SonarQube Permission model

I’m trying to find some information on which permissions are need to access api endpoints.
I’m trying to create a export to get some standard project metrics out of sonarqube 10.4.1 using the SonarQubeClient in python .
from whats i can find a token to get this level of information need to be an administrator level user token…
This cant be the only way, I don’t want to give my metrics process god mode over all of sonarqube.
Is there anyway to give it more granular access

It really depends on what API endpoints you’re hitting, and whether or not the project Browse permission is sufficient.

You might be better off just directly contacting the maintainer (I assume it’s GitHub - shijl0925/python-sonarqube-api: Python Client library for interacting with Community, Developer, and Enterprise Editions SonarQube's REST APIs and SonarCloud's REST APIs.)

Whether or not that information is available in these docs, you can always check the Web API documentation of SonarQube (footer of your instance) for expected permissions.

Hi @Colin ,
Its actually based of the work from sonarqube_prometheus_exporter.

from what i can find some of the endpoints to get “simple” metrics are protected by admin rights…