Azure DevOps 403 error

My SonarCloud tasks in my Azure DevOps CI pipeline have recently started failing. My PAT expired, so I feel confident that that’s what caused the tasks to start failing. However, after regenerating the PAT and pasting it in my organization’s settings in SonarCloud, I’m still getting the 403 error when trying to access my organization. Any help with this is apprciated.

20:30:04.858  Fetching quality profile for project '<project>'...
20:30:04.858  Downloading from https://sonarcloud.io/api/qualityprofiles/search?project=<project>&organization=<organization>...
20:30:05.03  Response received from https://sonarcloud.io/api/qualityprofiles/search?project=<project>&organization=<organization>...
##[debug]Processed: ##vso[task.logissue type=error;]

##[error]Unhandled Exception:
##[debug]Processed: ##vso[task.logissue type=error;]Unhandled Exception:
##[error]System.Net.Http.HttpRequestException: Response status code does not indicate success: 403 ().

Hey there.

It looks like you’re updating your Azure DevOps Personal Access Token for SonarQube Cloud’s organization binding, but here in your pipeline it’s SonarQube Cloud being queried (and SonarQube Cloud returning a 403), so the relevant credentials here is a SonarQube Cloud token—not an Azure DevOps PAT.

I suggest:

  • Checking that your SonarQube Cloud token (not Azure DevOps PAT) is configured in the service connection or pipeline variable used by your SonarQube Cloud tasks.
  • Ensuring the token was generated by a SonarQube Cloud user who has sufficient permissions to access the organization and project. The user should at least have “Execute Analysis” and “Browse” permissions on the project.