diff --git a/README.md b/README.md
index c7ffd9e..f056eb7 100644
--- a/README.md
+++ b/README.md
@@ -31,18 +31,28 @@ For further informations, please dive into [SonarQube requirements](https://docs
 SonarQube plugin installation
 -----------------------------
 
-This role support plugin installation based on "[SonarQube manual plugin installation](https://docs.sonarqube.org/display/SONAR/Installing+a+Plugin)" procedure.
+This role supports plugin installation based on "[SonarQube Install a Plugin](https://docs.sonarqube.org/latest/setup/install-plugin/)" procedure. Both marketplace and manual methods are supported.
 
 Please note that this role does not handle previously installed plugins.
-You *HAVE TO* remove previous versions yourself as stated in SonarQube documentation:
-`If another version of the same plugin is already there, you need to remove it, since only one version of a given plugin may be available in the extensions/plugins directory.`
+You **have to** remove previous versions yourself.
 
-You can list all plugin you need in the `sonar_plugins` variables, with the following syntax:
-```
-# sonar_plugins variable example:
-sonar_plugins:
-- { name: "sonar-city-model-plugin", version: "3.3", commercial: true, url: "http://www.qalitax.com/descargas/product/sonar-city-model-plugin-3.3.jar?customerSurnames=update-center&customerCompany=sonar-update-center&customerName=sonarqube&customerEmail=downloads@excentia.es"}
+To install plugins list them in `sonar_plugins` dictionary, the following options are available:
+- `name`: plugin name, for marketplace plugin it should be the name of plugin's manifest (json) from [here](https://update.sonarsource.org), for manual plugins it can be name of the plugin folder from [here](https://binaries.sonarsource.com/Distribution) or provide `url` option (see below);
+- `version`: plugin version;
+- `commercial`: is this commercial plugin (an another download location actually), make sense only for manual plugins;
+- `url`: link to plugin's jar, if provided, role doesn't try to find plugin and use this link, doesn't make sense for marketplace plugins because download url should be provided in manifest;
+- `marketplace`: is this manual or marketplace plugin, default is false.
 
