How to use SonarCloud with Conditional Access enabled in Azure AD?

  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Paid version of SonarCloud



Our private Azure DevOps organization is locked down to only allow corporate IP adresses for Personal Access Token usage. This means that we are forced to enable the setting “Enable Azure Active Directory Conditional Access Policy Validation”.
This is a mandatory setting within our corporation and we are not able to turn this off.

This prevents us from using SonarCloud with our Azure DevOps organization.

Solution or workaround:

  1. We allow the IP addresses SonarCloud uses in our Conditional Access Policy
    Judging from other posts in this forum this is not a solution since SonarCloud IP adresses are dynamic?

  2. ?

I have read several topics about this in this forum but it looks like it isn’t possible to use SonarCloud and Azure DevOps with Conditional Access Policy Validation enabled?

Is this really correct?

Hi @Mattias and welcome to the community :slight_smile:
I’m not familiar with AAD Conditional Access Policy Validation and from what I understand, it seems like it’s not possible indeed. I will ask the question internally and see if someone has a idea :wink:

1 Like