Best Practice for SonarCloud SONAR_TOKEN for project scanning

Hello sonar community, I have a question regarding the best practice for creating and analyzing a project using a SONAR_TOKEN via CI.
Currently the situation on my org is 2 admin user create all of the project, and then give the project team lead the generated SONAR_TOKEN for it to be inserted to their secrets for CI. We’re afraid that if one of the user admin leave and his account is deleted, it will break all of the project that he created. Is there any best fix situation for this?

It’s true that if a user’s account is deleted, their tokens would stop working. One way to workaround this is to create a technical user (this requires a user identity in the DevOps Platform you login with) with global Execute Analysis permissions for which you would generate the token.

1 Like

Noted, so is there anymore best practice we need to follow regarding the sonar_token and project creation and scanning?