M
API Matrix

SonarQube API

Development / OAuth Advanced HTTPS
Varies by plan (check documentation)
63 Score
Grade C
Visit Official Site Compare Alternatives

Overview

SonarQube provides a REST API for its code quality and security analysis platform, letting you programmatically retrieve metrics, issues, and quality gate statuses for your projects. It supports OAuth authentication and integrates with CI/CD pipelines to automate code review workflows. Developers use it to build dashboards, enforce quality gates, and track technical debt over time.

💡

Beginner Tip

You can explore the SonarCloud Web API interactively at sonarcloud.io/web_api without writing any code — a great way to understand available endpoints before integrating them into your pipeline.

Available Data

SonarQube data via REST API
JSON-formatted response data
Requires OAuth authentication

Example Response

JSON Response 
{
  "url": "https://example.com",
  "safe": true,
  "threat_level": "none",
  "categories": [
    "clean"
  ],
  "scan_date": "2025-01-15T10:00:00Z"
}

Field Reference

component.key The unique project key identifying the analyzed component
component.measures Array of metric measurement objects for the requested metricKeys
component.measures[].metric The metric key name (e.g., coverage, bugs, code_smells)
component.measures[].value The current numeric value for the metric
component.qualifier Type of component analyzed, such as TRK (project) or FIL (file)

Implementation Example 

const url = "https://sonarcloud.io/web_api";
// Replace headers or query params with the values required by this API.
const response = await fetch(url, {
  headers: {
  "Authorization": "Bearer YOUR_API_KEY"
  }
});
if (!response.ok) throw new Error(`Request failed: ${response.status}`);
const data = await response.json();
console.log(data);

What Can You Build?

Note: These code examples are AI-generated and unverified. Always refer to the official API documentation for accurate usage.

Common Errors & Troubleshooting

401 Unauthorized Token not included or formatted incorrectly in the Authorization header
Pass your SonarCloud token as the username with a blank password using -u YOUR_TOKEN: in curl (note the trailing colon)
404 Not Found on component The project key does not exist or you do not have access to it
Verify the project key in your SonarCloud dashboard under Administration > Update Key
400 Bad Request on metricKeys One or more metric key names are invalid
Use the /api/metrics/search endpoint to get a full list of valid metric keys for your SonarCloud instance

Matrix Score Breakdown

🌐 Reachability 30/30
⚡ Speed 5/20
🔒 Security 15/15
🛠 Developer XP 3/20
✓ Reliability 10/15

Partially tested on Apr 5, 2026

Technical Specifications

Auth OAuth
HTTPS REQUIRED
CORS UNKNOWN
Category Development
Difficulty Advanced
Verified: 2026-04-04

Similar APIs

View All →

Bitbucket

68

The Bitbucket REST API (v2) provides programmatic access to Bitbucket Cloud repositories, pull requests, pipelines, and user accounts, enabling you to automate code review workflows and integrate Bitbucket into your CI/CD toolchain.

OAuth Advanced HTTPS

GitHub

⭐ Beginner's Pick
68

The GitHub REST API gives you programmatic access to nearly everything on GitHub — repositories, issues, pull requests, commits, users, organizations, GitHub Actions, and more.

OAuth Intermediate HTTPS

Gitlab

73

The GitLab REST API provides comprehensive programmatic control over GitLab projects, including repositories, merge requests, pipelines, issues, CI/CD variables, and user management.

OAuth Advanced HTTPS

Gitter

0

Gitter provides programmatic access to chat for developers via REST API.

OAuth Advanced HTTPS

Google Docs

73

The Google Docs API provides full programmatic control over Google Docs documents, including reading content, inserting text, applying styles, and managing document structure.

OAuth Advanced HTTPS