Hi Team,
Sonar Qube Version 8.9.9.56886
We are trying to create a project analysis token ,we want to share the control to that particular sonar Project to map with developer. Right now at user level tokens are able to rewrite any project in SonarQube, which we want to restrict to project level.
Hey there.
These new analysis token types are only available in SonarQube v9.5+ (the latest version is v9.8, with v9.9 LTS coming in February 2023).
In SonarQube v8.9 LTS a token will always have the full permissions of the user it was generated for, which means limiting permissions via project permissions rather than token type.
Thanks Colin, We upgraded to V9.8 and its working now
Hello @Colin I have the latest release Sonarqube but cannot find “create project token” or anything like that. Could you please advise?
Thanks & Regards
Hey there.
Here is the documentation on User Tokens:
You can generate new tokens at User > My Account > Security.
But the question was about project token - as the documentation encourage to use project base tokens for security reason.
You can create a token on project creation. But I was not able any place to create/replace a token once the project is created.
Project tokens are generated at User > My Account > Security as well. The token is still generated for your user, but can only be used on a single project.