search: Search for issues
API: sonarcloud.io:sonarqube
Endpoint: /api/issues/search
Response format: application/json
Auth: unknown
Method: GET
Last Status:
400
Latency: 286ms
Description
Search for issues. Requires the 'Browse' permission on the specified project(s).
Parameters (39)
additionalFields
(string, query, optional)
Comma-separated list of the optional fields to be returned in response. Action plans are dropped in 5.5, it is not returned in the response.
Constraints: {'enum': ['_all', 'comments', 'languages', 'actionPlans', 'rules', 'ruleDescriptionContextKey', 'transitions', 'actions', 'users']}
asc
(string, query, optional, default: true)
Ascending sort
Constraints: {'enum': ['true', 'false', 'yes', 'no']}
assigned
(string, query, optional)
To retrieve assigned or unassigned issues
Constraints: {'enum': ['true', 'false', 'yes', 'no']}
assignees
(string, query, optional)
Comma-separated list of assignee logins. The value '__me__' can be used as a placeholder for user who performs the request
author
(string, query, optional)
SCM accounts. To set several values, the parameter must be called once for each value.
branch
(string, query, optional)
Branch key
cleanCodeAttributeCategories
(string, query, optional)
Comma-separated list of clean code attribute categories.
Constraints: {'enum': ['ADAPTABLE', 'CONSISTENT', 'INTENTIONAL', 'RESPONSIBLE']}
complianceStandards
(string, query, optional)
Set of compliance standards to filter on. Categories within a standard are comma-separated and behave as an 'or'. Multiple standards are separated by an ampersand and behave as an 'and'.
componentKeys
(string, query, optional)
Comma-separated list of component keys. Retrieve issues associated to a specific list of components (and all its descendants). A component can be a project, directory or file.
createdAfter
(string, query, optional)
To retrieve issues created after the given date (inclusive). Either a date (server timezone) or datetime can be provided. If this parameter is set, createdSince must not be set
createdAt
(string, query, optional)
Datetime to retrieve issues created during a specific analysis
createdBefore
(string, query, optional)
To retrieve issues created before the given date (inclusive). Either a date (server timezone) or datetime can be provided.
createdInLast
(string, query, optional)
To retrieve issues created during a time span before the current time (exclusive). Accepted units are 'y' for year, 'm' for month, 'w' for week and 'd' for day. If this parameter is set, createdAfter must not be set
cwe
(string, query, optional)
Comma-separated list of CWE identifiers. Use 'unknown' to select issues not associated to any CWE.
facetMode
(string, query, optional, default: count)
Choose the returned value for facet items, either count of issues or sum of remediation effort.
Constraints: {'enum': ['count', 'effort']}
facets
(string, query, optional)
Comma-separated list of the facets to be computed. No facet is computed by default.
Constraints: {'enum': ['projects', 'moduleUuids', 'fileUuids', 'assigned_to_me', 'severities', 'statuses', 'issueStatuses', 'resolutions', 'rules', 'assignees', 'author', 'directories', 'languages', 'tags', 'types', 'owaspMobileTop10-2024', 'owaspTop10', 'owaspTop10-2021', 'cwe', 'createdAt', 'sonarsourceSecurity', 'impactSoftwareQualities', 'impactSeverities', 'cleanCodeAttributeCategories', 'complianceStandards']}
impactSeverities
(string, query, optional)
Comma-separated list of impact severities.
Constraints: {'enum': ['INFO', 'LOW', 'MEDIUM', 'HIGH', 'BLOCKER']}
impactSoftwareQualities
(string, query, optional)
Comma-separated list of software qualities.
Constraints: {'enum': ['MAINTAINABILITY', 'RELIABILITY', 'SECURITY']}
issueStatuses
(string, query, optional)
Comma-separated list of issue statuses
Constraints: {'enum': ['OPEN', 'CONFIRMED', 'FALSE_POSITIVE', 'ACCEPTED', 'FIXED']}
issues
(string, query, optional)
Comma-separated list of issue keys
languages
(string, query, optional)
Comma-separated list of languages. Available since 4.4
onComponentOnly
(string, query, optional, default: false)
Return only issues at a component's level, not on its descendants (modules, directories, files, etc). This parameter is only considered when componentKeys or componentUuids is set.
Constraints: {'enum': ['true', 'false', 'yes', 'no']}
organization
(string, query, optional)
Organization key
owaspMobileTop10-2024
(string, query, optional)
Comma-separated list of OWASP Mobile Top 10 - 2024 lowercase categories.
Constraints: {'enum': ['m1', 'm2', 'm3', 'm4', 'm5', 'm6', 'm7', 'm8', 'm9', 'm10']}
owaspTop10
(string, query, optional)
Comma-separated list of OWASP Top 10 lowercase categories.
Constraints: {'enum': ['a1', 'a2', 'a3', 'a4', 'a5', 'a6', 'a7', 'a8', 'a9', 'a10']}
owaspTop10-2021
(string, query, optional)
Comma-separated list of OWASP Top 10 - 2021 lowercase categories.