+Example:
+```yml
+sonar_plugins:
+  - name: "sonar-city-model-plugin"
+    version: "3.3"
+    commercial: true
+    url: "http://www.qalitax.com/descargas/product/sonar-city-model-plugin-3.3.jar?customerSurnames=update-center&customerCompany=sonar-update-center&customerName=sonarqube&customerEmail=downloads@excentia.es"}
+  - name: "ansible"
+    version: "2.4.0"
+    marketplace: true
 ```
 
 
@@ -88,9 +98,8 @@ Available variables along with default values are listed below (see `defaults/ma
   # SonarQube service LimitNOFILE parameter
   sonar_limitnofile: 65536
 
-  # SonarQube plugins to install
+  # SonarQube plugins to install (see detailed description above)
   sonar_plugins: []
-  # - { name: "plugin name", version: "1.0", commercial: false, url: 'optional'}
 
   # Use the embedded H2 database, not for production environmnet
   sonar_db_embedded: true
@@ -304,11 +313,11 @@ Available variables along with default values are listed below (see `defaults/ma
   #
   # Example:
   # sonar_ldap:
-  #     authenticator_downcase: false           
-  #     url: 'ldap://your_ldap_url'             
+  #     authenticator_downcase: false
+  #     url: 'ldap://your_ldap_url'
   #     bind_dn: 'cn=sonaruser,o=example,o=com'
-  #     bind_password: 'MyBindPassword'         
-  #     user_base_dn: 'o=users,o=example,o=com'    
+  #     bind_password: 'MyBindPassword'
+  #     user_base_dn: 'o=users,o=example,o=com'
   #     authentication: simple
   #     realm: 'example.org'
   #     context_factory_class: com.sun.jndi.ldap.LdapCtxFactory
@@ -320,7 +329,7 @@ Available variables along with default values are listed below (see `defaults/ma
   #     user_email_attribute: 'mail'
   #     group_base_dn: 'o=groups,o=example,o=com'
   #     group_request: '(&(objectClass=groupOfNames)(member={dn}))'
-  #     group_id_attribute: 'sAMAccountName'  
+  #     group_id_attribute: 'sAMAccountName'
   #
   # default: undefined
   # sonar_ldap:
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
index a5324e1..ff62c8f 100644
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@@ -2,16 +2,18 @@
 - name: Converge
   hosts: all
   vars:
-    sonar_version: 7.3
+    sonar_version: 7.9
     sonar_plugins:
       - name: "sonar-l10n-pt"
         version: "6.4"
         commercial: false
         url: "https://github.com/felipebz/sonar-l10n-pt/releases/download/v6.4/sonar-l10n-pt-plugin-6.4.jar"
-      - name: "sonar-l10n-es"
-        version: "1.14"
+      - name: "sonar-html-plugin"
+        version: "3.2.0.2082"
         commercial: false
-        url: "https://github.com/acalero/sonar-l10n-es/releases/download/sonar-l10n-es-plugin-1.14/sonar-l10n-es-plugin-1.14.jar"
+      - name: "ansible"
+        version: "2.4.0"
+        marketplace: true
   pre_tasks:
     - name: install openjdk (redhat)
       package:
diff --git a/tasks/main.yml b/tasks/main.yml
index 9ecdb4b..718c14e 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -52,7 +52,8 @@
 
 - include_tasks: setup_sonarqube.yml
 
-- include_tasks: setup_plugin.yml
+- name: "install plugins"
+  include_tasks: setup_plugin.yml
   with_items: "{{ sonar_plugins }}"
   loop_control:
     loop_var: "sonar_cplugin"
diff --git a/tasks/setup_plugin.yml b/tasks/setup_plugin.yml
index d56e1a4..f3a1810 100644
--- a/tasks/setup_plugin.yml
+++ b/tasks/setup_plugin.yml
@@ -1,24 +1,19 @@
 ---
-- name: "{{ sonar_cplugin.name }} | Set current plugin's jar filename"
-  set_fact:
-    cplugin_fname: "{{ sonar_cplugin.name }}-{{ sonar_cplugin.version }}.jar"
+- name: "install plugin from binaries.sonarsource.com"
+  include: setup_plugin_binaries.yml
+  when: not sonar_cplugin.get('marketplace', false)|bool
 
-- name: "{{ sonar_cplugin.name }} | Set current plugins's custom download URL if available"
-  set_fact:
-    cplugin_url: "{{ sonar_cplugin.url }}"
-  when: sonar_cplugin.url is defined and sonar_cplugin.url | length > 0
-
-- name: "{{ sonar_cplugin.name }} | Set current plugins's default download URL no custom one"
-  set_fact:
-    cplugin_url: "{{ sonar_cplugin.commercial | ternary(sonar_commercial_plugin_baseurl,sonar_plugin_baseurl) }}/{{ sonar_cplugin.name }}/{{ cplugin_fname }}"
-  when: cplugin_url is not defined or cplugin_url | length <= 0
+- name: "install plugin from updates.sonarsource.com"
+  include: setup_plugin_marketplace.yml
+  when: sonar_cplugin.get('marketplace', false)|bool
 
 - name: "{{ sonar_cplugin.name }} | Download current plugin"
   get_url:
     url: "{{ cplugin_url }}"
-    dest: "{{ __sonar_plugin_home }}/{{ cplugin_fname }}"
+    dest: "{{ __sonar_plugin_home }}"
     owner: "{{ sonar_user }}"
     group: "{{ sonar_group }}"
+    mode: "0644"
   retries: 5
   delay: 10
   notify:
diff --git a/tasks/setup_plugin_binaries.yml b/tasks/setup_plugin_binaries.yml
new file mode 100644
index 0000000..849837c
--- /dev/null
+++ b/tasks/setup_plugin_binaries.yml
@@ -0,0 +1,14 @@
+---
+- name: "{{ sonar_cplugin.name }} | Set current plugin's jar filename"
+  set_fact:
+    cplugin_fname: "{{ sonar_cplugin.name }}-{{ sonar_cplugin.version }}.jar"
+
+- name: "{{ sonar_cplugin.name }} | Set current plugins's custom download URL if available"
+  set_fact:
+    cplugin_url: "{{ sonar_cplugin.url }}"
+  when: sonar_cplugin.url is defined and sonar_cplugin.url | length > 0
+
+- name: "{{ sonar_cplugin.name }} | Set current plugins's default download URL no custom one"
+  set_fact:
+    cplugin_url: "{{ sonar_cplugin.commercial | ternary(sonar_commercial_plugin_baseurl,sonar_plugin_baseurl) }}/{{ sonar_cplugin.name }}/{{ cplugin_fname }}"
+  when: cplugin_url is not defined or cplugin_url | length <= 0
diff --git a/tasks/setup_plugin_marketplace.yml b/tasks/setup_plugin_marketplace.yml
new file mode 100644
index 0000000..0d6c58a
--- /dev/null
+++ b/tasks/setup_plugin_marketplace.yml
@@ -0,0 +1,28 @@
+---
+- name: "set plugin json url"
+  set_fact:
+    plugin_url: "{{ __sonar_marketplace_url }}/{{ sonar_cplugin.name }}.json"
+
+- name: "get plugin json for {{ sonar_cplugin.name }}"
+  uri:
+    url: "{{ plugin_url }}"
+    method: GET
+    return_content: yes
+    status_code: 200
+    body_format: json
+  register: result
+
+- name: "extract plugin info"
+  set_fact:
+    plugin_info: "{{ result['content'] | from_json }}"
+
+- name: "check version"
+  assert:
+    that:
+      - "'versions' in plugin_info"
+      - "sonar_cplugin.version in plugin_info['versions']|map(attribute='version')|list"
+    msg: "{{ sonar_cplugin.name }} plugin version '{{ sonar_cplugin.version }}' doesn't exist in {{ plugin_url }}"
+
+- name: "set download url"
+  set_fact:
+    cplugin_url: "{{ (plugin_info['versions']|selectattr('version','equalto',sonar_cplugin.version))[0]['downloadURL'] }}"
diff --git a/tasks/setup_sonarqube.yml b/tasks/setup_sonarqube.yml
index 338d102..384a9df 100644
--- a/tasks/setup_sonarqube.yml
+++ b/tasks/setup_sonarqube.yml
@@ -74,7 +74,7 @@
     recurse: yes
     owner: "{{ sonar_user }}"
     group: "{{ sonar_group }}"
-    mode: "go-w"
+    mode: "o-w"
 
 - name: "Ensure SonarQube configuration"
   template:
diff --git a/vars/main.yml b/vars/main.yml
index a901504..20418f2 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,6 +1,7 @@
 ---
 # vars file for ansible-role-sonarqube/
 __sonarsource_url: "https://binaries.sonarsource.com"
+__sonar_marketplace_url: "https://update.sonarsource.org"
 __sonar_distribution_url: "{{ __sonarsource_url }}/Distribution"
 __sonar_archive: "sonarqube-{{ sonar_version }}.zip"
 __sonar_download_url: "{{ __sonar_distribution_url }}/sonarqube/{{ __sonar_archive }}"