Azure DevOps PAT goes invalid for no reason

We’ve had this problem a couple of times.
After a couple of months, our PAT to Azure DevOps somehow goes invalid.
This manifests itself by an error on Pull Requests:

##[error]ERROR: Error during SonarScanner execution

ERROR: Error during SonarScanner execution

##[error]ERROR: Could not find the pullrequest with key ‘6371’

ERROR: Caused by: Error 404 on https://sonarcloud.io/api/alm_integration/show_pullrequest?project=&pullrequestKey=6371 : {“errors”:[{“msg”:“Unable to find the pullrequest with key \u00276371\u0027”}]}

However, checking Azure DevOps, there are no recently expired tokens:

All tokens were revoked before, and we have the single active token in use since November '23
The PAT on the Organization level says it’s valid:

There is no PAT on the Project level:

We have entered the very same PAT again on the organization level (the input field even recognized it using autocomplete), and now PR builds work again.

The issue seems to have started on Friday, February 9th

As this is quite a “common” issue for us now (as mentioned, every couple months), and a lot of builds fail during this time, we would like to ask for a deeper investigation about this issue, it’s quite disruptive for us every time it happens.

Also, I’m sure the error message can somehow be improved that it actually states that the PAT is invalid… ?

1 Like

Hello @MichelZ,

I can observe the behaviour you described, and we currently don’t have enough information on our end to diagnose the problem.

I can verify that when the scanner fails with the message Error 404 on ..., it is a consequence of Azure DevOps returning a 403 status code when we request more information about the pull request in question.

We’re going to add extra logging on our end, so that next time when it happens we have more information to figure out what is happening. Could you post on this thread when it happens again?

1 Like

Sure, thanks for looking into it!