Failed to query server version although token unchanged

Hello Sonar community!

An error has started to occur in the pipeline since 22 May, although the token (PAT) has not been revoked or modified. Pipeline still fail till today.

• Enterprise Edition v10.8.1 (101195)
• ALM & CI used Azure DevOps
• SonarQube(Prepare|Analyze|Publish)@7
• APEX, CSS, JS, JSON, HTML, XML
• Error observed

2025-05-26T09:52:45.2535169Z ##[section]Starting: SonarQube: Run code analysis
2025-05-26T09:52:45.2539726Z ==============================================================================
2025-05-26T09:52:45.2539886Z Task         : Run Code Analysis
2025-05-26T09:52:45.2539977Z Description  : Run scanner and upload the results to the SonarQube Server.
2025-05-26T09:52:45.2540111Z Version      : 7.3.0
2025-05-26T09:52:45.2540194Z Author       : sonarsource
2025-05-26T09:52:45.2540292Z Help         : This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarqube-extension-for-azure-devops/)
2025-05-26T09:52:45.2540580Z ==============================================================================
2025-05-26T09:52:45.5905387Z [command]/home/vsts/work/_tasks/SonarQubeAnalyze_6d01813a-9589-4b15-8491-8164aeb38055/7.3.0/sonar-scanner/bin/sonar-scanner
2025-05-26T09:52:48.4357989Z 09:52:48.416 INFO  Scanner configuration file: /home/vsts/work/_tasks/SonarQubeAnalyze_6d01813a-9589-4b15-8491-8164aeb38055/7.3.0/sonar-scanner/conf/sonar-scanner.properties
2025-05-26T09:52:48.4376387Z 09:52:48.437 INFO  Project root configuration file: NONE
2025-05-26T09:52:48.4810769Z 09:52:48.480 INFO  SonarScanner CLI 7.1.0.4889
2025-05-26T09:52:48.4830518Z 09:52:48.482 INFO  Java 17.0.15 Eclipse Adoptium (64-bit)
2025-05-26T09:52:48.4844820Z 09:52:48.483 INFO  Linux 6.11.0-1014-azure amd64
2025-05-26T09:52:48.5130255Z 09:52:48.510 DEBUG Scanner max available memory: 1 GB
2025-05-26T09:52:48.5996252Z 09:52:48.598 DEBUG uname -m returned 'x86_64'
2025-05-26T09:52:48.6180006Z 09:52:48.617 DEBUG Using JVM default truststore: /usr/lib/jvm/temurin-17-jdk-amd64/lib/security/cacerts
2025-05-26T09:52:48.6208818Z 09:52:48.620 DEBUG Create: /home/vsts/.sonar/cache
2025-05-26T09:52:48.6227362Z 09:52:48.621 INFO  User cache: /home/vsts/.sonar/cache
2025-05-26T09:52:48.6228255Z 09:52:48.622 DEBUG Create: /home/vsts/.sonar/cache/_tmp
2025-05-26T09:52:49.1373551Z 09:52:49.136 DEBUG Loading OS trusted SSL certificates...
2025-05-26T09:52:49.1375140Z 09:52:49.136 DEBUG This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
2025-05-26T09:52:49.5865869Z 09:52:49.585 DEBUG Loaded [440] system trusted certificates
2025-05-26T09:52:49.9928432Z 09:52:49.988 DEBUG Loaded truststore from '/usr/lib/jvm/temurin-17-jdk-amd64/lib/security/cacerts' containing 146 certificates
2025-05-26T09:52:50.6858247Z 09:52:50.684 DEBUG --> GET https://***/api/v2/analysis/version
2025-05-26T09:52:51.0749825Z 09:52:51.073 DEBUG <-- 401 https://***/api/v2/analysis/version (388ms, 0-byte body)
2025-05-26T09:52:51.0825724Z 09:52:51.081 DEBUG --> GET https://***/api/server/version
2025-05-26T09:52:51.1022606Z 09:52:51.101 DEBUG <-- 200 https://***/api/server/version (19ms, 13-byte body)
2025-05-26T09:52:51.1096867Z ##[error]09:52:51.103 ERROR Failed to query server version: GET https://***/api/v2/analysis/version failed with HTTP 401. Please check the property sonar.token or the environment variable SONAR_TOKEN.
org.sonarsource.scanner.lib.internal.MessageException: Failed to query server version: GET https://***/api/v2/analysis/version failed with HTTP 401
	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.getServerVersion(ScannerEngineBootstrapper.java:298)
	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrapServer(ScannerEngineBootstrapper.java:168)
	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:151)
	at org.sonarsource.scanner.cli.Main.analyze(Main.java:76)
