonarQube.

What’s on your network between SonarQube and Jenkins?


Can you explain why the 403 is not coming from SonarQube ? I can use the webhook from Sonar container manually and I have an HTTP 200.

Sonarqube running in a Docker container. There is a NGinx in front of him. Then Sonar and Jenkins are in the same network.


Unexpected response. SonarQube sent, and it got a response.


I said several times that curl command return 200, that this webhook works fine with manual launch.

And for information if Sonar don’t accept Jenkins certificate we have a 403 and it’s a Sonar configuration issue.

Can you explain why it’s only with Sonar if it’s a Jenkins issue ? Why there is no log in Jenkins ?
There is other forum post with the same problem with no response…

And my question is: can we have log for this 403 ? We paid for Sonar Developer, is there a real support ?


Professional support is available.



i suppose you’re using the Sonarqube for Jenkins plugin.
To see what’s going on in Jenkins you should create a custom Jenkins Sonarqube logger
(/manage/log/new) with configuration logger hudson.plugins.sonar and org.sonarsource.