Automatically created PAT in sonar cloud when run the pipeline in the azure devops

In azure Pipelines, when we run a build pipeline that integrates with sonar cloud, it’s common for a personal access token (PAT) to be automatically created. is it expected behavior.

  1. can we avoid automatically creating user PAT
  2. if it created why its created and explain.

Hey there.

That sounds odd. What token do you see being created and where? Screenshots/logs would be helpful here.

  1. Those tokens are automatically created in the Sonar cloud account.
  2. Whenever the user runs the pipeline in Azure automatically, his or her sonar cloud account tokens are created.
  3. If you run the pipeline, the user PAT (access token) created it in your account, or if I run the pipeline in my account, the user PAT (access token) created it in my account.


In fact – this isn’t coming from running the pipeline, but by going through the onboarding UI (where the token is generated so it can be used).

It seems annoying that the token is always generated (there’s no option to reuse an existing one) and I’ll flag this for attention.

Its not created in Jenkins and SonarQube but why its created in azure and sonar cloud?

SonarQube asks you to explicitly generate a token, while SonarCloud generates one as soon as you start the onboarding tutorial for a new project. They are simply not aligned at this stage.

1 Like
  1. Is there any alternative to avoid token?
  2. can we avoid automatically generated tokens with use of webhook?

You can’t avoid this token being created when you create the project via the UI. You will have to clean it up (delete it) if you don’t plan on using it.

However, your feedback is well received about the noisy token generation.

  1. Is this expected, it happened every azure and sonar cloud integration?
  2. is it changes need from the configuration side in azure or sonar cloud ?

Hello and thank you for your input on this. It’s much appreciated.

Yes, this is “expected” behavior, it happens for every azure/sonarcloud integration and it’s not a mistake on your side.
As Colin explained, we need to generate a token when you go through the tutorial so we can display it on the UI and make the onboarding smooth for people who are not familiar with this.

However, we believe this can be improved so we don’t stack dozens of tokens if you don’t use them. We’ve added it in our roadmap.

Best regards,