	at org.sonarsource.scanner.cli.Main.main(Main.java:64)
Caused by: org.sonarsource.scanner.lib.internal.http.HttpException: GET https://***/api/v2/analysis/version failed with HTTP 401
	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callUrl(ScannerHttpClient.java:137)
	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callApi(ScannerHttpClient.java:121)
	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callRestApi(ScannerHttpClient.java:103)
	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.getServerVersion(ScannerEngineBootstrapper.java:286)
	... 4 common frames omitted
2025-05-26T09:52:51.1111735Z 09:52:51.103 ERROR Failed to query server version: GET https://***/api/v2/analysis/version failed with HTTP 401. Please check the property sonar.token or the environment variable SONAR_TOKEN.
2025-05-26T09:52:51.1112267Z org.sonarsource.scanner.lib.internal.MessageException: Failed to query server version: GET https://***/api/v2/analysis/version failed with HTTP 401
2025-05-26T09:52:51.1112699Z 	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.getServerVersion(ScannerEngineBootstrapper.java:298)
2025-05-26T09:52:51.1113120Z 	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrapServer(ScannerEngineBootstrapper.java:168)
2025-05-26T09:52:51.1113533Z 	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:151)
2025-05-26T09:52:51.1113900Z 	at org.sonarsource.scanner.cli.Main.analyze(Main.java:76)
2025-05-26T09:52:51.1114870Z 	at org.sonarsource.scanner.cli.Main.main(Main.java:64)
2025-05-26T09:52:51.1115258Z Caused by: org.sonarsource.scanner.lib.internal.http.HttpException: GET https://***/api/v2/analysis/version failed with HTTP 401
2025-05-26T09:52:51.1115670Z 	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callUrl(ScannerHttpClient.java:137)
2025-05-26T09:52:51.1116064Z 	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callApi(ScannerHttpClient.java:121)
2025-05-26T09:52:51.1116457Z 	at org.sonarsource.scanner.lib.internal.http.ScannerHttpClient.callRestApi(ScannerHttpClient.java:103)
2025-05-26T09:52:51.1116875Z 	at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.getServerVersion(ScannerEngineBootstrapper.java:286)
2025-05-26T09:52:51.1117191Z 	... 4 common frames omitted
2025-05-26T09:52:51.1117433Z 09:52:51.106 DEBUG Scanner engine bootstrapping failed
2025-05-26T09:52:51.1117678Z 09:52:51.106 INFO  EXECUTION FAILURE
2025-05-26T09:52:51.1117909Z 09:52:51.108 INFO  Total time: 2.825s
2025-05-26T09:52:51.4492514Z ##[error][ERROR] SonarQube Server: Error while executing task Analyze: The process '/home/vsts/work/_tasks/SonarQubeAnalyze_6d01813a-9589-4b15-8491-8164aeb38055/7.3.0/sonar-scanner/bin/sonar-scanner' failed with exit code 1
2025-05-26T09:52:51.4495567Z ##[error]The process '/home/vsts/work/_tasks/SonarQubeAnalyze_6d01813a-9589-4b15-8491-8164aeb38055/7.3.0/sonar-scanner/bin/sonar-scanner' failed with exit code 1
2025-05-26T09:52:51.4557715Z ##[section]Finishing: SonarQube: Run code analysis

Hey there.

Is it possible that the token expired, or the permissions assigned to the user changed?

That said, I find it super strange that SonarQube returns a 401 on the first call, and then a 200 on the second but still fails.

What version of SonarQube are you using?

The version is Enterprise Edition v10.8.1 (101195)

Exactly, it’s quite strange.

However, when I access these endpoints, here’s what I observe:

• The endpoint api/server/version does not require authentication
• On the other hand, the endpoint api/v2/analysis/version does require authentication

Let’s accept that as true and intentional for now.

A 401 indicates missing authentication.

In your Azure DevOps Pipeline YML you should have defined a service connection as part of the SonarQubeAnalyze task that has a token defined. You should double check that service connection, and even try providing a new token.