Web Api stopped after this option Force user authentication

• which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  I have the latest version lts(8.9.7.52159)

• what are you trying to achieve
  I am trying use web api after activated this option “Force user authentication” on SonarQube configuration

• what have you tried so far to achieve this:

Before I used my sonarqube without this option, however I read is very important for enviroment security. Ater that I activated this option, I can’t login on sonarqube by web api:

curl -u $sonartoken: -s -X GET ‘http://sonar.dropsthaleservices.com.br/api/alm_settings/list’

Everyone, could you help me in this case, how to access web api after activate this option

Hi @Thales_Barbosa ,

this sounds like it should work in theory. The only issue which i could think of, would be that the $sonartoken does not have the required permissions in order to access the API endpoint you are trying, maybe worth validating this.

i tested this locally with sonarqube 8.9.8, so an upgrade might also help

docker run -d --name sonarqube-debug --rm -p 9000:9000 --pull always sonarqube:lts
# login and create admin token
curl -X GET -s -u a8e4284a686bd5c871e8105e3a531f2f7ca55849: localhost:9000/api/alm_settings/list
{"almSettings":[]}

Hello @DefinitelyNotTobi before test, did you activate this option:

image1493×278 15.5 KB

Thank you
Best REgards,

Yes this is enabled by default since some time ago