Constraints: {'enum': ['a1', 'a2', 'a3', 'a4', 'a5', 'a6', 'a7', 'a8', 'a9', 'a10']}
p
(string, query, optional, default: 1)
1-based page number
ps
(string, query, optional, default: 100)
Page size. Must be greater than 0 and less or equal than 500
pullRequest
(string, query, optional)
Pull request id
resolutions
(string, query, optional)
Comma-separated list of resolutions
Constraints: {'enum': ['FALSE-POSITIVE', 'WONTFIX', 'FIXED', 'REMOVED']}
resolved
(string, query, optional)
To match resolved or unresolved issues
Constraints: {'enum': ['true', 'false', 'yes', 'no']}
rules
(string, query, optional)
Comma-separated list of coding rule keys. Format is <repository>:<rule>
s
(string, query, optional)
Sort field
Constraints: {'enum': ['CLOSE_DATE', 'HOTSPOTS', 'FILE_LINE', 'SEVERITY', 'CREATION_DATE', 'ASSIGNEE', 'STATUS', 'UPDATE_DATE']}
severities
(string, query, optional)
Comma-separated list of severities
Constraints: {'enum': ['INFO', 'MINOR', 'MAJOR', 'CRITICAL', 'BLOCKER']}
sinceLeakPeriod
(string, query, optional, default: false)
To retrieve issues created since the leak period. If this parameter is set to a truthy value, createdAfter must not be set and one component id or key must be provided.
Constraints: {'enum': ['true', 'false', 'yes', 'no']}
sonarsourceSecurity
(string, query, optional)
Comma-separated list of SonarSource security categories. Use 'others' to select issues not associated with any category
Constraints: {'enum': ['buffer-overflow', 'permission', 'sql-injection', 'command-injection', 'path-traversal-injection', 'ldap-injection', 'xpath-injection', 'rce', 'dos', 'ssrf', 'csrf', 'xss', 'log-injection', 'http-response-splitting', 'open-redirect', 'xxe', 'object-injection', 'weak-cryptography', 'auth', 'insecure-conf', 'encrypt-data', 'traceability', 'file-manipulation', 'others']}
statuses
(string, query, optional)
Comma-separated list of statuses
Constraints: {'enum': ['OPEN', 'CONFIRMED', 'REOPENED', 'RESOLVED', 'CLOSED']}
tags
(string, query, optional)
Comma-separated list of tags.
types
(string, query, optional)
Comma-separated list of types.
Constraints: {'enum': ['CODE_SMELL', 'BUG', 'VULNERABILITY']}
Examples (1)
Search for issues
openapi-spec
Curl
Python Requests
Zingu Apis
Javascript Fetch
curl 'https://sonarcloud.io/api/issues/search?assignees=admin%2Cusera%2C__me__&author=author%3Dtorvalds%40linux-foundation.org%26author%3Dlinux%40fondation.org&branch=feature%2Fmy_branch&cleanCodeAttributeCategories=ADAPTABLE%2CINTENTIONAL&complianceStandards=owasp_asvs%3Aurn%3Asonar-security-standard%3Aowasp%3Aasvs%3A5.0%3D15%2C16%26sonar_standard%3Aurn%3Asonar-security-standard%3Asonar%3Astandard%3Aunversioned%3Dlog-injection&sonar_standard%3Aurn%3Asonar-security-standard%3Asonar%3Astandard%3Aunversioned=log-injection&componentKeys=my_project&createdAfter=2017-10-19+or+2017-10-19T13%3A00%3A00%2B0200&createdAt=2017-10-19T13%3A00%3A00%2B0200&createdBefore=2017-10-19+or+2017-10-19T13%3A00%3A00%2B0200&createdInLast=1m2w+%281+month+2+weeks%29&cwe=12%2C125%2Cunknown&impactSeverities=HIGH%2CLOW&impactSoftwareQualities=MAINTAINABILITY%2CRELIABILITY&issueStatuses=OPEN%2CACCEPTED&issues=5bccd6e8-f525-43a2-8d76-fcb13dde79ef&languages=java%2Cjs&organization=my-org&p=42&ps=20&pullRequest=5461&resolutions=FIXED%2CREMOVED&rules=squid%3AAvoidCycles&severities=BLOCKER%2CCRITICAL&statuses=OPEN%2CREOPENED&tags=security%2Cconvention&types=CODE_SMELL%2CBUG'import requests
resp = requests.get(
"https://sonarcloud.io/api/issues/search",
params={
'assignees': 'admin,usera,__me__',
'author': 'author=torvalds@linux-foundation.org&author=linux@fondation.org',
'branch': 'feature/my_branch',
'cleanCodeAttributeCategories': 'ADAPTABLE,INTENTIONAL',
