diff options
author | Tobias Trabelsi <64127335+tobias-trabelsi-sonarsource@users.noreply.github.com> | 2020-09-09 07:12:24 +0200 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2020-09-09 20:07:14 +0000 |
commit | 4d83ca22b507bf847685bb419873f8cb5ecde866 (patch) | |
tree | 36659e3eaf19db8c6c2bc324b40b2184886e8bc1 /server/sonar-docs | |
parent | d761c994d0d145e5ab7300961fa3a31603e74d6b (diff) | |
download | sonarqube-4d83ca22b507bf847685bb419873f8cb5ecde866.tar.gz sonarqube-4d83ca22b507bf847685bb419873f8cb5ecde866.zip |
[DOCS] improved documentation about api endpoints
Diffstat (limited to 'server/sonar-docs')
-rw-r--r-- | server/sonar-docs/src/pages/instance-administration/security.md | 45 |
1 files changed, 44 insertions, 1 deletions
diff --git a/server/sonar-docs/src/pages/instance-administration/security.md b/server/sonar-docs/src/pages/instance-administration/security.md index 87b91e7524f..84619a73708 100644 --- a/server/sonar-docs/src/pages/instance-administration/security.md +++ b/server/sonar-docs/src/pages/instance-administration/security.md @@ -28,6 +28,50 @@ To force user authentication, log in as a system administrator, go to **[Adminis [[info]] | SonarQube does not support sharing email addresses across multiple users. +### API Endpoints Authentication + +If the **Force user authentication** property is set to false, the following API endpoints are accessible **without authentication** (click **API endpoints** below to expand the list): + +[[collapse]] +| ## API endpoints +| +| * api/components/search +| * api/issues/tags +| * api/languages/list +| * api/metrics/domains +| * api/metrics/search +| * api/metrics/types +| * api/plugins/installed +| * api/project_tags/search +| * api/qualitygates/list +| * api/qualitygates/search +| * api/qualitygates/show +| * api/qualityprofiles/backup +| * api/qualityprofiles/changelog +| * api/qualityprofiles/export +| * api/qualityprofiles/exporters +| * api/qualityprofiles/importers +| * api/qualityprofiles/inheritance +| * api/qualityprofiles/projects +| * api/qualityprofiles/search +| * api/rules/repositories +| * api/rules/search +| * api/rules/show +| * api/rules/tags +| * api/server/version +| * api/sources/scm (for public repositories) +| * api/sources/show (for public repositories) +| * api/system/db_migration_status +| * api/system/migrate_db +| * api/system/ping +| * api/system/status +| * api/system/upgrades +| * api/users/search +| * api/views/run +| * api/webservices/list +| * api/webservices/response_example + +It is advised to enable **Force user authentication** if you have your SonarQube instance publicly accessible. ### Authentication Mechanisms Authentication can be managed through a number of mechanisms: @@ -157,4 +201,3 @@ sonar.jdbc.password={aes}CCGCFg4Xpm6r+PiJb1Swfg== # Encrypted DB password ... sonar.secretKeyPath=C:/path/to/my/secure/location/my_secret_key.txt ``` - |