Add the SonarQube MCP server to Windsurf

Config last verified Jun 1, 2026

The exact config to run SonarQube in Windsurf — paste it in, restart, and the tools load.

Prerequisites

Windsurf installed.
SONARQUBE_TOKEN — SonarQube Cloud or Server token used to authenticate API calls.

Setup

1. Open `~/.codeium/windsurf/mcp_config.json`

On Windows the file lives at %USERPROFILE%\.codeium\windsurf\mcp_config.json.

2. Add this configuration

Add to ~/.codeium/windsurf/mcp_config.json

~/.codeium/windsurf/mcp_config.json

json

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": [
        "run",
        "--init",
        "--pull=always",
        "-i",
        "--rm",
        "-e",
        "SONARQUBE_TOKEN",
        "-e",
        "SONARQUBE_ORG",
        "mcp/sonarqube"
      ],
      "env": {
        "SONARQUBE_TOKEN": "<SONARQUBE_TOKEN>",
        "SONARQUBE_ORG": "<SONARQUBE_ORG>"
      }
    }
  }
}

3. Restart Windsurf and confirm the SonarQube tools load.

Gotchas

Windsurf's Cascade reads MCP servers from an "mcpServers" object in ~/.codeium/windsurf/mcp_config.json. Unlike most clients, remote servers are configured with the "serverUrl" field rather than "url", so a config that uses "url" silently fails to connect. Native remote transport is supported without an OAuth flow.

← Back to the SonarQube MCP server