'complianceStandards': 'owasp_asvs:urn:sonar-security-standard:owasp:asvs:5.0=15,16&sonar_standard:urn:sonar-security-standard:sonar:standard:unversioned=log-injection',
'sonar_standard:urn:sonar-security-standard:sonar:standard:unversioned': 'log-injection',
'componentKeys': 'my_project',
'createdAfter': '2017-10-19 or 2017-10-19T13:00:00+0200',
'createdAt': '2017-10-19T13:00:00+0200',
'createdBefore': '2017-10-19 or 2017-10-19T13:00:00+0200',
'createdInLast': '1m2w (1 month 2 weeks)',
'cwe': '12,125,unknown',
'impactSeverities': 'HIGH,LOW',
'impactSoftwareQualities': 'MAINTAINABILITY,RELIABILITY',
'issueStatuses': 'OPEN,ACCEPTED',
'issues': '5bccd6e8-f525-43a2-8d76-fcb13dde79ef',
'languages': 'java,js',
'organization': 'my-org',
'p': '42',
'ps': '20',
'pullRequest': '5461',
'resolutions': 'FIXED,REMOVED',
'rules': 'squid:AvoidCycles',
'severities': 'BLOCKER,CRITICAL',
'statuses': 'OPEN,REOPENED',
'tags': 'security,convention',
'types': 'CODE_SMELL,BUG',
},
)
data = resp.json()import zingu_apis
api = zingu_apis.api("sonarqube")
result = api.fetch("api/issues/search", assignees="admin,usera,__me__", author="author=torvalds@linux-foundation.org&author=linux@fondation.org", branch="feature/my_branch", cleanCodeAttributeCategories="ADAPTABLE,INTENTIONAL", complianceStandards="owasp_asvs:urn:sonar-security-standard:owasp:asvs:5.0=15,16&sonar_standard:urn:sonar-security-standard:sonar:standard:unversioned=log-injection", sonar_standard:urn:sonar-security-standard:sonar:standard:unversioned="log-injection", componentKeys="my_project", createdAfter="2017-10-19 or 2017-10-19T13:00:00+0200", createdAt="2017-10-19T13:00:00+0200", createdBefore="2017-10-19 or 2017-10-19T13:00:00+0200", createdInLast="1m2w (1 month 2 weeks)", cwe="12,125,unknown", impactSeverities="HIGH,LOW", impactSoftwareQualities="MAINTAINABILITY,RELIABILITY", issueStatuses="OPEN,ACCEPTED", issues="5bccd6e8-f525-43a2-8d76-fcb13dde79ef", languages="java,js", organization="my-org", p=42, ps=20, pullRequest=5461, resolutions="FIXED,REMOVED", rules="squid:AvoidCycles", severities="BLOCKER,CRITICAL", statuses="OPEN,REOPENED", tags="security,convention", types="CODE_SMELL,BUG")
for item in result:
print(item)const resp = await fetch("https://sonarcloud.io/api/issues/search?assignees=admin%2Cusera%2C__me__&author=author%3Dtorvalds%40linux-foundation.org%26author%3Dlinux%40fondation.org&branch=feature%2Fmy_branch&cleanCodeAttributeCategories=ADAPTABLE%2CINTENTIONAL&complianceStandards=owasp_asvs%3Aurn%3Asonar-security-standard%3Aowasp%3Aasvs%3A5.0%3D15%2C16%26sonar_standard%3Aurn%3Asonar-security-standard%3Asonar%3Astandard%3Aunversioned%3Dlog-injection&sonar_standard%3Aurn%3Asonar-security-standard%3Asonar%3Astandard%3Aunversioned=log-injection&componentKeys=my_project&createdAfter=2017-10-19+or+2017-10-19T13%3A00%3A00%2B0200&createdAt=2017-10-19T13%3A00%3A00%2B0200&createdBefore=2017-10-19+or+2017-10-19T13%3A00%3A00%2B0200&createdInLast=1m2w+%281+month+2+weeks%29&cwe=12%2C125%2Cunknown&impactSeverities=HIGH%2CLOW&impactSoftwareQualities=MAINTAINABILITY%2CRELIABILITY&issueStatuses=OPEN%2CACCEPTED&issues=5bccd6e8-f525-43a2-8d76-fcb13dde79ef&languages=java%2Cjs&organization=my-org&p=42&ps=20&pullRequest=5461&resolutions=FIXED%2CREMOVED&rules=squid%3AAvoidCycles&severities=BLOCKER%2CCRITICAL&statuses=OPEN%2CREOPENED&tags=security%2Cconvention&types=CODE_SMELL%2CBUG");
const data = await resp.json();
Run
Probe History
Time Status Latency Size
2026-04-16 03:17:24.783753
400
286ms
2026-04-15 02:02:36.747425
400
194ms
2026-04-14 00:58:03.603534
400
184ms
2026-04-12 14:22:52.768802
400
214ms
2026-04-10 01:34:52.193704
400
180ms
2026-04-09 00:49:48.576921
400
204ms