Managing ALM integrations in SonarQube via PostMan(Azure DevOps) with example code in TypeScript

3 min readJul 6, 2021


Hello I wanted to share my knowledge about administrating Sonarqube and adding / updating Azure DevOps tokens via the API of SonarQube. I’ve done this with Typescript in a kubernetes cron job now. But I’ll start with simple Postman scripts.

The API of SonarQube

Sonarqube offers three interesting APIs to manage your ALM integration:

Getting all alm settings
Deleting a specific setting
Create a new Azure DevOps setting

Get an admins user token to use these APIs

I think this is the best point to start:

Listing all existing bindings

Listing all existing bindings is pretty simple. You simply do a GET request to https://YOURDOMAIN/api/alm_settings/list. And in the Auth section just select Basic Auth and set your token as Username. The password should stay empty.

Delete an existing binding

Now we need to run a POST request to https://YOURDOMAIN/api/alm_settings/delete. In the Authentication section we are using the same setup as before. In the Params section we now need to add:
Key : Value
key : myExistingKey

Create a new binding

This is again a post request and the url is: https://YOURDOMAIN/api/alm_settings/create_azure. We will reuse our well known auth config here as well. And the Params look like this:

Key : Value

key : myNewKey
personalAccessToken : A Code read & write PAT from Azure DevOps (see my previous article)
url : Link to your azure devops organisation

Well done now you can administrate your ALM settings via the API of SonarQube.

Now it’s pretty easy to create automated scripts in a language you prefer to automatically update Azure DevOps Pats in your Sonarqube. I’m using a Typescript based cron job in kubernetes to manage this.

You can find a simple Typescript SonarQube Client in github:

Good luck with automating these API calls.