Skip to end of metadata
Go to start of metadata
Table of content

This page represents Web Service API for use by any HTTP clients.

Response formats

The API provides several response formats : XML, JSON (ie. JavaScript Object Notation) and sometimes plain text or CSV.

The request can specify the desired response format in either of two ways :

  • Accept HTTP header : application/json, text/xml

  • query argument 'format' with one of these values : xml, json, txt or csv. Example :

HTTP status codes

HTTP code

Description

200

OK

400

Bad request.
The request could not be understood by the server due to malformed syntax.

401

Unauthorized

403

Forbidden.
The request was a legal request, but the server is refusing to respond to it.

404

The requested resource could not be found.

500

Internal server error.

Authentication

GET /sessions/login
Formats : none
Parameters :

  • login. Required.
  • password. Required.

Status :

  • 200 : authenticated
  • 401 : wrong password

Basic HTTP authentication is also supported. Example with curl to load events :

Delete Project

Methods : DELETE
URL : /api/projects/<project id>
Security : Requires administration role on the related project
Example : curl -u admin:admin -X DELETE http://localhost:9000/api/projects/org.apache.struts:struts

Events

Get events

GET /api/events

Parameter

Description

Required

Example

resource

id or key of the project

No. Get global events if not set.

org.apache.struts:struts

categories

comma-separated list of category filters

No

Version,Alert

fromDateTime

ISO-8601 datetime (inclusive)

No

2010-12-25T23:59:59+0100

toDateTime

ISO-8601 datetime (inclusive)

No

2010-12-25T23:59:59+0100

fromDate

date (inclusive)

No

2010-12-25

toDate

date (inclusive)

No

2010-12-25

Examples :

XML response
JSON response
Create event

POST /api/events

Example with curl to create project event :

Favourites

URL : /api/favourites
Methods : GET, POST, DELETE. Authentication required.
Formats : xml, json

Method

URL

Description

Possible responses

GET

/api/favourites

Returns all user favourites.

200, 401

POST

/api/favourites?key=foo

Create a user favourite with the given key.

200, 400, 401

DELETE

/api/favourites/:id

Delete user favourite with the given key.

200, 400, 401, 404

Installed plugins

GET /api/updatecenter/installed_plugins
Formats: xml, json

JSON response
XML response

Manual Measures

Get Manual Measures

Method : GET
URL : /api/manual_measures?resource=<resource>&metric=<optional metric>
Security : Requires the user role on the related project
Format : JSON

JSON Response

Create a Manual Measure

Method : POST
URL : /api/manual_measures?resource=<resource>&metric=<metric>&val=<optional decimal value>&text=<optional text>
Security : Requires administrator role on the related project
Example : curl -u admin:admin -d "resource=org.apache.commons:commons-i18n&metric=business_value&val=5000" http://localhost:9000/api/manual_measures

JSON Response

Delete a Manual Measure

Method : DELETE
URL : /api/manual_measures?resource=<resource>&metric=<metric>
Security : Requires administrator role on the related project
Example : curl -u admin:admin -X http://localhost:9000/api/manual_measures?resource=org.apache.commons:commons-i18n&metric=business_value

Metrics

URL : /api/metrics
Methods : GET, POST, PUT, DELETE
Formats : xml, json

Method

URL

Description

 

Authentication

GET

/api/metrics

Returns all metrics.

200

None

GET

/api/metrics/:id

Returns metric with the given key.

200, 404

None

POST

/api/metrics

Create a metric.

200, 400, 401

Required

PUT

/api/metrics/:id

Update metric with the given key.

200, 400, 401

Required

DELETE

/api/metrics/:id

Delete metric with the given key.

200, 400, 401, 404

Required

Parameter

Value

Size

Possible values

Description

id

string

64

 

 

description

string

255

 

 

direction

integer

 

-1, 0, 1

 

domain

string

64

 

 

name

string

64

 

 

qualitative

integer

 

0, 1

Is it a qualitative metric ?

val_type

string

 

PERCENT, INT, FLOAT, STRING, BOOL, MILLISEC

Value type

user_defined

integer

 

false, true

Can user fill measures online ?

XML response
JSON response

Profiles

GET /api/profiles
Format: JSON, XML
Since: 2.7
Get the coding rules activated in a quality profile.

Parameter

Description

Required

Example

language

Project language

Yes

java

name

Profile name. If not set, then the default profile for the selected language is used

No

Legacy%20projects

rule_repositories

Filter rules by repository. Comma-separated list of keys.

