Azure DevOps Scanner The token you provided doesn't have sufficient rights to check license

  • SonarQube: Community Edition Version 8.5.1
    Scanner: Azure DevOps Scanner Version 4.17
    Azure DevOps Server 2019

I have installed SonarQube through Docker image, connected it with SQL database. During the Prepare for analysis I get the following error

The token you provided doesn’t have sufficient rights to check license.

I tried running the analysis with “SonarScanner.MSBuild.exe” and that works

Can you please help me on how to set it up using Azure DevOps scanner?

1 Like

Hi @atif and welcome to the community !

The extension will use the Service connection (so the host url and the token that you set inside it) to set the sonar.login that will be passed to the Scanner for MSBuild and to authenticate API calls. Can you make sure that this part is working well ?


Hi @mickaelcaro yes i have added the service connection and its connected. I have added the URL to Sonarqube and token that was generated in sonarqube

Would it be possible to have a log of the Prepare analysis configuration task please, in debug ? (you can add the system.debug = true pipeline variable).

Tell me if you need to share it privately, i’ll send you a PM.


from browser if I access this URL:, i get the following response
{“errors”:[{“msg”:“Unknown url : /api/editions/is_valid_license”}]}

The log for sonarqube is here 4_SonarQube Initializing.txt (14.7 KB)

Have you created this service connection a long time ago ? Sounds like the sonar.password value is set, which is not expected, unless you set it manually somewhere ?

No, i have created it 2 or 3 days ago.
Attaching the screen shot for service connection.

I disconnected the connection and recreated it, still getting same error. With new generated token
Following is the yaml task

  • task: SonarQubePrepare@4
    displayName: ‘SonarQube Initializing’
    SonarQube: ‘SonarQube’
    scannerMode: ‘MSBuild’
    projectKey: ‘Test-AGT’

Hi @mickaelcaro, can you please help me out?

Hi @atif

You don’t have any Additional properties set in your SonarQube Prepare yaml task, right ?

right, nothing else

Apart from having created the service connection recently, did you also installed the extension recently ? Or was it here since a long time ?

I explored sonar qube like 2 weeks ago and decided to give it a try. so everything is new, nothing is old

Thanks ! I identified something on the extension, but that doesn’t seem to occur that much (setting the sonar.password i mean), i’ll have a look and see what i can do here.

perfect, thank you

Hi again @atif

I have few things / requests to ask you on that :

  • Can you try to copy/past a newly generated token to the service connection ? Please note that this is the one to generate in the Security menu of your account on SonarQube, and make sure that you copy it without spaces of “:” character.
  • Can you also try to specify a version in your SonarQubePrepare task version, by writing SonarQubePrepare@4.11.0 instead of SonarQubePrepare@4
  • Can you tell me which build version of Azure DevOps you have currently ?


For this I am getting: ‘Task reference must be in the format @. For example MyTask@2. The following task reference format is invalid: ‘SonarQubePrepare@4.11.0’’

its : Version Dev17.M153.3

Done, copy it with the ‘copy’ button.

Not sure if it helps or not, at service connections, if enter wrong token, it does not give me error.

This is “normal” as there are no verification upon saving.

Can you also try to get that Service Connection through the azdo rest API, and se what is filled as a password value ? You have the doc just here

this is what i am getting

“data”: {},
“id”: “xxxxxxxxxxxxxxx”,
“name”: “SonarQube”,
“type”: “sonarqube”,
“url”: “”,
“createdBy”: {
“displayName”: “Atif Farrukh”,
“id”: “xxxxxxxxxxxxxxxxxxxxxxxxxxxx”,
“uniqueName”: “xxxxx”
“authorization”: {
“scheme”: “UsernamePassword”
“isShared”: false,
“isReady”: true,
“owner”: “Library”

Don’t you have any parameters like this inside ?

“parameters”: {
“username”: null