Sonarqube
SonarQube is a code quality and security analysis platform that helps development teams systematically improve code quality by detecting bugs, vulnerabilities, and code smells across multiple programming languages.
Power end-to-end data operations for your Sonarqube API with Nexla. Our bi-directional Sonarqube connector is purpose-built for Sonarqube, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to Sonarqube or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your Sonarqube workflows fast, secure, and fully governed.
Features
Type: API
- Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
- Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
- API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
- Request optimization with intelligent batching, retry, and caching to minimize API calls and costs
Prerequisites
Before creating a SonarQube credential, you need to obtain your API Key (User Token) from your SonarQube account. SonarQube uses API Key authentication for all API requests, with the API key sent in the Authorization header with the Bearer prefix.
To obtain your SonarQube API Key, follow these steps:
-
Sign in to your SonarQube account using your administrator credentials.
-
Navigate to your user account settings by clicking your profile icon in the top right corner and selecting My Account or Account.
-
In your account settings, navigate to Security or Tokens section.
-
Look for the User Tokens or API Tokens section in your account settings.
-
If you don't have an API token yet, look for the option to generate or create your user token.
-
Click Generate Token or Create Token to create a new user token.
-
Configure your user token settings:
- Enter a name for the token (e.g., "Nexla Integration")
- Review and select the token type (User Token or Project Token)
-
Click Generate to create the user token.
-
Copy the user token immediately after it's generated, as it may not be accessible again after you navigate away from the page.
-
Store the user token securely, as you will need it to configure your Nexla credential. The user token is sensitive information and should be kept confidential.
The API key (user token) is sent in the Authorization: Bearer {token} header for all API requests to the SonarQube API. The token authenticates your requests and grants access to SonarQube resources based on your account permissions. If your API key is compromised, you should immediately revoke it in your SonarQube account settings and generate a new one. For detailed information about obtaining user tokens, API authentication, and available endpoints, refer to the SonarQube Web API documentation.
Authenticate
Credentials required
| Field | Required | Secret | Description |
|---|---|---|---|
| API Key Value | Yes | Yes |
Create a credential in Nexla
- After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
New Credential Overlay – SonarQube

-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
-
Enter your SonarQube API Key Value in the API Key Value field. This is the user token you obtained from your SonarQube account settings (My Account > Security > User Tokens). The API key is sent in the
Authorization: Bearer {token}header for all API requests to the SonarQube API and must be kept confidential.Your SonarQube API key (user token) can be found in your SonarQube account settings under My Account > Security > User Tokens. The API key is sent in the
Authorization: Bearer {token}header for all API requests to the SonarQube API.If your API key is compromised, you should immediately revoke it in your SonarQube account settings and generate a new one. The API key provides access to your SonarQube account data and should be treated as sensitive information. Keep your API key secure and do not share it publicly.
For detailed information about obtaining user tokens, API authentication, and available endpoints, see the SonarQube Web API documentation.
-
Click the Save button at the bottom of the overlay. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation.
Use as a data source
To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Select the SonarQube connector tile, then select the credential that will be used to connect to your SonarQube account, and click Next; or, create a new SonarQube credential for use in this flow.
Endpoint templates
Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common SonarQube endpoints. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below.
Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.
Manual configuration
SonarQube data sources can also be manually configured to ingest data from any valid SonarQube API endpoint, including endpoints not covered by the pre-built templates, chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.
SonarQube API typically uses the GET method for retrieving data (e.g., https://sonarqube.com/api/components/search, https://sonarqube.com/api/metrics/search). Use a Response Data Path such as $.components[*] or $.metrics[*] to extract the relevant records, and configure incrementing page-based pagination using the pageIndex and pageSize parameters.
Once all of the relevant settings have been configured, click the Next button to proceed with the rest of the data flow configuration, or click Save to save the data source configuration for later use.
Use as a destination
Click the + icon on the Nexset that will be sent to the SonarQube destination, and select the Send to Destination option from the menu. Select the SonarQube connector from the list of available destination connectors, then select the credential that will be used to connect to your SonarQube account, and click Next; or, create a new SonarQube credential for use in this flow.
Endpoint templates
Nexla provides pre-built templates that can be used to rapidly configure destinations to send data to common SonarQube endpoints. Select the endpoint to which data will be sent from the Endpoint pulldown menu. Then, click on the template in the list below to expand it, and follow the instructions to configure additional endpoint settings.
Manual configuration
SonarQube destinations can also be manually configured to send data to any valid SonarQube API endpoint. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, data format, endpoint URL, request headers, attribute exclusions, record batching, and response webhooks.
SonarQube API typically uses the POST method and expects JSON format (e.g., https://sonarqube.com/api/notifications/add, https://sonarqube.com/api/project_tags/set). The request body is typically {message.json} to send the entire Nexset record as JSON, with field names matching the SonarQube API's expected structure for the endpoint you're using.
Save & activate
Once all endpoint settings have been configured, click the Done button in the upper right corner of the screen to save and create the destination. To send the data to the configured SonarQube endpoint, open the destination resource menu, and select Activate.
The Nexset data will not be sent to the SonarQube endpoint until the destination is activated. Destinations can be activated immediately or at a later time, providing full control over data movement.