No

pmd,findbugs

rule_severities

Filter rules by severity. Comma-separated list of rule severities. Values are BLOCKER, CRITICAL, MAJOR, MINOR, INFO

No

BLOCKER,CRITICAL

JSON response
CSV response

Properties

URL : /api/properties
Methods : GET, POST, DELETE
Formats : xml, json

Method

URL

Description

Possible responses

Authentication

GET

/api/properties

Returns all properties.

200

Optional (to see secured properties)

GET

/api/properties/:id

Returns the property with the given key. The optional parameter "resource" allows to load a project property.

200, 401, 404

Optional (to see a secured property)

POST

/api/properties?id=:id&value=:value

Create or update a property. The field 'value' can be replaced by the raw request content( see example bellow)

200, 400, 401

Required

DELETE

/api/properties/:id

Delete property with the given key.

200, 400, 401, 404

Required

Example to create a property with the content of a file with curl :

XML response
JSON response

Resources

GET /api/resources
Formats : xml, json

Parameter

Values

Default value

Description

resource

resource key/id

 

Filter on a specific resource

metrics

comma-separated list of metric keys/ids

 

Load measures on selected metrics. If only one metric is set, then measures are ordered by value.
Example : lines,blocker_violations

depth

integer

0

Used only when resource is set.
0 : only selected resource
-1 : all childhood, including selected resource
>0 : depth toward the selected resource

scopes

comma-separated list of scopes

 

Filter on scopes :
PRJ : project/module
DIR : directory (like Java package)
FIL : file

qualifiers

comma-separated list of qualifiers

 

Filter on qualifiers :
TRK : project
BRC : module
CLA : class
UTS : unit test
DIR : directory
FIL : file

verbose

true|false

false

Add some data to response 

limit

integer

 

Limit the size of measures. Only used if one metric, and only one, is set.

includetrends

true|false

false

Include trends and period variations in response : add <trend> (1 if better, else worst), <var> (1 if measure value increases) and nodes <p*> for period variations

includealerts

true|false

false

Include alerts data : add nodes <alert> (ERROR, WARN, OK) and <alert_tex

rules

true|false|list of rule ids

false

Filter on rules : setting it to true will return rules id and rule name for measure having such info (such as 'violations')

rule_categories

true|false|list of category ids

false

Filter on rule ISO categories : setting it to true will return rules category id and rule category name for measure having such info (such as 'violations')

rule_priorities

true|false|list of priorities

false

Filter on rule priority  : setting it to true or to list of priorities (BLOCKER,CRITICAL,MAJOR,MINOR,INFO) will return measures having such info (such as 'violations'). Since version 1.10.

Examples

/api/resources

all projects

/api/resources?metrics=ncloc,coverage

all projects, including Lines of code and code coverage measures

/api/resources?resource=foo&metrics=ncloc,coverage

Lines of code and code coverage of the resource 'foo'

/api/resources?resource=foo&depth=-1

all the resources included in foo. For example if foo is a project, results contain packages and classes.

/api/resources?resource=foo&depth=1&metrics=ncloc,coverage

Lines of code and code coverage of direct children of foo. Used for example to generate the treemap of components.

/api/resources?resource=foo&depth=-1&scopes=FIL

All the files included in foo. Used for example for coverage clouds.

/api/resources?resource=foo&depth=-1&scopes=FIL&metrics=coverage&limit=10

Hotspot of the ten files with the worst code coverage. 

XML response

Reviews

Get reviews

GET /api/reviews
Formats : xml, json
Since : version 2.8

Parameter

Description

Possible values

Default value

Required

ids

List of review ids

 

 

no

resources

Comma-separated list of resource ids or keys

 

 

no

projects

Comma-separated list of root project ids or keys

 

 

no

statuses

Comma-separated list of status

OPEN,CLOSED

 

no

resolutions

Comma-separated list of resolutions (since version 2.9)

FIXED,FALSE-POSITIVE

 

no

severities

Comma-separated list of severities

INFO,MINOR,MAJOR,CRITICAL,BLOCKER

 

no

authors

Comma-separated list of author id or login

 

 

no

assignees

Comma-separated list of assignee id or login

 

 

no

review_type

Type of review (deprecated in version 2.9)

FALSE_POSITIVE,VIOLATION

VIOLATION

no

output

Format of comments

PLAIN,HTML

PLAIN

no

Results are limited to 200 reviews, ordered by creation date (more recent to oldest).

XML response
JSON response
Create review for violation

POST /api/reviews/
Since : version 2.9

Parameter

Description

Required

violation_id

violation on which the review should be created

yes

status

initial status (can be 'OPEN' or 'RESOLVED')

yes

comment

text of initial comment

yes

resolution

if status 'RESOLVED', then resolution must be provided (can be 'FIXED' or 'FALSE-POSITIVE')

no

assignee

initial assignee

no

Add comment

PUT /api/reviews/add_comment
Since : version 2.9

Parameter

Description

Required

id

review id

yes

comment

new comment

yes

Reassign

PUT /api/reviews/reassign
Since : version 2.9

Parameter

Description

Required

id

review id

yes

assignee

new assignee

yes

Resolve

PUT /api/reviews/resolve
Since : version 2.9

Parameter

Description

Required

id

review id

yes

resolution

can be 'FIXED' or 'FALSE-POSITIVE'

yes

comment

text of comment

yes

Reopen

PUT /api/reviews/reopen
Since : version 2.9

Parameter

Description

Required

id

review id

yes

comment

text of comment

yes

Rules

GET /api/rules
Formats : xml, json, csv

Parameter

Possible values

Default behaviour

Description

language

java, plsql, ...

 

required

plugin

pmd, checkstyle, ...

all plugins

display only selected plugin

categories

Maintainability, Efficiency, ... Removed from release 2.6.

all categories

filter on selected categories

searchtext

Anon Inner Length, ...

all rules

display only rules containing specified text in their name or key

profile

Sonar way, Sun checks, ... It's recommended to use the Profiles web service instead.

not used

when this parameter is defined, a node "status" is added for each "rule" node with values "INACTIVE" or "ACTIVE"

priorities

List of INACTIVE, ACTIVE, BLOCKER, CRITICAL, MAJOR, MINOR, INFO. It's recommended to use the Profiles web service instead of INACTIVE and ACTIVE.

not used

filter on specific status/priorities

XML response
JSON response
CSV response

Server Status

GET /api/server
Formats : xml, json
Security : none

XML response
JSON response

Values of the field "status" are : UP, DOWN (generally for database connection failures), SETUP (if the server must be upgraded).

Sources

GET /api/sources
Formats : xml, json, txt

Parameter

Description

Required

resource

Id or key of the resource

Yes

from

First line to display

No

to

Last line to display (included)

No

color

true|false (default is false). Highlights code syntax if true.

No

Example : /api/sources?resource=org.sonar.samples:main-sample:org.sonar.samples.MyClass

XML response
JSON response
Text response

System Info

GET /api/server/system
Format: JSON
Security: administrator

Return system properties, server info (Java, OS), database configuration, JVM statistics and installed plugins.

Time Machine

GET /api/timemachine
Formats : json, csv
Since: 2.5

Load past measures.

Parameter

Description

Required

Example

resource

id or key of the resource

Yes

org.apache.struts:struts

metrics

comma-separated list of metric keys/ids

Yes

coverage,violations_density

fromDateTime

ISO-8601 datetime (inclusive)

No

2010-12-25T23:59:59+0100

toDateTime

ISO-8601 datetime (inclusive)

No

2010-12-25T23:59:59+0100

JSON response
CSV response

User properties

URL : /api/user_properties
Methods : GET, POST, PUT, DELETE. Authentication required.
Formats : xml, json

Method

URL

Description

Possible responses

GET

/api/user_properties

Returns all user properties.

200, 401

GET

/api/user_properties/:id

Returns user property with the given key.

200, 401, 404

POST

/api/user_properties

Create a user property.

200, 400, 401

PUT

/api/user_properties/:id?value=foo

Update user property with the given key.

200, 400, 401

DELETE

/api/user_properties/:id

Delete user property with the given key.

200, 400, 401, 404

Upgrade Server

POST /api/server/setup
Security: none
Formats: xml, json, text

XML response
JSON response

Status values are 'ok' or 'ko'.

Violations

GET /api/violations
Formats : xml, json

Parameter

Description

Possible values

Default value

Required

resource

Key or id of the resource

 

 

yes

depth

See Resources API

int

0

no

scopes

See Resources API

 

 

no

qualifiers

See Resources API

 

 

no

rules

Filter on specific rules, given by their keys or ids

 

 

no

priorities

Comma-separated list of priorities

BLOCKER,CRITICAL,MAJOR,MINOR,INFO

 

no

limit

Maximum number of results

int

5000

no

include_review

Include review data into response. Since version 2.8.

true,false

false

no

output

Output format of review comments. Ignored if include_review is false. Since version 2.8.

PLAIN,HTML

PLAIN

no

switched_off

If true, then return only switched-off violations (usually false-positives), else switched-off violations are excluded. Since version 2.8.

true,false

false

no

categories

filter on rules category, for example 'Reliability'. Removed since version 2.5

 

 

no

XML response
JSON response
Labels:
None
Edit Labels